From 08723a94ed461a2f5969b21bb4ddb9f887a21d2a Mon Sep 17 00:00:00 2001 From: manuel Date: Tue, 1 Mar 2016 16:39:19 +0100 Subject: disable SSLv2 --- qmail-smtpd.c | 1 + 1 file changed, 1 insertion(+) (limited to 'qmail-smtpd.c') diff --git a/qmail-smtpd.c b/qmail-smtpd.c index 19e7c9b..1c462b4 100644 --- a/qmail-smtpd.c +++ b/qmail-smtpd.c @@ -1372,6 +1372,7 @@ void tls_init() /* a new SSL context with the bare minimum of options */ ctx = SSL_CTX_new(SSLv23_server_method()); if (!ctx) { tls_err("unable to initialize ctx"); return; } + SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); if (!SSL_CTX_use_certificate_chain_file(ctx, servercert)) { SSL_CTX_free(ctx); tls_err("missing certificate"); return; } -- cgit v1.2.3