From 52b1008b300a3bf48941ce482d5d0c8da163fe53 Mon Sep 17 00:00:00 2001
From: manuel <manuel@mausz.at>
Date: Tue, 4 Dec 2018 10:38:27 +0100
Subject: Disable TLS 1.0

---
 qmail-smtpd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'qmail-smtpd.c')

diff --git a/qmail-smtpd.c b/qmail-smtpd.c
index d5be4af..2a1fd71 100644
--- a/qmail-smtpd.c
+++ b/qmail-smtpd.c
@@ -1432,7 +1432,7 @@ void tls_init()
   /* a new SSL context with the bare minimum of options */
   ctx = SSL_CTX_new(SSLv23_server_method());
   if (!ctx) { tls_err("unable to initialize ctx"); return; }
-  SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3 |
+  SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 |
                            SSL_OP_CIPHER_SERVER_PREFERENCE |
                            SSL_OP_PRIORITIZE_CHACHA);
 
-- 
cgit v1.2.3