dovecot-2.0: login proxy: Don't fail connection if CRL isn't fou...
dovecot at dovecot.org
dovecot at dovecot.org
Thu Nov 17 00:41:51 EET 2011
details: http://hg.dovecot.org/dovecot-2.0/rev/4294e9136cd6
changeset: 12979:4294e9136cd6
user: Timo Sirainen <tss at iki.fi>
date: Thu Nov 17 00:41:15 2011 +0200
description:
login proxy: Don't fail connection if CRL isn't found for some certificate.
diffstat:
src/login-common/ssl-proxy-openssl.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diffs (14 lines):
diff -r de8715e4d793 -r 4294e9136cd6 src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c Wed Nov 16 23:40:03 2011 +0200
+++ b/src/login-common/ssl-proxy-openssl.c Thu Nov 17 00:41:15 2011 +0200
@@ -929,6 +929,10 @@
else
i_info("Valid certificate: %s", buf);
}
+ if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL && proxy->client_proxy) {
+ /* no CRL given with the CA list. don't worry about it. */
+ preverify_ok = 1;
+ }
if (!preverify_ok)
proxy->cert_broken = TRUE;
More information about the dovecot-cvs
mailing list