diff --git a/modoboa_installer/package.py b/modoboa_installer/package.py index 841cda6..e4b00cc 100644 --- a/modoboa_installer/package.py +++ b/modoboa_installer/package.py @@ -53,9 +53,9 @@ class DEBPackage(Package): """Get installed package version.""" code, output = utils.exec_cmd( "dpkg -s {} | grep Version".format(name), capture_output=True) - match = re.match(r"Version: \d:(.+)-\d", output.decode()) + match = re.match(r"Version: (\d:)?(.+)-\d", output.decode()) if match: - return match.group(1) + return match.group(2) return None diff --git a/modoboa_installer/scripts/dovecot.py b/modoboa_installer/scripts/dovecot.py index 1e1f086..37b5146 100644 --- a/modoboa_installer/scripts/dovecot.py +++ b/modoboa_installer/scripts/dovecot.py @@ -55,6 +55,9 @@ class Dovecot(base.Installer): """Additional variables.""" context = super(Dovecot, self).get_template_context() pw = pwd.getpwnam(self.user) + ssl_protocols = "!SSLv2 !SSLv3" + if package.backend.get_installed_version("openssl").startswith("1.1"): + ssl_protocols = "!SSLv3" if "centos" in utils.dist_name(): protocols = "protocols = imap lmtp sieve" extra_protocols = self.config.get("dovecot", "extra_protocols") @@ -70,7 +73,8 @@ class Dovecot(base.Installer): "modoboa_dbname": self.config.get("modoboa", "dbname"), "modoboa_dbuser": self.config.get("modoboa", "dbuser"), "modoboa_dbpassword": self.config.get("modoboa", "dbpassword"), - "protocols": protocols + "protocols": protocols, + "ssl_protocols": ssl_protocols }) return context diff --git a/modoboa_installer/scripts/files/dovecot/conf.d/10-ssl.conf.tpl b/modoboa_installer/scripts/files/dovecot/conf.d/10-ssl.conf.tpl index 93f4d9a..10c127b 100644 --- a/modoboa_installer/scripts/files/dovecot/conf.d/10-ssl.conf.tpl +++ b/modoboa_installer/scripts/files/dovecot/conf.d/10-ssl.conf.tpl @@ -41,7 +41,7 @@ ssl_key = <%tls_key_file #ssl_parameters_regenerate = 168 # SSL protocols to use -ssl_protocols = !SSLv2 !SSLv3 +ssl_protocols = %ssl_protocols # SSL ciphers to use