Mercurial > dovecot > core-2.2
changeset 22018:c635141adb77
passdb-imap: Add option to control certificate verification
Turn it on by default
author | Aki Tuomi <aki.tuomi@dovecot.fi> |
---|---|
date | Fri, 28 Apr 2017 20:28:23 +0300 |
parents | 62660946454b |
children | d968b963d3aa |
files | src/auth/passdb-imap.c |
diffstat | 1 files changed, 10 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/passdb-imap.c Mon May 08 13:35:35 2017 +0300 +++ b/src/auth/passdb-imap.c Fri Apr 28 20:28:23 2017 +0300 @@ -136,6 +136,7 @@ module->set.ssl_mode = IMAPC_CLIENT_SSL_MODE_NONE; module->set.username = "%u"; module->set.rawlog_dir = ""; + module->set.ssl_verify = TRUE; for (tmp = p_strsplit(pool, args, " "); *tmp != NULL; tmp++) { key = *tmp; @@ -169,6 +170,15 @@ i_fatal("passdb imap: Invalid ssl mode: %s", value); } + } else if (strcmp(key, "allow_invalid_cert") == 0) { + if (strcmp(value, "yes") == 0) { + module->set.ssl_verify = FALSE; + } else if (strcmp(value, "no") == 0) { + module->set.ssl_verify = TRUE; + } else { + i_fatal("passdb imap: Invalid allow_invalid_cert value: %s", + value); + } } else { i_fatal("passdb imap: Unknown parameter: %s", key); }