Mercurial > dovecot > original-hg > dovecot-1.2
changeset 4696:abf9a1234b99 HEAD
Don't allow SSLv2 by default.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Mon, 16 Oct 2006 01:10:30 +0300 |
| parents | 07afd19bc53e |
| children | ad68cb8119e1 |
| files | dovecot-example.conf src/login-common/ssl-proxy-openssl.c |
| diffstat | 2 files changed, 2 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/dovecot-example.conf Mon Oct 16 01:07:10 2006 +0300 +++ b/dovecot-example.conf Mon Oct 16 01:10:30 2006 +0300 @@ -108,7 +108,7 @@ #ssl_parameters_regenerate = 168 # SSL ciphers to use -#ssl_cipher_list = ALL:!LOW +#ssl_cipher_list = ALL:!LOW:!SSLv2 # Show protocol level SSL errors. #verbose_ssl = no
--- a/src/login-common/ssl-proxy-openssl.c Mon Oct 16 01:07:10 2006 +0300 +++ b/src/login-common/ssl-proxy-openssl.c Mon Oct 16 01:10:30 2006 +0300 @@ -22,7 +22,7 @@ #include <openssl/err.h> #include <openssl/rand.h> -#define DOVECOT_SSL_DEFAULT_CIPHER_LIST "ALL:!LOW" +#define DOVECOT_SSL_DEFAULT_CIPHER_LIST "ALL:!LOW:!SSLv2" /* Check every 30 minutes if parameters file has been updated */ #define SSL_PARAMFILE_CHECK_INTERVAL (60*30)