summaryrefslogtreecommitdiffstats
path: root/qmail-smtpd.c
diff options
context:
space:
mode:
Diffstat (limited to 'qmail-smtpd.c')
-rw-r--r--qmail-smtpd.c12
1 files changed, 0 insertions, 12 deletions
diff --git a/qmail-smtpd.c b/qmail-smtpd.c
index 8ae6af3..b2c0263 100644
--- a/qmail-smtpd.c
+++ b/qmail-smtpd.c
@@ -68,8 +68,6 @@ char *relayclient;
68# include "tls.h" 68# include "tls.h"
69# include "ssl_timeoutio.h" 69# include "ssl_timeoutio.h"
70 70
71# define CLIENTCA "control/clientca.pem"
72# define CLIENTCRL "control/clientcrl.pem"
73# define SERVERCERT "control/servercert.pem" 71# define SERVERCERT "control/servercert.pem"
74 72
75void tls_init(); 73void tls_init();
@@ -1441,16 +1439,6 @@ void tls_init()
1441 1439
1442 if (!SSL_CTX_use_certificate_chain_file(ctx, servercert)) 1440 if (!SSL_CTX_use_certificate_chain_file(ctx, servercert))
1443 { SSL_CTX_free(ctx); tls_err("missing certificate"); return; } 1441 { SSL_CTX_free(ctx); tls_err("missing certificate"); return; }
1444 SSL_CTX_load_verify_locations(ctx, CLIENTCA, NULL);
1445
1446#if OPENSSL_VERSION_NUMBER >= 0x00907000L
1447 /* crl checking */
1448 store = SSL_CTX_get_cert_store(ctx);
1449 if ((lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file())) &&
1450 (X509_load_crl_file(lookup, CLIENTCRL, X509_FILETYPE_PEM) == 1))
1451 X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK |
1452 X509_V_FLAG_CRL_CHECK_ALL);
1453#endif
1454 1442
1455 /* set the callback here; SSL_set_verify didn't work before 0.9.6c */ 1443 /* set the callback here; SSL_set_verify didn't work before 0.9.6c */
1456 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_cb); 1444 SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_cb);
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-11 16:18:03 +0000