diff options
| author | Sam Varshavchik | 2020-12-01 19:37:58 -0500 |
|---|---|---|
| committer | Sam Varshavchik | 2020-12-01 19:37:58 -0500 |
| commit | 2081406b128d5ff222b2c957108b7f3cd16bba3f (patch) | |
| tree | c9a8c4849eae19f99f595d74e1d0e5c55839acaa | |
| parent | 5c826bd3a09ca686b5b18365839db7cfb33e3ccd (diff) | |
| parent | d02caaa8d2fc6c9907d9c96bc362dd4864834593 (diff) | |
| download | courier-libs-2081406b128d5ff222b2c957108b7f3cd16bba3f.tar.bz2 | |
Merge branch 'master' of github.com:svarshavchik/courier-libs into master
| -rw-r--r-- | imap/imapd-ssl.dist.in.git | 2 | ||||
| -rw-r--r-- | imap/pop3d-ssl.dist.in.git | 2 | ||||
| -rw-r--r-- | tcpd/libcouriertls.c | 2 |
3 files changed, 6 insertions, 0 deletions
diff --git a/imap/imapd-ssl.dist.in.git b/imap/imapd-ssl.dist.in.git index 8ed9e36..35880c8 100644 --- a/imap/imapd-ssl.dist.in.git +++ b/imap/imapd-ssl.dist.in.git @@ -138,7 +138,9 @@ COURIERTLS=@bindir@/couriertls # # TLSv1 - TLS 1.0, or higher. # TLSv1.1 - TLS1.1, or higher. +# TLSv1.1++ TLS1.1, or higher, without client-initiated renegotiation. # TLSv1.2 - TLS1.2, or higher. +# TLSv1.2++ TLS1.2, or higher, without client-initiated renegotiation. # # The default value is TLSv1 diff --git a/imap/pop3d-ssl.dist.in.git b/imap/pop3d-ssl.dist.in.git index bca75e8..dd352cd 100644 --- a/imap/pop3d-ssl.dist.in.git +++ b/imap/pop3d-ssl.dist.in.git @@ -125,7 +125,9 @@ COURIERTLS=@bindir@/couriertls # # TLSv1 - TLS 1.0, or higher. # TLSv1.1 - TLS1.1, or higher. +# TLSv1.1++ TLS1.1, or higher, without client-initiated renegotiation. # TLSv1.2 - TLS1.2, or higher. +# TLSv1.2++ TLS1.2, or higher, without client-initiated renegotiation. # # The default value is TLSv1. diff --git a/tcpd/libcouriertls.c b/tcpd/libcouriertls.c index 1f5a40f..246b90d 100644 --- a/tcpd/libcouriertls.c +++ b/tcpd/libcouriertls.c @@ -66,12 +66,14 @@ struct proto_ops op_list[] = { #ifdef SSL_OP_NO_TLSv1 #ifdef SSL_OP_NO_TLSv1_1 + { "TLSv1.2++", &SSLv23_method, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_RENEGOTIATION }, { "TLSv1.2+", &SSLv23_method, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1 }, { "TLSv1.2", &SSLv23_method, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1 }, #endif #endif #ifdef SSL_OP_NO_TLSv1 + { "TLSv1.1++", &SSLv23_method, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_RENEGOTIATION }, { "TLSv1.1+", &SSLv23_method, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1 }, { "TLSv1.1", &SSLv23_method, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1 }, #endif |