dovecot-2.1: login proxy: Don't fail connection if CRL isn't fou...
dovecot at dovecot.org
dovecot at dovecot.org
Thu Nov 17 00:41:33 EET 2011
details: http://hg.dovecot.org/dovecot-2.1/rev/f986b56d8e2a
changeset: 13718:f986b56d8e2a
user: Timo Sirainen <tss at iki.fi>
date: Thu Nov 17 00:41:15 2011 +0200
description:
login proxy: Don't fail connection if CRL isn't found for some certificate.
diffstat:
src/login-common/ssl-proxy-openssl.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diffs (14 lines):
diff -r b0c0d11792fc -r f986b56d8e2a src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c Wed Nov 16 22:59:36 2011 +0200
+++ b/src/login-common/ssl-proxy-openssl.c Thu Nov 17 00:41:15 2011 +0200
@@ -857,6 +857,10 @@
else
i_info("Valid certificate: %s", buf);
}
+ if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL && proxy->client_proxy) {
+ /* no CRL given with the CA list. don't worry about it. */
+ preverify_ok = 1;
+ }
if (!preverify_ok)
proxy->cert_broken = TRUE;
More information about the dovecot-cvs
mailing list