[dovecot-cvs] dovecot dovecot-example.conf,1.84,1.85

cras at procontrol.fi cras at procontrol.fi
Mon May 17 04:32:18 EEST 2004 

Update of /home/cvs/dovecot
In directory talvi:/tmp/cvs-serv3177

Modified Files:
	dovecot-example.conf 
Log Message:
Added ssl_require_client_cert auth-specific setting. Hide
ssl_verify_client_cert from default config file as it's automatically set if
needed and there's not much point in forcing it.



Index: dovecot-example.conf
===================================================================
RCS file: /home/cvs/dovecot/dovecot-example.conf,v
retrieving revision 1.84
retrieving revision 1.85
diff -u -d -r1.84 -r1.85
--- dovecot-example.conf	10 May 2004 02:15:16 -0000	1.84
+++ dovecot-example.conf	17 May 2004 01:32:16 -0000	1.85
@@ -37,7 +37,7 @@
 # File containing trusted SSL certificate authorities. Usually not needed.
 #ssl_ca_file = 
 
-# Require client to send a valid certificate, otherwise fail the SSL handshake.
+# Request client to send a certificate.
 #ssl_verify_client_cert = no
 
 # SSL parameter file. Master process generates this file for login processes.
@@ -312,10 +312,9 @@
 #umask = 0077
 
 # Drop all privileges before exec()ing the mail process. This is mostly
-# meant for debugging, otherwise you don't get core dumps. Note that setting
-# this to yes means that log file is opened as the logged in user, which
-# might not work. It could also be a small security risk if you use single UID
-# for multiple users, as the users could ptrace() each others processes then.
+# meant for debugging, otherwise you don't get core dumps. It could be a small
+# security risk if you use single UID for multiple users, as the users could
+# ptrace() each others processes then.
 #mail_drop_priv_before_exec = no
 
 # Set max. process size in megabytes. Most of the memory goes to mmap()ing
@@ -437,6 +436,9 @@
 
   # Number of authentication processes to create
   #count = 1
+
+  # Require a valid SSL client certificate or the authentication fails.
+  #ssl_require_client_cert = no
 }
 
 # PAM doesn't provide a way to get uid, gid or home directory. If you don't

More information about the dovecot-cvs mailing list