On 03.06.15 17:05, Matus UHLAR - fantomas wrote:
>What would be best done, is to backport TLS1_1 and TLS1_2 support to the
>version in wheezy (that should be supported for 5 years since release).
>
>
>Sam, would you find that possible?
>
>Are there any commits updating openssl and tls1+ available on github
>(or anywhere else)?
I see two commits that could help the issue, could either one help?
2014-10-15 Rob Austein <s...@hactrn.net>
* libs/tcpd/libcouriertls.c (tls_create): Set SSL_OP_NOSSLv3 flag,
to disable SSL3 support.
2013-10-14 Sam Varshavchik <mr...@courier-mta.com>
* libs/tcpd/libcouriertls.c (tls_create): Add TLSv1_1_method() and
TLSv1_2 method(), based on patch by Rob Austein <s...@hactrn.net>.
* courier/module.esmtp/esmtpd.dist.in,
courier/module.esmtp/esmtpd-ssl.dist.in,
courier/courierd.dist.in,
libs/imap/pop3d-ssl.dist.in,
libs/imap/imapd-ssl.dist.in: Fix up differences in the
documentation of TLS options in various config files.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam is for losers who can't get business any other way.
------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
