Date: Thu, 30 Oct 2014 04:50:43 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 194699] New: no way to disable weak ciphers in mail/imap-uw Message-ID: <bug-194699-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194699 Bug ID: 194699 Summary: no way to disable weak ciphers in mail/imap-uw Product: Ports Tree Version: Latest Hardware: Any OS: Any Status: Needs Triage Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: velcroleaf@rocketmail.com There is currently no way to configure the list of used ciphers in mail/imap-uw. As I understand it, the relevant line is located in c-client/ssl_unix.c and is hard-coded to be somewhat insecure: #define SSLCIPHERLIST "ALL:!LOW" If we could provide our own value for SSLCIPHERLIST at compile time, that would solve the issue. security/openssl allows you to disable SSLv2 and SSLv3 with options used at compile time, but not all ports currently function without SSLv2 and SSLv3 support enabled, so you can't solve this problem using that trick either. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-194699-13>