Mercurial > dovecot > core-2.2
changeset 22916:432635b3ef52
login-common: ssl_require_crl works both ways
It applies for incoming and outgoing connections.
author | Aki Tuomi <aki.tuomi@dovecot.fi> |
---|---|
date | Wed, 28 Feb 2018 14:22:04 +0200 |
parents | 087aeff6bd2a |
children | 827eab50e33a |
files | src/login-common/ssl-proxy-openssl.c |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/login-common/ssl-proxy-openssl.c Wed Feb 28 13:29:51 2018 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Wed Feb 28 14:22:04 2018 +0200 @@ -915,7 +915,7 @@ proxy->cert_received = TRUE; ctxerr = X509_STORE_CTX_get_error(ctx); - if (proxy->client_proxy && !proxy->login_set->ssl_require_crl && + if (!proxy->login_set->ssl_require_crl && (ctxerr == X509_V_ERR_UNABLE_TO_GET_CRL || ctxerr == X509_V_ERR_CRL_HAS_EXPIRED)) { /* no CRL given with the CA list. don't worry about it. */