passdb-imap: Make sure ssl verification is possible with current settings

diff --git a/src/auth/passdb-imap.c b/src/auth/passdb-imap.c
index f2ef27cd17970535d2c1009034494933832edab6..ade4b3981565b9324078a9eb4f7b5c7cc06d10c4 100644 (file)
--- a/src/auth/passdb-imap.c
+++ b/src/auth/passdb-imap.c
@@ -187,6 +187,11 @@ passdb_imap_preinit(pool_t pool, const char *args)
                }
        }
 
+       if (module->set.ssl_verify == TRUE && module->set.ssl_mode != IMAPC_CLIENT_SSL_MODE_NONE ) {
+               if (module->set.ssl_ca_dir == NULL && module->set.ssl_ca_file == NULL)
+                       i_fatal("passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting");
+       }
+
        if (module->set.host == NULL)
                i_fatal("passdb imap: Missing host parameter");