Mercurial > dovecot > original-hg > dovecot-1.2
diff src/login-common/ssl-proxy-openssl.c @ 1907:190f1d315ce6 HEAD
Added setting ssl_ca_file, patch by Zach Bagnall
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Mon, 19 Jan 2004 19:07:21 +0200 |
| parents | 1e6ed8045f2b |
| children | d8f06a0c818e |
line wrap: on
line diff
--- a/src/login-common/ssl-proxy-openssl.c Tue Jan 06 08:14:48 2004 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Mon Jan 19 19:07:21 2004 +0200 @@ -403,9 +403,10 @@ void ssl_proxy_init(void) { - const char *certfile, *keyfile, *paramfile; + const char *cafile, *certfile, *keyfile, *paramfile; char buf; + cafile = getenv("SSL_CA_FILE"); certfile = getenv("SSL_CERT_FILE"); keyfile = getenv("SSL_KEY_FILE"); paramfile = getenv("SSL_PARAM_FILE"); @@ -428,6 +429,13 @@ SSL_CIPHER_LIST, ssl_last_error()); } + if (cafile != NULL) { + if (SSL_CTX_load_verify_locations(ssl_ctx, cafile, NULL) != 1) { + i_fatal("Can't load CA file %s: %s", + cafile, ssl_last_error()); + } + } + if (SSL_CTX_use_certificate_chain_file(ssl_ctx, certfile) != 1) { i_fatal("Can't load certificate file %s: %s", certfile, ssl_last_error());