diff options
author | hiro <hiro@ee746299-78ed-0310-b773-934348b2243d> | 2006-12-18 04:50:33 +0000 |
---|---|---|
committer | hiro <hiro@ee746299-78ed-0310-b773-934348b2243d> | 2006-12-18 04:50:33 +0000 |
commit | 9c672a9f3f6beab800d85b9ae5cf03a4d9d4f170 (patch) | |
tree | f8c7913edaa89dfb749d029bdf359a5c360f2b8d | |
parent | 6231816dd79b92ac476a3b015689a8142583dbdf (diff) |
call SSL_CTX_load_verify_locations() also when only certs_file exists.
git-svn-id: svn://sylpheed.sraoss.jp/sylpheed/trunk@1432 ee746299-78ed-0310-b773-934348b2243d
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | ChangeLog.ja | 5 | ||||
-rw-r--r-- | libsylph/ssl.c | 4 |
3 files changed, 12 insertions, 2 deletions
@@ -1,5 +1,10 @@ 2006-12-18 + * libsylph/ssl.c: ssl_init(): call SSL_CTX_load_verify_locations() + also when only certs_file exists. + +2006-12-18 + * libsylph/ssl.c: ssl_init(): look for CA certificates bundle file in multiple location. ssl_init_socket_with_method(): disabled reject list (for now). diff --git a/ChangeLog.ja b/ChangeLog.ja index d4f5d62b..4a10173b 100644 --- a/ChangeLog.ja +++ b/ChangeLog.ja @@ -1,5 +1,10 @@ 2006-12-18 + * libsylph/ssl.c: ssl_init(): certs_file のみ存在するばあいでも + SSL_CTX_load_verify_locations() を呼ぶようにした。 + +2006-12-18 + * libsylph/ssl.c: ssl_init(): CA 証明書のバンドルファイルを複数の 場所から探すようにした。 ssl_init_socket_with_method(): 拒否リストを(今のところ)無効にした。 diff --git a/libsylph/ssl.c b/libsylph/ssl.c index 30e95407..f7fd7022 100644 --- a/libsylph/ssl.c +++ b/libsylph/ssl.c @@ -127,7 +127,7 @@ void ssl_init(void) debug_print(_("SSLv23 not available\n")); } else { debug_print(_("SSLv23 available\n")); - if (certs_dir && + if ((certs_file || certs_dir) && !SSL_CTX_load_verify_locations(ssl_ctx_SSLv23, certs_file, certs_dir)) g_warning("SSLv23 SSL_CTX_load_verify_locations failed.\n"); @@ -138,7 +138,7 @@ void ssl_init(void) debug_print(_("TLSv1 not available\n")); } else { debug_print(_("TLSv1 available\n")); - if (certs_dir && + if ((certs_file || certs_dir) && !SSL_CTX_load_verify_locations(ssl_ctx_TLSv1, certs_file, certs_dir)) g_warning("TLSv1 SSL_CTX_load_verify_locations failed.\n"); |