Mercurial > dovecot > core-2.2
changeset 10625:b0239838bdfe HEAD
login: Use SSLv23_server_method() after all.
It appears to be the only method that supports both SSLv3 and TLSv1
connections, without breaking the other one.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 02 Feb 2010 14:16:50 +0200 |
parents | a07a699b3831 |
children | 9a5f3e3b0197 |
files | src/login-common/ssl-proxy-openssl.c |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/login-common/ssl-proxy-openssl.c Mon Feb 01 20:03:58 2010 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Tue Feb 02 14:16:50 2010 +0200 @@ -1098,7 +1098,7 @@ ctx->cipher_list = p_strdup(pool, set->ssl_cipher_list); ctx->verify_client_cert = set->ssl_verify_client_cert; - ctx->ctx = ssl_ctx = SSL_CTX_new(SSLv3_server_method()); + ctx->ctx = ssl_ctx = SSL_CTX_new(SSLv23_server_method()); if (ssl_ctx == NULL) i_fatal("SSL_CTX_new() failed"); xnames = ssl_proxy_ctx_init(ssl_ctx, set);