2.2.34 broken if ssl_protocols contains !SSLv2

Stuart Henderson stu at spacehopper.org
Sun Mar 11 20:45:48 EET 2018

The code in ssl_protocols_to_min_protocol() to convert ssl_protocols to
min/max values can't cope with strings containing "!SSLv2".

dovecot: imap-login: Fatal: Unknown ssl_protocols setting: Unrecognized protocol 'SSLv2'

This string might be configured explicitly by the user, or if the user
hasn't configured this themselves it could also come from the default
because master_service_ssl_default_settings sets this:

#ifdef SSL_TXT_SSLV2
        .ssl_protocols = "!SSLv2 !SSLv3",
        .ssl_protocols = "!SSLv3",

More information about the dovecot mailing list