- openssl 1.1.0 does not support SSLv2 anymore (boo#1070761)
* changed dovecot-2.2.18-better_ssl_defaults.patch
* remove !SSLv2 from existing ssl_protocols configuration
during upgrade
You think people will prefer that the service won't start? :-)
The patch will specifically remove only the !SSLv2 from the configuration.
<pre>
openssl-1.0.2:
ssl_protocols = !SSLv2 !SSLv3
openssl-1.1.0:
ssl_protocols = !SSLv3
</pre>
are equivalent. Even if you go back to openssl-1.0.2, the situation will not change, since SSLv2 was disabled by default already.
- openssl 1.1.0 does not support SSLv2 anymore (boo#1070761)
* changed dovecot-2.2.18-better_ssl_defaults.patch
* remove !SSLv2 from existing ssl_protocols configuration
during upgrade
I do not known if it is a really good idea to change a configuration file. The most user do not like it.
You think people will prefer that the service won't start? :-)
The patch will specifically remove only the !SSLv2 from the configuration. <pre> openssl-1.0.2: ssl_protocols = !SSLv2 !SSLv3 openssl-1.1.0: ssl_protocols = !SSLv3 </pre> are equivalent. Even if you go back to openssl-1.0.2, the situation will not change, since SSLv2 was disabled by default already.
@varkoly: review reminder