After compiling --with-gnutls, the thunderbird imap client
prompts for a certificate required by the server. After
recompiling with the attached patch this does not happen.
--- tcpd/libcouriergnutls.original.c 2008-07-12 20:40:45.000000000 +0200
+++ tcpd/libcouriergnutls.c 2008-08-24 18:12:15.000000000 +0200
@@ -1682,7 +1682,7 @@
gnutls_compression_set_priority(ssl->session, ctx->comp_list) < 0 ||
gnutls_protocol_set_priority(ssl->session, ctx->protocol_list) < 0||
(ctx->certfiledh && read_dh_params(ssl->dhparams,
- ctx->certfile)) < 0 ||
+ ctx->certfile) < 0) ||
add_certificates(ssl->xcred, ctx->trustcerts) < 0 ||
#if 0
add_certificates(ssl->xcred, ctx->certfile) < 0 ||
@@ -1701,8 +1701,8 @@
(ctx->info_cpy.peer_verify_domain &&
gnutls_server_name_set(ssl->session, GNUTLS_NAME_DNS,
ctx->info_cpy.peer_verify_domain,
- strlen(ctx->info_cpy.peer_verify_domain))
- < 0)
+ strlen(ctx->info_cpy.peer_verify_domain)
+ < 0))
)
{
tls_free_session(ssl);
@@ -1719,8 +1719,11 @@
if (ctx->isserver)
{
- gnutls_certificate_server_set_request(ssl->session,
- GNUTLS_CERT_REQUEST);
+ if (ctx->verify_cert)
+ gnutls_certificate_server_set_request(ssl->session,
+ ctx->fail_if_no_cert?
+ GNUTLS_CERT_REQUIRE:
+ GNUTLS_CERT_REQUEST);
gnutls_certificate_server_set_retrieve_function(ssl->xcred,
get_server_cert
);
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
