]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
projects / thirdparty / dovecot / core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f059a04)
ssl_ciphers_list: Disable anonymous and export ciphers by default.
authorTimo Sirainen <tss@iki.fi>
Tue, 20 Oct 2009 23:20:42 +0000 (19:20 -0400)
committerTimo Sirainen <tss@iki.fi>
Tue, 20 Oct 2009 23:20:42 +0000 (19:20 -0400)
--HG--
branch : HEAD

doc/example-config/conf.d/ssl.conf patch | blob | blame | history
src/login-common/login-settings.c patch | blob | blame | history

diff --git a/doc/example-config/conf.d/ssl.conf b/doc/example-config/conf.d/ssl.conf
index 3530f87914b74695e1e04666db87a4b90a48c466..6ff88d3d2f91ca0db241cbaa5886eac2fef42785 100644 (file)
--- a/doc/example-config/conf.d/ssl.conf
+++ b/doc/example-config/conf.d/ssl.conf
@@ -38,4 +38,4 @@ ssl_key = </etc/ssl/private/dovecot.pem
 #ssl_parameters_regenerate = 168
 
 # SSL ciphers to use
-#ssl_cipher_list = ALL:!LOW:!SSLv2
+#ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
diff --git a/src/login-common/login-settings.c b/src/login-common/login-settings.c
index 072cd97e1b1cecbab1eb7a95aec101c23b580039..1b4b4f829b40b69fb9198eead51b1561cd59ebbc 100644 (file)
--- a/src/login-common/login-settings.c
+++ b/src/login-common/login-settings.c
@@ -55,7 +55,7 @@ static struct login_settings login_default_settings = {
        MEMBER(ssl_key) "",
        MEMBER(ssl_key_password) "",
        MEMBER(ssl_parameters_file) "ssl-parameters.dat",
-       MEMBER(ssl_cipher_list) "ALL:!LOW:!SSLv2",
+       MEMBER(ssl_cipher_list) "ALL:!LOW:!SSLv2:!EXP:!aNULL",
        MEMBER(ssl_cert_username_field) "commonName",
        MEMBER(ssl_verify_client_cert) FALSE,
        MEMBER(ssl_require_client_cert) FALSE,
Mirror of https://github.com/dovecot/core.git