Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 60001 Details for
Bug 94257
mail-mta/qmail TLS enhancement: select servercert through SMTP_SERVERCERT env var
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
servercert-by-TCPLOCALHOST-or-TCPLOCALIP.patch
servercert-by-TCPLOCALHOST-or-TCPLOCALIP.patch (text/plain), 2.10 KB, created by
Alin Năstac (RETIRED)
on 2005-05-28 02:09:10 UTC
(
hide
)
Description:
servercert-by-TCPLOCALHOST-or-TCPLOCALIP.patch
Filename:
MIME Type:
Creator:
Alin Năstac (RETIRED)
Created:
2005-05-28 02:09:10 UTC
Size:
2.10 KB
patch
obsolete
>diff -Nru qmail-1.03.orig/qmail-smtpd.c qmail-1.03/qmail-smtpd.c >--- qmail-1.03.orig/qmail-smtpd.c 2005-05-28 11:37:15.000000000 +0300 >+++ qmail-1.03/qmail-smtpd.c 2005-05-28 11:40:18.165723216 +0300 >@@ -37,6 +37,7 @@ > > stralloc clientcert = {0}; > stralloc tlsserverciphers = {0}; >+stralloc tlsserverlocalcert = {0}; > #endif > > #define BMCHECK_BMF 0 >@@ -270,6 +271,14 @@ > if (!remoteip) remoteip = "unknown"; > local = env_get("TCPLOCALHOST"); > if (!local) local = env_get("TCPLOCALIP"); >+#ifdef TLS >+ if(local) { >+ stralloc_copys(&tlsserverlocalcert, "control/servercert-"); >+ stralloc_cats(&tlsserverlocalcert, local); >+ stralloc_cats(&tlsserverlocalcert, ".pem"); >+ stralloc_0(&tlsserverlocalcert); >+ } >+#endif > if (!local) local = "unknown"; > remotehost = env_get("TCPREMOTEHOST"); > if (!remotehost) remotehost = "unknown"; >@@ -794,12 +803,18 @@ > if(!(ctx=SSL_CTX_new(SSLv23_server_method()))) > {out("454 TLS not available: unable to initialize ctx (#4.3.0)\r\n"); > return;} >- if(!SSL_CTX_use_RSAPrivateKey_file(ctx, "control/servercert.pem", SSL_FILETYPE_PEM)) >- {out("454 TLS not available: missing RSA private key (#4.3.0)\r\n"); >- return;} >- if(!SSL_CTX_use_certificate_chain_file(ctx, "control/servercert.pem")) >- {out("454 TLS not available: missing certificate (#4.3.0)\r\n"); >- return;} >+ if(tlsserverlocalcert.len && SSL_CTX_use_RSAPrivateKey_file(ctx, tlsserverlocalcert.s, SSL_FILETYPE_PEM)) { >+ if(!SSL_CTX_use_certificate_chain_file(ctx, tlsserverlocalcert.s)) >+ {out("454 TLS not available: missing certificate (#4.3.0)\r\n"); >+ return;} >+ } else { >+ if(!SSL_CTX_use_RSAPrivateKey_file(ctx, "control/servercert.pem", SSL_FILETYPE_PEM)) >+ {out("454 TLS not available: missing RSA private key (#4.3.0)\r\n"); >+ return;} >+ if(!SSL_CTX_use_certificate_chain_file(ctx, "control/servercert.pem")) >+ {out("454 TLS not available: missing certificate (#4.3.0)\r\n"); >+ return;} >+ } > SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb); > SSL_CTX_set_cipher_list(ctx,tlsserverciphers.s); > SSL_CTX_load_verify_locations(ctx, "control/clientca.pem",NULL);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=60001">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 94257
:
60001
|
60707
|
60708
