dovecot-2.0-sslstream: login: Now properly disable SSLv2 support.
dovecot at dovecot.org
dovecot at dovecot.org
Sat Feb 13 03:00:20 EET 2010
details: http://hg.dovecot.org/dovecot-2.0-sslstream/rev/9a5f3e3b0197
changeset: 10627:9a5f3e3b0197
user: Timo Sirainen <tss at iki.fi>
date: Tue Feb 02 15:00:15 2010 +0200
description:
login: Now properly disable SSLv2 support.
diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
src/login-common/ssl-proxy-openssl.c | 2 +-
diffs (12 lines):
diff -r b0239838bdfe -r 9a5f3e3b0197 src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c Tue Feb 02 14:16:50 2010 +0200
+++ b/src/login-common/ssl-proxy-openssl.c Tue Feb 02 15:00:15 2010 +0200
@@ -917,7 +917,7 @@ ssl_proxy_ctx_init(SSL_CTX *ssl_ctx, con
X509_STORE *store;
STACK_OF(X509_NAME) *xnames = NULL;
- SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
if (*set->ssl_ca != '\0') {
/* set trusted CA certs */
store = SSL_CTX_get_cert_store(ssl_ctx);
More information about the dovecot-cvs
mailing list