diff options
| author |   eric <eric@openbsd.org> | 2021-04-02 06:30:55 +0000 |
|---|---|---|
| committer | eric <eric@openbsd.org> | 2021-04-02 06:30:55 +0000 |
| commit | a2bac8cf8e9877793f29097f8a9f406087287f3f (patch) | |
| tree | b45e2e331504c6acb1bdcb8a02d03d559ea6e8fe | |
| parent | fix sentence structure; (diff) | |
| download | wireguard-openbsd-a2bac8cf8e9877793f29097f8a9f406087287f3f.tar.xz wireguard-openbsd-a2bac8cf8e9877793f29097f8a9f406087287f3f.zip | |
if cipher list is not specified for a relay action, use the global
cipher list if defined. otherwise fallback to libtls default.
ok millert@
| -rw-r--r-- | usr.sbin/smtpd/mta.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/usr.sbin/smtpd/mta.c b/usr.sbin/smtpd/mta.c index 2da8608e3a0..4339481f0a7 100644 --- a/usr.sbin/smtpd/mta.c +++ b/usr.sbin/smtpd/mta.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mta.c,v 1.236 2021/03/31 17:47:16 eric Exp $ */ +/* $OpenBSD: mta.c,v 1.237 2021/04/02 06:30:55 eric Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -491,6 +491,7 @@ mta_setup_dispatcher(struct dispatcher *dispatcher) struct tls_config *config; struct pki *pki; struct ca *ca; + const char *ciphers; uint32_t protos; if (dispatcher->type != DISPATCHER_REMOTE) @@ -501,8 +502,10 @@ mta_setup_dispatcher(struct dispatcher *dispatcher) if ((config = tls_config_new()) == NULL) fatal("smtpd: tls_config_new"); - if (remote->tls_ciphers && - tls_config_set_ciphers(config, remote->tls_ciphers) == -1) + ciphers = env->sc_tls_ciphers; + if (remote->tls_ciphers) + ciphers = remote->tls_ciphers; + if (ciphers && tls_config_set_ciphers(config, ciphers) == -1) err(1, "%s", tls_config_error(config)); if (remote->tls_protocols && |