*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2019 */
+/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
/* Portions Copyright (c) The OpenSSL Project 1999 */
case SSL_ERROR_SSL:
{
uschar * s = US"SSL_accept";
- unsigned long e = ERR_peek_error();
- if (ERR_GET_REASON(e) == SSL_R_WRONG_VERSION_NUMBER)
+ int r = ERR_GET_REASON(ERR_peek_error());
+ if ( r == SSL_R_WRONG_VERSION_NUMBER
+#ifdef SSL_R_VERSION_TOO_LOW
+ || r == SSL_R_VERSION_TOO_LOW
+#endif
+ || r == SSL_R_UNKNOWN_PROTOCOL || r == SSL_R_UNSUPPORTED_PROTOCOL)
s = string_sprintf("%s (%s)", s, SSL_get_version(server_ssl));
(void) tls_error(s, NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
return FAIL;
tlsp->resumption |= RESUME_CLIENT_REQUESTED;
DEBUG(D_tls) debug_printf("checking for resumable session for %s\n", key);
- if ((dbm_file = dbfn_open(US"tls", O_RDONLY, &dbblock, FALSE, FALSE)))
+ if ((dbm_file = dbfn_open(US"tls", O_RDWR, &dbblock, FALSE, FALSE)))
{
/* key for the db is the IP */
if ((dt = dbfn_read_with_length(dbm_file, key, &len)))