[evolution-data-server/gnome-3-6] Do not use SSL_V2_COMPATIBLE_HELLO by default

[Milan Crha <mcrha src gnome org>]

commit 2cf90ed3ae1316f2d10f7b06fb34db84964f939b
Author: Milan Crha <mcrha redhat com>
Date:   Wed Feb 20 13:51:04 2013 +0100

    Do not use SSL_V2_COMPATIBLE_HELLO by default
    
    Zarafa server with disabled SSL v2 rejects connection when
    SSL v2 compatible hello is sent, thus disabled this by default.
    After all, SSL v3 should be used in general these days anyway.
    
    Use environment variable CAMEL_SSL_V2_HELLO=1 in case your server
    requires the old behavior.

 camel/camel-tcp-stream-ssl.c |   11 ++++++++++-
 1 files changed, 10 insertions(+), 1 deletions(-)
---
diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c
index d1f1bb7..c13881a 100644
--- a/camel/camel-tcp-stream-ssl.c
+++ b/camel/camel-tcp-stream-ssl.c
@@ -707,8 +707,17 @@ enable_ssl (CamelTcpStreamSSL *ssl,
        SSL_OptionSet (ssl_fd, SSL_SECURITY, PR_TRUE);
 
        if (ssl->priv->flags & CAMEL_TCP_STREAM_SSL_ENABLE_SSL2) {
+               static gchar v2_hello = -1;
+
+               /* Zarafa server with disabled SSL v2 rejects connection when
+                  SSL v2 compatible hello is sent, thus disabled this by default.
+                  After all, SSL v3 should be used in general these days anyway.
+               */
+               if (v2_hello == -1)
+                       v2_hello = g_strcmp0 (g_getenv ("CAMEL_SSL_V2_HELLO"), "1") == 0 ? 1 : 0;
+
                SSL_OptionSet (ssl_fd, SSL_ENABLE_SSL2, PR_TRUE);
-               SSL_OptionSet (ssl_fd, SSL_V2_COMPATIBLE_HELLO, PR_TRUE);
+               SSL_OptionSet (ssl_fd, SSL_V2_COMPATIBLE_HELLO, v2_hello ? PR_TRUE : PR_FALSE);
        } else {
                SSL_OptionSet (ssl_fd, SSL_ENABLE_SSL2, PR_FALSE);
                SSL_OptionSet (ssl_fd, SSL_V2_COMPATIBLE_HELLO, PR_FALSE);