On 10/15/14 21:32, Jimmy Dorff:
 Is this possible to disable SSLv3 and only accept imaps using TLS?

I created custom source patch for osdep/unix/ssl_unix.c

Such patch allow me to write something like

set ssl-protocols -ALL +TLSv1
set ssl-cipher-list HIGH:!ADH:!EXPORT56:!SSLv2

into c-client.cf file.

I'm on CentOS Linux and specifically using the panda-imap now on github.

My patch has been created for imap-uw. I'm not familiar with panda-imap sources. It may or may not be portable to them.

Is the patch available for testing?

See http://www.freebsd.cz/~dan/patch-DAN-SETSSLCIPHER

Did your patch also allow DHE ciphers to be used?

My ssl-cipher-list accept the same values as -cipher option of underlying OpenSSL library

Dan


_______________________________________________
Imap-uw mailing list
[email protected]
http://mailman13.u.washington.edu/mailman/listinfo/imap-uw

Reply via email to