diff options
| author | Gilles Chehade <gilles@cvs.openbsd.org> | 2014-10-16 09:40:47 +0000 |
|---|---|---|
| committer | Gilles Chehade <gilles@cvs.openbsd.org> | 2014-10-16 09:40:47 +0000 |
| commit | 2423ac1cb3f0d425772710ab4c939e2eaacef497 (patch) | |
| tree | 4072991f33da18009abe5c4e90964bedaa69f633 /usr.sbin | |
| parent | f617996b6c6060150f5a26c4610a9dfc5770e9f2 (diff) | |
disable SSLv3
ok jsing@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/smtpd/ssl.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c index 11f1aa81409..981f2b0c21c 100644 --- a/usr.sbin/smtpd/ssl.c +++ b/usr.sbin/smtpd/ssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.c,v 1.71 2014/10/02 18:30:21 deraadt Exp $ */ +/* $OpenBSD: ssl.c,v 1.72 2014/10/16 09:40:46 gilles Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -263,7 +263,7 @@ ssl_ctx_create(const char *pkiname, char *cert, off_t cert_len) SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); SSL_CTX_set_timeout(ctx, SSL_SESSION_TIMEOUT); SSL_CTX_set_options(ctx, - SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_TICKET); + SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TICKET); SSL_CTX_set_options(ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION); |