diff options
| author | Gilles Chehade <gilles@cvs.openbsd.org> | 2012-01-11 20:00:38 +0000 |
|---|---|---|
| committer | Gilles Chehade <gilles@cvs.openbsd.org> | 2012-01-11 20:00:38 +0000 |
| commit | 53e1057047c8971efed9a5825e5b9d7dea232a89 (patch) | |
| tree | 302ad71b69e8e4ffcfadd7a666f73abf188075d0 /usr.sbin | |
| parent | 48eb54fbc2fa11d51b755d899dad6da34fb96af0 (diff) | |
enable back CA support, just don't verify client ...
tested @ home
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/smtpd/ssl.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c index b9281f25503..3378cfa7d19 100644 --- a/usr.sbin/smtpd/ssl.c +++ b/usr.sbin/smtpd/ssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.c,v 1.43 2011/12/21 21:10:15 chl Exp $ */ +/* $OpenBSD: ssl.c,v 1.44 2012/01/11 20:00:37 gilles Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -454,14 +454,11 @@ ssl_setup(struct listener *l) l->ssl_ctx = ssl_ctx_create(); -/* if (l->ssl->ssl_ca != NULL) { if (! ssl_ctx_load_verify_memory(l->ssl_ctx, l->ssl->ssl_ca, l->ssl->ssl_ca_len)) goto err; - SSL_CTX_set_verify(l->ssl_ctx, SSL_VERIFY_PEER, NULL); } -*/ if (!ssl_ctx_use_certificate_chain(l->ssl_ctx, l->ssl->ssl_cert, l->ssl->ssl_cert_len)) |