Mercurial > dovecot > core-2.2
changeset 21373:9d3889a5fbb3
auth-policy: Enable SSL connections
| author | Aki Tuomi <aki.tuomi@dovecot.fi> |
|---|---|
| date | Sun, 08 Jan 2017 20:09:33 +0200 |
| parents | 73f614573fb6 |
| children | b3803bacf702 |
| files | src/auth/Makefile.am src/auth/auth-policy.c |
| diffstat | 2 files changed, 9 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/Makefile.am Fri Dec 30 16:20:12 2016 +0100 +++ b/src/auth/Makefile.am Sun Jan 08 20:09:33 2017 +0200 @@ -59,6 +59,8 @@ $(LIBDOVECOT_SQL) auth_LDADD = $(auth_libs) $(LIBDOVECOT) $(AUTH_LIBS) +auth_CPPFLAGS = $(AM_CPPFLAGS) \ + -I$(top_srcdir)/src/lib-ssl-iostream auth_DEPENDENCIES = $(auth_libs) $(LIBDOVECOT_DEPS) ldap_sources = db-ldap.c passdb-ldap.c userdb-ldap.c
--- a/src/auth/auth-policy.c Fri Dec 30 16:20:12 2016 +0100 +++ b/src/auth/auth-policy.c Sun Jan 08 20:09:33 2017 +0200 @@ -15,6 +15,7 @@ #include "auth-penalty.h" #include "auth-settings.h" #include "auth-policy.h" +#include "iostream-ssl.h" #define AUTH_POLICY_DNS_SOCKET_PATH "dns-client" @@ -159,6 +160,12 @@ http_client_set.request_absolute_timeout_msecs = global_auth_settings->policy_server_timeout_msecs; if (global_auth_settings->debug) http_client_set.debug = 1; + http_client_set.ssl_ca_dir = global_auth_settings->ssl_client_ca_dir; + http_client_set.ssl_ca_file = global_auth_settings->ssl_client_ca_file; + if (*http_client_set.ssl_ca_dir == '\0' && + *http_client_set.ssl_ca_file == '\0') + http_client_set.ssl_allow_invalid_cert = TRUE; + http_client = http_client_init(&http_client_set); /* prepare template */