Mercurial > dovecot > core-2.2

changeset 22018:c635141adb77

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
passdb-imap: Add option to control certificate verification Turn it on by default
author Aki Tuomi <aki.tuomi@dovecot.fi>
date Fri, 28 Apr 2017 20:28:23 +0300
parents 62660946454b
children d968b963d3aa
files src/auth/passdb-imap.c
diffstat 1 files changed, 10 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/auth/passdb-imap.c	Mon May 08 13:35:35 2017 +0300
+++ b/src/auth/passdb-imap.c	Fri Apr 28 20:28:23 2017 +0300
@@ -136,6 +136,7 @@
 	module->set.ssl_mode = IMAPC_CLIENT_SSL_MODE_NONE;
 	module->set.username = "%u";
 	module->set.rawlog_dir = "";
+	module->set.ssl_verify = TRUE;
 
 	for (tmp = p_strsplit(pool, args, " "); *tmp != NULL; tmp++) {
 		key = *tmp;
@@ -169,6 +170,15 @@
 				i_fatal("passdb imap: Invalid ssl mode: %s",
 					value);
 			}
+		} else if (strcmp(key, "allow_invalid_cert") == 0) {
+			if (strcmp(value, "yes") == 0) {
+				module->set.ssl_verify = FALSE;
+			} else if (strcmp(value, "no") == 0) {
+				module->set.ssl_verify = TRUE;
+			} else {
+				i_fatal("passdb imap: Invalid allow_invalid_cert value: %s",
+					value);
+			}
 		} else {
 			i_fatal("passdb imap: Unknown parameter: %s", key);
 		}