Re: [Courier-imap] Separated SSL Certificate in one server

Fri, 30 May 2008 23:20:14 -0700 

On Fri, May 30, 2008 at 11:45:10PM +0200, Juraj Lutter wrote:
> Brian Candler wrote:
> >On Fri, May 30, 2008 at 07:34:23AM +0200, Varga Tamás - Consulting wrote:
> >>just create 3 cert file in /etc/courier like this:
> >>
> >>test.pem.1.2.3.4 , test1.pem.1.2.3.5 ... and courier imap-ssl and 
> >>pop3-ssl load it at start?
> >
> >test.pem.1.2.3.4, test.pem.1.2.3.5 etc.
> 
> What about IPv6 addresses?

Look, you can read the source as well as me.

[courier-imap/tcpd/libcouriertls.c]

        s = safe_getenv(info, "TCPLOCALIP");

        if (certfile && !process_certfile(ctx, certfile, s,
                                          process_rsacertfile))

...

static int process_certfile(SSL_CTX *ctx, const char *certfile, const char *ip,
                            int (*func)(SSL_CTX *, const char *))
...
                if (strncmp(ip, "::ffff:", 7) == 0 && strchr(ip, '.'))
                        return (process_certfile(ctx, certfile, ip+7, func));

That is: whatever address is in TCPLOCALIP will be used. If it happens to
be of the form ::ffff:x.y then x.y is used as a simplification.

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Courier-imap mailing list
Courier-imap@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap

Reply via email to