From 35eba748d385bf2d69bd7dc8bcf4d5eb4f0e6b13 Mon Sep 17 00:00:00 2001 From: Zeljko Boros Date: Tue, 30 Jun 2020 16:11:33 +0200 Subject: [PATCH 1/1] =?utf8?q?=20=20*=20Non-Maintainer=20Upload=20=20=20*=20?= =?utf8?q?Izba=C4=8Dene=20SSLv2=20vrijednosti=20koje=20izbacuju=20gre=C5=A1k?= =?utf8?q?u?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- debian/changelog | 7 +++++++ debian/control | 1 + debian/postinst | 26 +++++++++++++++++++++++--- 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/debian/changelog b/debian/changelog index ece34fd..dcd05bf 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +dovecot-cn (1:2.2.27~cn1) stable; urgency=medium + + * Non-Maintainer Upload + * Izbačene SSLv2 vrijednosti koje izbacuju grešku + + -- Zeljko Boros Fri, 26 Jun 2020 14:51:36 +0200 + dovecot-cn (1:2.2.27~cn0) stable; urgency=medium * Prva verzija za stretch diff --git a/debian/control b/debian/control index 52083e8..be883b9 100644 --- a/debian/control +++ b/debian/control @@ -2,6 +2,7 @@ Source: dovecot-cn Section: net Priority: optional Maintainer: Ivan Rako +Uploaders: Ivan Rako , Zeljko Boros Build-Depends: debhelper (>= 9) Standards-Version: 3.9.8 diff --git a/debian/postinst b/debian/postinst index 1caedc8..c399682 100755 --- a/debian/postinst +++ b/debian/postinst @@ -33,7 +33,12 @@ cp_check_and_sed 'pop3_client_workarounds' \ /etc/dovecot/conf.d/20-pop3.conf || true cp_check_and_sed '#ssl_cipher_list' \ - 's/#ssl_cipher_list.*/ssl_cipher_list = ALL:!aNULL:!eNULL:!ADH!LOW:!MEDIUM:!EXP:!SSLv2:HIGH/g' \ + 's/#ssl_cipher_list.*/ssl_cipher_list = ALL:!aNULL:!eNULL:!ADH!LOW:!MEDIUM:!EXP:HIGH/g' \ + /etc/dovecot/conf.d/10-ssl.conf || true + +# izbacujemo SSLv2 +cp_check_and_sed 'ssl_cipher_list' \ + 's/:\!SSLv2//g' \ /etc/dovecot/conf.d/10-ssl.conf || true # trazio zelja @@ -64,11 +69,26 @@ fi -# dodao ico, gasi stare SSL protokole +# dodao ico, gasi SSLv3 protokol cp_check_and_sed '#ssl_protocols =' \ - 's/^#ssl_protocols.*/ssl_protocols = !SSLv2 !SSLv3/g' \ + 's/^#ssl_protocols.*/ssl_protocols = !SSLv3/g' \ + /etc/dovecot/conf.d/10-ssl.conf || true + +# dodao zelja, gasi stare SSL protokole +cp_check_and_sed 'ssl_protocols =' \ + 's/\!SSLv2 //g' \ /etc/dovecot/conf.d/10-ssl.conf || true +# dodao zelja, gasi stare SSL protokole/ciphere u 95-cn9-upgrade.conf ako postoje +if [ -f /etc/dovecot/conf.d/95-cn9-upgrade.conf ]; then + cp_check_and_sed 'ssl_protocols =' \ + 's/\!SSLv2 //g' \ + /etc/dovecot/conf.d/95-cn9-upgrade.conf || true + cp_check_and_sed 'ssl_cipher_list' \ + 's/:\!SSLv2//g' \ + /etc/dovecot/conf.d/95-cn9-upgrade.conf || true +fi + # restart service dovecot restart || true -- 1.7.10.4