diff options
Diffstat (limited to 'qmail-smtpd.c')
| -rw-r--r-- | qmail-smtpd.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/qmail-smtpd.c b/qmail-smtpd.c index 5b862a0..d5be4af 100644 --- a/qmail-smtpd.c +++ b/qmail-smtpd.c | |||
| @@ -1432,8 +1432,9 @@ void tls_init() | |||
| 1432 | /* a new SSL context with the bare minimum of options */ | 1432 | /* a new SSL context with the bare minimum of options */ |
| 1433 | ctx = SSL_CTX_new(SSLv23_server_method()); | 1433 | ctx = SSL_CTX_new(SSLv23_server_method()); |
| 1434 | if (!ctx) { tls_err("unable to initialize ctx"); return; } | 1434 | if (!ctx) { tls_err("unable to initialize ctx"); return; } |
| 1435 | SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | | 1435 | SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3 | |
| 1436 | SSL_OP_CIPHER_SERVER_PREFERENCE); | 1436 | SSL_OP_CIPHER_SERVER_PREFERENCE | |
| 1437 | SSL_OP_PRIORITIZE_CHACHA); | ||
| 1437 | 1438 | ||
| 1438 | if (!SSL_CTX_use_certificate_chain_file(ctx, servercert)) | 1439 | if (!SSL_CTX_use_certificate_chain_file(ctx, servercert)) |
| 1439 | { SSL_CTX_free(ctx); tls_err("missing certificate"); return; } | 1440 | { SSL_CTX_free(ctx); tls_err("missing certificate"); return; } |