Mercurial > dovecot > core-2.2
changeset 10626:9a5f3e3b0197 HEAD
login: Now properly disable SSLv2 support.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 02 Feb 2010 15:00:15 +0200 |
parents | b0239838bdfe |
children | 5e50d5597474 |
files | src/login-common/ssl-proxy-openssl.c |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/login-common/ssl-proxy-openssl.c Tue Feb 02 14:16:50 2010 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Tue Feb 02 15:00:15 2010 +0200 @@ -917,7 +917,7 @@ X509_STORE *store; STACK_OF(X509_NAME) *xnames = NULL; - SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); + SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2); if (*set->ssl_ca != '\0') { /* set trusted CA certs */ store = SSL_CTX_get_cert_store(ssl_ctx);