make qmail support EC keys

author: manuel <manuel@mausz.at> 2016-08-07 16:21:27 +0200
committer: manuel <manuel@mausz.at> 2016-08-07 16:21:27 +0200
commit: 59180d2a12cbd4cef4a45d0eedc63818ae1d14e3 (patch)
tree: 0e93c928b9b292714c8d3959d48ece3c4561719e
parent: 017cfe9f35802a2846391cce20dfb1516dc40a30 (diff)
download: qmail-59180d2a12cbd4cef4a45d0eedc63818ae1d14e3.tar.gz
qmail-59180d2a12cbd4cef4a45d0eedc63818ae1d14e3.tar.bz2
qmail-59180d2a12cbd4cef4a45d0eedc63818ae1d14e3.zip
2 files changed, 3 insertions, 3 deletions
diff --git a/qmail-remote.c b/qmail-remote.c
index 02c69e3..94c6c0d 100644
--- a/qmail-remote.c
+++ b/qmail-remote.c
@@ -499,7 +499,7 @@ int tls_init()
  /* let the other side complain if it needs a cert and we don't have one */
  if (SSL_CTX_use_certificate_chain_file(ctx, CLIENTCERT))
-    SSL_CTX_use_RSAPrivateKey_file(ctx, CLIENTCERT, SSL_FILETYPE_PEM);
+    SSL_CTX_use_PrivateKey_file(ctx, CLIENTCERT, SSL_FILETYPE_PEM);
  myssl = SSL_new(ctx);
  SSL_CTX_free(ctx);
diff --git a/qmail-smtpd.c b/qmail-smtpd.c
index 34643b1..35630ac 100644
--- a/qmail-smtpd.c
+++ b/qmail-smtpd.c
@@ -1401,8 +1401,8 @@ void tls_init()
  if (!myssl) { tls_err("unable to initialize ssl"); return; }
  /* this will also check whether public and private keys match */
-  if (!SSL_use_RSAPrivateKey_file(myssl, servercert, SSL_FILETYPE_PEM))
+  if (!SSL_use_PrivateKey_file(myssl, servercert, SSL_FILETYPE_PEM))
-    { SSL_free(myssl); tls_err("no valid RSA private key"); return; }
+    { SSL_free(myssl); tls_err("no valid private key"); return; }
  ciphers = env_get("TLSCIPHERS");
  if (!ciphers) {
author	manuel <manuel@mausz.at>	2016-08-07 16:21:27 +0200
committer	manuel <manuel@mausz.at>	2016-08-07 16:21:27 +0200
commit	59180d2a12cbd4cef4a45d0eedc63818ae1d14e3 (patch)
tree	0e93c928b9b292714c8d3959d48ece3c4561719e
parent	017cfe9f35802a2846391cce20dfb1516dc40a30 (diff)
download	qmail-59180d2a12cbd4cef4a45d0eedc63818ae1d14e3.tar.gz qmail-59180d2a12cbd4cef4a45d0eedc63818ae1d14e3.tar.bz2 qmail-59180d2a12cbd4cef4a45d0eedc63818ae1d14e3.zip

diff --git a/qmail-remote.c b/qmail-remote.c index 02c69e3..94c6c0d 100644 --- a/qmail-remote.c +++ b/qmail-remote.c
@@ -499,7 +499,7 @@ int tls_init()
499		499
500	/* let the other side complain if it needs a cert and we don't have one */	500	/* let the other side complain if it needs a cert and we don't have one */
501	if (SSL_CTX_use_certificate_chain_file(ctx, CLIENTCERT))	501	if (SSL_CTX_use_certificate_chain_file(ctx, CLIENTCERT))
502	SSL_CTX_use_RSAPrivateKey_file(ctx, CLIENTCERT, SSL_FILETYPE_PEM);	502	SSL_CTX_use_PrivateKey_file(ctx, CLIENTCERT, SSL_FILETYPE_PEM);
503		503
504	myssl = SSL_new(ctx);	504	myssl = SSL_new(ctx);
505	SSL_CTX_free(ctx);	505	SSL_CTX_free(ctx);


diff --git a/qmail-smtpd.c b/qmail-smtpd.c index 34643b1..35630ac 100644 --- a/qmail-smtpd.c +++ b/qmail-smtpd.c
@@ -1401,8 +1401,8 @@ void tls_init()
1401	if (!myssl) { tls_err("unable to initialize ssl"); return; }	1401	if (!myssl) { tls_err("unable to initialize ssl"); return; }
1402		1402
1403	/* this will also check whether public and private keys match */	1403	/* this will also check whether public and private keys match */
1404	if (!SSL_use_RSAPrivateKey_file(myssl, servercert, SSL_FILETYPE_PEM))	1404	if (!SSL_use_PrivateKey_file(myssl, servercert, SSL_FILETYPE_PEM))
1405	{ SSL_free(myssl); tls_err("no valid RSA private key"); return; }	1405	{ SSL_free(myssl); tls_err("no valid private key"); return; }
1406		1406
1407	ciphers = env_get("TLSCIPHERS");	1407	ciphers = env_get("TLSCIPHERS");
1408	if (!ciphers) {	1408	if (!ciphers) {