Commit 429a106d authored by Craig Ringer's avatar Craig Ringer Committed by Akhil Laddha

BUG#270893 Support client certificates for IMAP

parent db83c3e0
...@@ -1064,8 +1064,13 @@ enable_ssl (CamelTcpStreamSSL *ssl, PRFileDesc *fd) ...@@ -1064,8 +1064,13 @@ enable_ssl (CamelTcpStreamSSL *ssl, PRFileDesc *fd)
SSL_SetURL (ssl_fd, ssl->priv->expected_host); SSL_SetURL (ssl_fd, ssl->priv->expected_host);
/*SSL_GetClientAuthDataHook (sslSocket, ssl_get_client_auth, (gpointer) certNickname);*/ /* NSS provides a default implementation for the SSL_GetClientAuthDataHook callback
/*SSL_AuthCertificateHook (ssl_fd, ssl_auth_cert, (gpointer) CERT_GetDefaultCertDB ());*/ * but does not enable it by default. It must be explicltly requested by the application.
* See: http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslfnc.html#1126622 */
SSL_GetClientAuthDataHook (ssl_fd, (SSLGetClientAuthData)&NSS_GetClientAuthData, NULL );
/* NSS provides _and_ installs a default implementation for the
* SSL_AuthCertificateHook callback so we _don't_ need to install one. */
SSL_BadCertHook (ssl_fd, ssl_bad_cert, ssl); SSL_BadCertHook (ssl_fd, ssl_bad_cert, ssl);
ssl->priv->ssl_mode = TRUE; ssl->priv->ssl_mode = TRUE;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment