uschar *tls_resumption_hosts = NULL;
# endif
uschar *tls_try_verify_hosts = NULL;
+#if defined(SUPPORT_SYSDEFAULT_CABUNDLE) || !defined(USE_GNUTLS)
uschar *tls_verify_certificates= US"system";
+#else
+uschar *tls_verify_certificates= NULL;
+#endif
uschar *tls_verify_hosts = NULL;
int tls_watch_fd = -1;
time_t tls_watch_trigger_time = (time_t)0;
.keepalive = TRUE,
.retry_include_ip_address = TRUE,
#ifndef DISABLE_TLS
+# if defined(SUPPORT_SYSDEFAULT_CABUNDLE) || !defined(USE_GNUTLS)
.tls_verify_certificates = US"system",
+# endif
.tls_dh_min_bits = EXIM_CLIENT_DH_DEFAULT_MIN_BITS,
.tls_tempfail_tryclear = TRUE,
.tls_try_verify_hosts = US"*",
next if /^TLS: preloading DH params for server/;
next if /^Diffie-Hellman initialized from default/;
next if /^TLS: preloading ECDH curve for server/;
- next if /^ECDH OpenSSL [\d.+]+ temp key parameter settings:/;
+ next if /^ECDH OpenSSL [< ]?[\d.+]+ temp key parameter settings:/;
+ next if /^ECDH: .'*prime256v1'/;
next if /^watch dir/;
# TLS preload
git://git.exim.org / users / heiko / exim.git / commitdiff