From ef159279c142ec4f3b3a1938cfeadc74d5891070 Mon Sep 17 00:00:00 2001
From: Eduardo Chappa <chappa@washington.edu>
Date: Sat, 18 Jul 2020 00:53:34 -0600
Subject:   * Addition of the variables User Certs Dir and User Certs File,
 which allow     a user to specify the location of server certificates that
 the user trusts.

---
 imap/src/osdep/unix/ssl_unix.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'imap/src/osdep/unix/ssl_unix.c')

diff --git a/imap/src/osdep/unix/ssl_unix.c b/imap/src/osdep/unix/ssl_unix.c
index 4ebe1ae7..1f64b57e 100644
--- a/imap/src/osdep/unix/ssl_unix.c
+++ b/imap/src/osdep/unix/ssl_unix.c
@@ -421,6 +421,11 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags)
     SSL_CTX_load_verify_locations (stream->context, CAfile, CApath);
   else				/* set default paths to CAs... */
   SSL_CTX_set_default_verify_paths (stream->context);
+				/* Load app certificates */
+  CAfile = (char *) mail_parameters (NIL,GET_SSLAPPCAFILE,NIL);
+  CApath = (char *) mail_parameters (NIL,GET_SSLAPPCAPATH,NIL);
+  if (CAfile != NIL || CApath != NIL)
+    SSL_CTX_load_verify_locations (stream->context, CAfile, CApath);
 				/* want to send client certificate? */
   if (scc && (s = (*scc) ()) && (sl = strlen (s))) {
     if ((cert = PEM_read_bio_X509 (bio = BIO_new_mem_buf (s,sl),NIL,NIL,NIL)) != NULL) {
-- 
cgit v1.2.3-54-g00ecf