X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=socket.c;h=e8ed58402f80d3113ba8754c9b0007eb56d46bd3;hb=f78031293074cfd648a4f5453727a687d6886490;hp=ab283780bb02056915210a94e4c457ee79a66e57;hpb=ecfb21f7457a5137b4664c139ecd69cd36c375f5;p=~andy%2Ffetchmail

diff --git a/socket.c b/socket.c
index ab283780..e8ed5840 100644
--- a/socket.c
+++ b/socket.c
@@ -101,6 +101,7 @@ static char *const *parse_plugin(const char *plugin, const char *host, const cha
 	if (!argvec)
 	{
 		report(stderr, GT_("fetchmail: malloc failed\n"));
+		free(plugin_copy);
 		return NULL;
 	}
 	memset(argvec, 0, s);
@@ -264,7 +265,6 @@ int SockOpen(const char *host, const char *service,
 	    continue;
 	}
 
-	SockTimeout(i, mytimeout);
 	SockKeepalive(i);
 
 	/* Save socket descriptor.
@@ -320,6 +320,7 @@ int SockPrintf(int sock, const char* format, ...)
 }
 
 #ifdef SSL_ENABLE
+#define OPENSSL_NO_SSL_INTERN 1
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
@@ -536,7 +537,7 @@ static int SSL_verify_callback( int ok_return, X509_STORE_CTX *ctx, int strict )
 
 	if (outlevel >= O_VERBOSE) {
 		if (depth == 0 && SSLverbose)
-			report(stderr, GT_("Server certificate:\n"));
+			report(stdout, GT_("Server certificate:\n"));
 		else {
 			if (_firstrun) {
 				_firstrun = 0;
@@ -826,7 +827,7 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
 		return(-1);
 	}
 
-	SSL_CTX_set_options(_ctx[sock], SSL_OP_ALL | SSL_OP_NO_SSLv2);
+	SSL_CTX_set_options(_ctx[sock], (SSL_OP_ALL | SSL_OP_NO_SSLv2) & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
 
 	if (certck) {
 		SSL_CTX_set_verify(_ctx[sock], SSL_VERIFY_PEER, SSL_ck_verify_callback);