Fix a problem which prevented -OServerSSLOptions or -OClientSSLOptions
specified in the command-line option from working. This patch has been accepted by the upstream. Reviewed by and discussed with: gshapiro
This commit is contained in:
parent
934381a7c5
commit
1c3e417caf
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/vendor/sendmail/dist/; revision=351553
14
src/conf.c
14
src/conf.c
@ -365,6 +365,20 @@ setdefaults(e)
|
|||||||
TLS_Srv_Opts = TLS_I_SRV;
|
TLS_Srv_Opts = TLS_I_SRV;
|
||||||
if (NULL == EVP_digest)
|
if (NULL == EVP_digest)
|
||||||
EVP_digest = EVP_md5();
|
EVP_digest = EVP_md5();
|
||||||
|
Srv_SSL_Options = SSL_OP_ALL;
|
||||||
|
Clt_SSL_Options = SSL_OP_ALL
|
||||||
|
# ifdef SSL_OP_NO_SSLv2
|
||||||
|
| SSL_OP_NO_SSLv2
|
||||||
|
# endif
|
||||||
|
# ifdef SSL_OP_NO_TICKET
|
||||||
|
| SSL_OP_NO_TICKET
|
||||||
|
# endif
|
||||||
|
;
|
||||||
|
# ifdef SSL_OP_TLSEXT_PADDING
|
||||||
|
/* SSL_OP_TLSEXT_PADDING breaks compatibility with some sites */
|
||||||
|
Srv_SSL_Options &= ~SSL_OP_TLSEXT_PADDING;
|
||||||
|
Clt_SSL_Options &= ~SSL_OP_TLSEXT_PADDING;
|
||||||
|
# endif /* SSL_OP_TLSEXT_PADDING */
|
||||||
#endif /* STARTTLS */
|
#endif /* STARTTLS */
|
||||||
#ifdef HESIOD_INIT
|
#ifdef HESIOD_INIT
|
||||||
HesiodContext = NULL;
|
HesiodContext = NULL;
|
||||||
|
16
src/readcf.c
16
src/readcf.c
@ -159,22 +159,6 @@ readcf(cfname, safe, e)
|
|||||||
FileName = cfname;
|
FileName = cfname;
|
||||||
LineNumber = 0;
|
LineNumber = 0;
|
||||||
|
|
||||||
#if STARTTLS
|
|
||||||
Srv_SSL_Options = SSL_OP_ALL;
|
|
||||||
Clt_SSL_Options = SSL_OP_ALL
|
|
||||||
# ifdef SSL_OP_NO_SSLv2
|
|
||||||
| SSL_OP_NO_SSLv2
|
|
||||||
# endif
|
|
||||||
# ifdef SSL_OP_NO_TICKET
|
|
||||||
| SSL_OP_NO_TICKET
|
|
||||||
# endif
|
|
||||||
;
|
|
||||||
# ifdef SSL_OP_TLSEXT_PADDING
|
|
||||||
/* SSL_OP_TLSEXT_PADDING breaks compatibility with some sites */
|
|
||||||
Srv_SSL_Options &= ~SSL_OP_TLSEXT_PADDING;
|
|
||||||
Clt_SSL_Options &= ~SSL_OP_TLSEXT_PADDING;
|
|
||||||
# endif /* SSL_OP_TLSEXT_PADDING */
|
|
||||||
#endif /* STARTTLS */
|
|
||||||
if (DontLockReadFiles)
|
if (DontLockReadFiles)
|
||||||
sff |= SFF_NOLOCK;
|
sff |= SFF_NOLOCK;
|
||||||
cf = safefopen(cfname, O_RDONLY, 0444, sff);
|
cf = safefopen(cfname, O_RDONLY, 0444, sff);
|
||||||
|
Loading…
Reference in New Issue
Block a user