dovecot-2.0: login: Use SSLv23_server_method() after all.
dovecot at dovecot.org
dovecot at dovecot.org
Tue Feb 2 14:17:10 EET 2010
details: http://hg.dovecot.org/dovecot-2.0/rev/b0239838bdfe
changeset: 10625:b0239838bdfe
user: Timo Sirainen <tss at iki.fi>
date: Tue Feb 02 14:16:50 2010 +0200
description:
login: Use SSLv23_server_method() after all.
It appears to be the only method that supports both SSLv3 and TLSv1
connections, without breaking the other one.
diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
src/login-common/ssl-proxy-openssl.c | 2 +-
diffs (12 lines):
diff -r a07a699b3831 -r b0239838bdfe src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c Mon Feb 01 20:03:58 2010 +0200
+++ b/src/login-common/ssl-proxy-openssl.c Tue Feb 02 14:16:50 2010 +0200
@@ -1098,7 +1098,7 @@ ssl_server_context_init(const struct log
ctx->cipher_list = p_strdup(pool, set->ssl_cipher_list);
ctx->verify_client_cert = set->ssl_verify_client_cert;
- ctx->ctx = ssl_ctx = SSL_CTX_new(SSLv3_server_method());
+ ctx->ctx = ssl_ctx = SSL_CTX_new(SSLv23_server_method());
if (ssl_ctx == NULL)
i_fatal("SSL_CTX_new() failed");
xnames = ssl_proxy_ctx_init(ssl_ctx, set);
More information about the dovecot-cvs
mailing list