summaryrefslogtreecommitdiff
path: root/imap/src/osdep/unix/ssl_unix.c
diff options
context:
space:
mode:
Diffstat (limited to 'imap/src/osdep/unix/ssl_unix.c')
-rw-r--r--imap/src/osdep/unix/ssl_unix.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/imap/src/osdep/unix/ssl_unix.c b/imap/src/osdep/unix/ssl_unix.c
index 5793152..4ebe1ae 100644
--- a/imap/src/osdep/unix/ssl_unix.c
+++ b/imap/src/osdep/unix/ssl_unix.c
@@ -395,6 +395,7 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags)
int minv, maxv;
int masklow, maskhigh;
char *s,*t,*err,tmp[MAILTMPLEN], buf[256];
+ char *CAfile, *CApath;
sslcertificatequery_t scq =
(sslcertificatequery_t) mail_parameters (NIL,GET_SSLCERTIFICATEQUERY,NIL);
sslclientcert_t scc =
@@ -414,8 +415,10 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags)
SSL_CTX_set_verify (stream->context,SSL_VERIFY_NONE,NIL);
else SSL_CTX_set_verify (stream->context,SSL_VERIFY_PEER,ssl_open_verify);
/* if a non-standard path desired */
- if ((s = (char *) mail_parameters (NIL,GET_SSLCAPATH,NIL)) != NULL)
- SSL_CTX_load_verify_locations (stream->context,NIL,s);
+ CAfile = (char *) mail_parameters (NIL,GET_SSLCAFILE,NIL);
+ CApath = (char *) mail_parameters (NIL,GET_SSLCAPATH,NIL);
+ if (CAfile != NIL || CApath != NIL)
+ SSL_CTX_load_verify_locations (stream->context, CAfile, CApath);
else /* set default paths to CAs... */
SSL_CTX_set_default_verify_paths (stream->context);
/* want to send client certificate? */
generated by cgit v1.2.3-54-g00ecf (git 2.44.0) at 2024-05-15 15:02:28 +0000