[dovecot-cvs] dovecot/src/login-common ssl-proxy-openssl.c, 1.18,
1.19
cras at procontrol.fi
cras at procontrol.fi
Mon Jan 19 19:07:23 EET 2004
Update of /home/cvs/dovecot/src/login-common
In directory talvi:/tmp/cvs-serv1884/login-common
Modified Files:
ssl-proxy-openssl.c
Log Message:
Added setting ssl_ca_file, patch by Zach Bagnall
Index: ssl-proxy-openssl.c
===================================================================
RCS file: /home/cvs/dovecot/src/login-common/ssl-proxy-openssl.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- ssl-proxy-openssl.c 3 Dec 2003 00:40:21 -0000 1.18
+++ ssl-proxy-openssl.c 19 Jan 2004 17:07:21 -0000 1.19
@@ -403,9 +403,10 @@
void ssl_proxy_init(void)
{
- const char *certfile, *keyfile, *paramfile;
+ const char *cafile, *certfile, *keyfile, *paramfile;
char buf;
+ cafile = getenv("SSL_CA_FILE");
certfile = getenv("SSL_CERT_FILE");
keyfile = getenv("SSL_KEY_FILE");
paramfile = getenv("SSL_PARAM_FILE");
@@ -428,6 +429,13 @@
SSL_CIPHER_LIST, ssl_last_error());
}
+ if (cafile != NULL) {
+ if (SSL_CTX_load_verify_locations(ssl_ctx, cafile, NULL) != 1) {
+ i_fatal("Can't load CA file %s: %s",
+ cafile, ssl_last_error());
+ }
+ }
+
if (SSL_CTX_use_certificate_chain_file(ssl_ctx, certfile) != 1) {
i_fatal("Can't load certificate file %s: %s",
certfile, ssl_last_error());
More information about the dovecot-cvs
mailing list