[prev in list] [next in list] [prev in thread] [next in thread]
List: spamassassin-devel
Subject: [Bug 7267] New: no way to set SSL_VERIFY_PEER in spamd
From: bugzilla-daemon () bugzilla ! spamassassin ! org
Date: 2015-11-16 23:33:43
Message-ID: bug-7267-26 () https ! bz ! apache ! org/SpamAssassin/
[Download RAW message or body]
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7267
Bug ID: 7267
Summary: no way to set SSL_VERIFY_PEER in spamd
Product: Spamassassin
Version: 3.4.1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P2
Component: spamc/spamd
Assignee: dev@spamassassin.apache.org
Reporter: curtis@ipv6.occnc.com
There is no server side SSL verification in spamd.
The fix on the spamd side is simple. Not so simple in spamc.
On spamd there needs to be three options, "--ssl-ca-file=file",
"-ssl-ca-path=path", and "--ssl-verify".
Setting any one of them sets "$sockopt->SSL_verify_mode =
SSL_VERIFY_PEER;" on about line 1077 in spamd. If either ssl-ca-file or
ssl-ca-path are set, then set sockopt->SSL_ca_file or sockopt->SSL_ca_path.
That's it for spamd. I haven't looked at spamc, but it should not be much more
difficult to add options for key and cert. Just C rather than perl.
Diffs to follow.
--
You are receiving this mail because:
You are the assignee for the bug.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic