client->set.rawlog_dir = p_strdup(pool, set->rawlog_dir);
if (set->ssl_mode != POP3C_CLIENT_SSL_MODE_NONE) {
- client->set.ssl_mode = set->ssl_mode;
- client->set.ssl_ca_dir = p_strdup(pool, set->ssl_ca_dir);
- client->set.ssl_ca_file = p_strdup(pool, set->ssl_ca_file);
- client->set.ssl_verify = set->ssl_verify;
-
- i_zero(&ssl_set);
- ssl_set.ca_dir = set->ssl_ca_dir;
- ssl_set.ca_file = set->ssl_ca_file;
- ssl_set.allow_invalid_cert = !set->ssl_verify;
- ssl_set.crypto_device = set->ssl_crypto_device;
-
+ ssl_iostream_settings_init_from(client->pool, &client->set.ssl_set, &set->ssl_set);
+ client->set.ssl_set.verbose_invalid_cert = !client->set.ssl_set.allow_invalid_cert;
if (ssl_iostream_client_context_cache_get(&ssl_set,
&client->ssl_ctx,
&error) < 0) {
client->set.host);
}
return 0;
- } else if (!client->set.ssl_verify) {
+ } else if (client->set.ssl_set.allow_invalid_cert) {
if (client->set.debug) {
i_debug("pop3c(%s): SSL handshake successful, "
"ignoring invalid certificate: %s",
static int pop3c_client_ssl_init(struct pop3c_client *client)
{
- struct ssl_iostream_settings ssl_set;
const char *error;
if (client->ssl_ctx == NULL) {
return -1;
}
- i_zero(&ssl_set);
- if (client->set.ssl_verify) {
- ssl_set.verbose_invalid_cert = TRUE;
- } else {
- ssl_set.allow_invalid_cert = TRUE;
- }
-
if (client->set.debug)
i_debug("pop3c(%s): Starting SSL handshake", client->set.host);
}
if (io_stream_create_ssl_client(client->ssl_ctx, client->set.host,
- &ssl_set, &client->input, &client->output,
- &client->ssl_iostream, &error) < 0) {
+ &client->set.ssl_set, &client->input,
+ &client->output, &client->ssl_iostream, &error) < 0) {
i_error("pop3c(%s): Couldn't initialize SSL client: %s",
client->set.host, error);
return -1;
#include "net.h"
#include "pop3c-settings.h"
+#include "iostream-ssl.h"
enum pop3c_capability {
POP3C_CAPABILITY_PIPELINING = 0x01,
enum pop3c_client_ssl_mode ssl_mode;
enum pop3c_features parsed_features;
- const char *ssl_ca_dir, *ssl_ca_file;
- bool ssl_verify;
+ struct ssl_iostream_settings ssl_set;
const char *rawlog_dir;
const char *ssl_crypto_device;
client_set.rawlog_dir =
mail_user_home_expand(storage->user, set->pop3c_rawlog_dir);
- client_set.ssl_ca_dir = storage->set->ssl_client_ca_dir;
- client_set.ssl_ca_file = storage->set->ssl_client_ca_file;
- client_set.ssl_verify = set->pop3c_ssl_verify;
+ mail_user_init_ssl_client_settings(storage->user, &client_set.ssl_set);
+
+ if (!set->pop3c_ssl_verify)
+ client_set.ssl_set.allow_invalid_cert = TRUE;
+
if (strcmp(set->pop3c_ssl, "pop3s") == 0)
client_set.ssl_mode = POP3C_CLIENT_SSL_MODE_IMMEDIATE;
else if (strcmp(set->pop3c_ssl, "starttls") == 0)
client_set.ssl_mode = POP3C_CLIENT_SSL_MODE_STARTTLS;
else
client_set.ssl_mode = POP3C_CLIENT_SSL_MODE_NONE;
- client_set.ssl_crypto_device = storage->set->ssl_crypto_device;
return pop3c_client_init(&client_set);
}
projects / thirdparty / dovecot / core.git / commitdiff
