Attachment 6761 Details for Bug 38043 – Patch prohibiting the use of RC4 cipher suites in postfix

[patch] Patch prohibiting the use of RC4 cipher suites in postfix

postfix_tls_exclude_ciphers.patch (text/plain), 1.12 KB, created by Lutz Willek on 2015-03-15 18:52:38 CET

(hide)

Description:

Filename:

MIME Type:

Creator: Lutz Willek

Created: 2015-03-15 18:52:38 CET

Size: 1.12 KB

patch

obsolete

>*** /etc/univention/templates/files/etc/postfix/main.cf.d_orig/60_tls	2015-03-15 16:16:07.083826870 +0100
>--- /etc/univention/templates/files/etc/postfix/main.cf.d/60_tls	2015-03-15 18:40:28.935804793 +0100
>***************
>*** 4,9 ****
>--- 4,10 ----
>  smtpd_starttls_timeout = 300s
>  smtpd_timeout = 300s
>  @!@
>+ print 'smtpd_tls_exclude_ciphers = %s' % baseConfig.get('mail/postfix/smtpd/tls/exclude_ciphers', 'RC4, aNULL')
>  fqdn = '%s.%s' % (baseConfig.get('hostname'), baseConfig.get('domainname'))
>  print 'smtpd_tls_cert_file = %s' % baseConfig.get('mail/postfix/ssl/certificate', '/etc/univention/ssl/%s/cert.pem' % fqdn)
>  print 'smtpd_tls_key_file = %s' % baseConfig.get('mail/postfix/ssl/key', '/etc/univention/ssl/%s/private.key' % fqdn)
>***************
>*** 25,30 ****
>--- 26,32 ----
>  # smtp client
>  @!@
>  print 'smtp_tls_security_level = %s' % baseConfig.get('mail/postfix/tls/client/level', 'none')
>+ print 'smtp_tls_exclude_ciphers = %s' % baseConfig.get('mail/postfix/tls/client/exclude_ciphers', 'RC4, aNULL') 
>  @!@
>  
>  # Support broken clients like Microsoft Outlook Express 4.x which expect AUTH=LOGIN instead of AUTH LOGIN

Actions: View | Diff

Attachments on bug 38043: 6761