[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dovecot-cvs
Subject:    [dovecot-cvs] dovecot/src/login-common ssl-proxy-openssl.c, 1.18,
From:       cras () procontrol ! fi (cras () procontrol ! fi)
Date:       2004-01-19 19:08:08
Message-ID: 20040119170723.9FA5CC003026 () talvi ! dovecot ! org
[Download RAW message or body]

Update of /home/cvs/dovecot/src/login-common
In directory talvi:/tmp/cvs-serv1884/login-common

Modified Files:
	ssl-proxy-openssl.c 
Log Message:
Added setting ssl_ca_file, patch by Zach Bagnall



Index: ssl-proxy-openssl.c
===================================================================
RCS file: /home/cvs/dovecot/src/login-common/ssl-proxy-openssl.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- ssl-proxy-openssl.c	3 Dec 2003 00:40:21 -0000	1.18
+++ ssl-proxy-openssl.c	19 Jan 2004 17:07:21 -0000	1.19
@@ -403,9 +403,10 @@
 
 void ssl_proxy_init(void)
 {
-	const char *certfile, *keyfile, *paramfile;
+	const char *cafile, *certfile, *keyfile, *paramfile;
 	char buf;
 
+	cafile = getenv("SSL_CA_FILE");
 	certfile = getenv("SSL_CERT_FILE");
 	keyfile = getenv("SSL_KEY_FILE");
 	paramfile = getenv("SSL_PARAM_FILE");
@@ -428,6 +429,13 @@
 			SSL_CIPHER_LIST, ssl_last_error());
 	}
 
+	if (cafile != NULL) {
+		if (SSL_CTX_load_verify_locations(ssl_ctx, cafile, NULL) != 1) {
+			i_fatal("Can't load CA file %s: %s",
+				cafile, ssl_last_error());
+		}
+	}
+
 	if (SSL_CTX_use_certificate_chain_file(ssl_ctx, certfile) != 1) {
 		i_fatal("Can't load certificate file %s: %s",
 			certfile, ssl_last_error());

[prev in list] [next in list] [prev in thread] [next in thread]