/[smeserver]/rpms/smeserver-dovecot/sme10/smeserver-dovecot-1.6.0-bz10934-Ciphers-and-TLS.patch
ViewVC logotype

Diff of /rpms/smeserver-dovecot/sme10/smeserver-dovecot-1.6.0-bz10934-Ciphers-and-TLS.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.3 by jpp, Sun May 3 02:05:08 2020 UTC Revision 1.4 by jpp, Tue May 5 02:09:38 2020 UTC
# Line 8  diff -Nur smeserver-dovecot-1.6.0.old/ro Line 8  diff -Nur smeserver-dovecot-1.6.0.old/ro
8  -$proto .= ' !TLSv1' unless ($dovecot{'TLSv1'} || 'enabled') eq 'enabled';  -$proto .= ' !TLSv1' unless ($dovecot{'TLSv1'} || 'enabled') eq 'enabled';
9  +$proto .= ' !TLSv1' unless ($dovecot{'TLSv1'} || 'disabled') eq 'enabled';  +$proto .= ' !TLSv1' unless ($dovecot{'TLSv1'} || 'disabled') eq 'enabled';
10  +$proto .= ' !TLSv1.1' unless ($dovecot{'TLSv1.1'} || 'disabled') eq 'enabled';  +$proto .= ' !TLSv1.1' unless ($dovecot{'TLSv1.1'} || 'disabled') eq 'enabled';
11  +$proto .= ' !TLSv1.2' unless ($dovecot{'TLSv1.2'} || 'disabled') eq 'enabled';  +$proto .= ' !TLSv1.2' unless ($dovecot{'TLSv1.2'} || 'enabled') eq 'enabled';
12    
13  -$OUT .= "ssl_protocols =$proto\n" if ($proto ne '');  -$OUT .= "ssl_protocols =$proto\n" if ($proto ne '');
14  -$OUT .= "ssl_cipher_list = " . ($dovecot{CipherSuite} || $modSSL{CipherSuite} || 'HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4') . "\n";  -$OUT .= "ssl_cipher_list = " . ($dovecot{CipherSuite} || $modSSL{CipherSuite} || 'HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4') . "\n";
15  +my $dh = $dovecot{'dh'} || '4096';  +my $dh = $dovecot{'dh'} || '4096';
16  +$OUT .= "ssl_dh_parameters_length = $dh\n";  +$OUT .= "ssl_dh_parameters_length = $dh\n";
17  +$OUT .= "ssl_protocols = $proto\n" if ($proto ne '');  +$OUT .= "ssl_protocols = $proto\n" if ($proto ne '');
18  +$OUT .= "ssl_prefer_server_ciphers = yes\n"  +$OUT .= "ssl_prefer_server_ciphers = yes\n";
19  +$OUT .= "ssl_cipher_list = " . ($dovecot{CipherSuite} || $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4') . "\n";  +$OUT .= "ssl_cipher_list = " . ($dovecot{CipherSuite} || $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4') . "\n";
20    
21   }   }

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed