byterazor/qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #192 from jaredj/nosslv3

Browse Source 
Disable SSLv3
This commit is contained in:
Matt Simerson 2015-01-07 15:22:16 -08:00
commit 371a9bf4a0
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/tls
View File

@ -86,6 +86,9 @@ sub init {
local $^W; # this bit is very noisy... local $^W; # this bit is very noisy...
my $ssl_ctx = my $ssl_ctx =
IO::Socket::SSL::SSL_Context->new( IO::Socket::SSL::SSL_Context->new(
# Disable SSLv2 and SSLv3 to avoid POODLE attacks. This is already
# the default in sufficiently recent versions of IO::Socket::SSL
SSL_version => 'SSLv23:!SSLv3:!SSLv2',
SSL_use_cert => 1, SSL_use_cert => 1,
SSL_cert_file => $self->tls_cert, SSL_cert_file => $self->tls_cert,
SSL_key_file => $self->tls_key, SSL_key_file => $self->tls_key,