From 1b23ebf6449de5975f057ead439cc66041249783 Mon Sep 17 00:00:00 2001
From: se <se@example.com>
Date: Sat, 6 Jan 2018 19:10:52 +0900
Subject: Extend ssl_forbid_method to disable TLSv1.1

Origin: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874218#5
---
 rc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'rc.c')

diff --git a/rc.c b/rc.c
index 7de87b8..3900fb2 100644
--- a/rc.c
+++ b/rc.c
@@ -202,7 +202,7 @@ static int OptionEncode = FALSE;
 #define CMT_SSL_CA_PATH N_("Path to directory for PEM encoded certificates of CAs")
 #define CMT_SSL_CA_FILE N_("File consisting of PEM encoded certificates of CAs")
 #endif				/* USE_SSL_VERIFY */
-#define CMT_SSL_FORBID_METHOD N_("List of forbidden SSL methods (2: SSLv2, 3: SSLv3, t:TLSv1)")
+#define CMT_SSL_FORBID_METHOD N_("List of forbidden SSL methods (2: SSLv2, 3: SSLv3, t: TLSv1.0, t1.1: TLSv1.1)")
 #endif				/* USE_SSL */
 #ifdef USE_COOKIE
 #define CMT_USECOOKIE   N_("Enable cookie processing")
-- 
cgit v1.2.3