Jean-Philippe Pialasse
9e05a63784
- use esmith::ssl to set ciphers and protocol [SME: 12821] improve cipher order to get strongers first drop SSLv2
16 lines
609 B
Plaintext
16 lines
609 B
Plaintext
{
|
|
foreach my $sservice (qw(imap imaps pop3 pop3s)) {
|
|
$DB->set_prop($sservice, "type", "configuration") if ${$sservice}{type} eq "service";
|
|
}
|
|
# drop dovecot SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2 and move to ssl_min_protocol
|
|
# drop dovecot dh
|
|
foreach my $prope (qw( SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2 dh )) {
|
|
$DB->get_prop_and_delete('dovecot', $prope) if (exists $dovecot{$prope});
|
|
}
|
|
# drop SSLv2 from ssl_min_protocol
|
|
foreach my $prope (qw( SSLv2 )) {
|
|
$DB->get_prop_and_delete('dovecot', 'ssl_min_protocol') if (exists $dovecot{'ssl_min_protocol'} && $dovecot{'ssl_min_protocol'} eq $prope);
|
|
}
|
|
|
|
}
|