Disable SSLv3 and enable prefer server ciphers

author: manuel <manuel@mausz.at> 2018-04-16 15:53:39 +0200
committer: manuel <manuel@mausz.at> 2018-04-16 15:53:39 +0200
commit: 3ddb39faf72f52fe4089e40cd9fe75cb11965fe1 (patch)
tree: 14df3967eae20cdfa487908264a58a9427bb4470 /qmail-remote.c
parent: 633250158229d6a161df8b037faeacb61f068471 (diff)
download: qmail-3ddb39faf72f52fe4089e40cd9fe75cb11965fe1.tar.gz
qmail-3ddb39faf72f52fe4089e40cd9fe75cb11965fe1.tar.bz2
qmail-3ddb39faf72f52fe4089e40cd9fe75cb11965fe1.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/qmail-remote.c b/qmail-remote.c
index adb7343..6c7fba0 100644
--- a/qmail-remote.c
+++ b/qmail-remote.c
@@ -483,7 +483,7 @@ int tls_init()
    smtptext.len = 0;
    tls_quit_error("ZTLS error initializing ctx");
  }
-  SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
+  SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
  if (servercert) {
    if (!SSL_CTX_load_verify_locations(ctx, servercert, NULL)) {
author	manuel <manuel@mausz.at>	2018-04-16 15:53:39 +0200
committer	manuel <manuel@mausz.at>	2018-04-16 15:53:39 +0200
commit	3ddb39faf72f52fe4089e40cd9fe75cb11965fe1 (patch)
tree	14df3967eae20cdfa487908264a58a9427bb4470 /qmail-remote.c
parent	633250158229d6a161df8b037faeacb61f068471 (diff)
download	qmail-3ddb39faf72f52fe4089e40cd9fe75cb11965fe1.tar.gz qmail-3ddb39faf72f52fe4089e40cd9fe75cb11965fe1.tar.bz2 qmail-3ddb39faf72f52fe4089e40cd9fe75cb11965fe1.zip

diff --git a/qmail-remote.c b/qmail-remote.c index adb7343..6c7fba0 100644 --- a/qmail-remote.c +++ b/qmail-remote.c
@@ -483,7 +483,7 @@ int tls_init()
483	smtptext.len = 0;	483	smtptext.len = 0;
484	tls_quit_error("ZTLS error initializing ctx");	484	tls_quit_error("ZTLS error initializing ctx");
485	}	485	}
486	SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);	486	SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 \| SSL_OP_NO_SSLv3);
487		487
488	if (servercert) {	488	if (servercert) {
489	if (!SSL_CTX_load_verify_locations(ctx, servercert, NULL)) {	489	if (!SSL_CTX_load_verify_locations(ctx, servercert, NULL)) {