--- rpms/smeserver-dovecot/sme10/smeserver-dovecot-1.6.0-bz10934-Ciphers-and-TLS.patch	2020/05/02 03:53:21	1.1
+++ rpms/smeserver-dovecot/sme10/smeserver-dovecot-1.6.0-bz10934-Ciphers-and-TLS.patch	2020/05/05 02:09:38	1.4
@@ -8,14 +8,14 @@ diff -Nur smeserver-dovecot-1.6.0.old/ro
 -$proto .= ' !TLSv1' unless ($dovecot{'TLSv1'} || 'enabled') eq 'enabled';
 +$proto .= ' !TLSv1' unless ($dovecot{'TLSv1'} || 'disabled') eq 'enabled';
 +$proto .= ' !TLSv1.1' unless ($dovecot{'TLSv1.1'} || 'disabled') eq 'enabled';
-+$proto .= ' !TLSv1.2' unless ($dovecot{'TLSv1.2'} || 'disabled') eq 'enabled';
++$proto .= ' !TLSv1.2' unless ($dovecot{'TLSv1.2'} || 'enabled') eq 'enabled';
  
 -$OUT .= "ssl_protocols =$proto\n" if ($proto ne '');
 -$OUT .= "ssl_cipher_list = " . ($dovecot{CipherSuite} || $modSSL{CipherSuite} || 'HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4') . "\n";
 +my $dh = $dovecot{'dh'} || '4096';
 +$OUT .= "ssl_dh_parameters_length = $dh\n";
 +$OUT .= "ssl_protocols = $proto\n" if ($proto ne '');
-+$OUT .= "ssl_prefer_server_ciphers = yes\n"
++$OUT .= "ssl_prefer_server_ciphers = yes\n";
 +$OUT .= "ssl_cipher_list = " . ($dovecot{CipherSuite} || $modSSL{CipherSuite} || 'ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:HIGH@STRENGTH:!SSLv2:!ADH:!aNULL:!MD5:!RC4') . "\n";
  
  }