/[smeserver]/rpms/smeserver-dovecot/sme10/smeserver-dovecot-1.6.0-bz10934-Ciphers-and-TLS.patch
ViewVC logotype

Annotation of /rpms/smeserver-dovecot/sme10/smeserver-dovecot-1.6.0-bz10934-Ciphers-and-TLS.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.4 - (hide annotations) (download)
Tue May 5 02:09:38 2020 UTC (4 years, 6 months ago) by jpp
Branch: MAIN
CVS Tags: smeserver-dovecot-1_6_0-21_el7_sme, smeserver-dovecot-1_6_0-18_el7_sme, smeserver-dovecot-1_6_0-13_el7_sme, smeserver-dovecot-1_6_0-20_el7_sme, smeserver-dovecot-1_6_0-15_el7_sme, smeserver-dovecot-1_6_0-16_el7_sme, smeserver-dovecot-1_6_0-11_el7_sme, smeserver-dovecot-1_6_0-12_el7_sme, smeserver-dovecot-1_6_0-17_el7_sme, smeserver-dovecot-1_6_0-14_el7_sme, smeserver-dovecot-1_6_0-19_el7_sme, HEAD
Changes since 1.3: +2 -2 lines
* Mon May 04 2020 Jean-Philipe Pialasse <tests@pialasse.com> 1.6.0-11.sme
- fix typo in enabling TLSv1.2 as default [SME: 10934]

1 jpp 1.1 diff -Nur smeserver-dovecot-1.6.0.old/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/35ssl smeserver-dovecot-1.6.0/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/35ssl
2     --- smeserver-dovecot-1.6.0.old/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/35ssl 2020-05-01 23:07:25.696000000 -0400
3     +++ smeserver-dovecot-1.6.0/root/etc/e-smith/templates/etc/dovecot/dovecot.conf/35ssl 2020-05-01 23:41:57.772000000 -0400
4     @@ -6,9 +6,14 @@
5     my $proto = '';
6     $proto .= ' !SSLv2' unless ($dovecot{'SSLv2'} || 'disabled') eq 'enabled';
7     $proto .= ' !SSLv3' unless ($dovecot{'SSLv3'} || 'disabled') eq 'enabled';
8     -$proto .= ' !TLSv1' unless ($dovecot{'TLSv1'} || 'enabled') eq 'enabled';
9     +$proto .= ' !TLSv1' unless ($dovecot{'TLSv1'} || 'disabled') eq 'enabled';
10 jpp 1.3 +$proto .= ' !TLSv1.1' unless ($dovecot{'TLSv1.1'} || 'disabled') eq 'enabled';
11 jpp 1.4 +$proto .= ' !TLSv1.2' unless ($dovecot{'TLSv1.2'} || 'enabled') eq 'enabled';
12 jpp 1.1
13     -$OUT .= "ssl_protocols =$proto\n" if ($proto ne '');
14     -$OUT .= "ssl_cipher_list = " . ($dovecot{CipherSuite} || $modSSL{CipherSuite} || 'HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4') . "\n";
15     +my $dh = $dovecot{'dh'} || '4096';
16     +$OUT .= "ssl_dh_parameters_length = $dh\n";
17     +$OUT .= "ssl_protocols = $proto\n" if ($proto ne '');
18 jpp 1.4 +$OUT .= "ssl_prefer_server_ciphers = yes\n";
19 jpp 1.1 +$OUT .= "ssl_cipher_list = " . ($dovecot{CipherSuite} || $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4') . "\n";
20    
21     }

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed