TLS communication director -> backend with X.509 cert checks?
Heiko Schlittermann
hs at schlittermann.de
Tue Oct 13 20:33:23 UTC 2015
Timo Sirainen <tss at iki.fi> (Di 13 Okt 2015 21:36:40 CEST):
…
> > I see:
> >
> > a) pass the host *names* to the director too, for CN verification
> > purpose
> >
> > May be in struct mail_host could be a field for the original
> > hostname we used to obtain the adress(es)?
>
> Does the attached patch work? Compiles, but untested.
I'm about to test it.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20151013/dd1fd0e3/attachment.sig>
More information about the dovecot
mailing list