passdb-imap: Add option to control certificate verification

author Aki Tuomi <aki.tuomi@dovecot.fi>

Fri, 28 Apr 2017 17:28:23 +0000 (20:28 +0300)

committer GitLab <gitlab@git.dovecot.net>

Mon, 8 May 2017 11:19:30 +0000 (14:19 +0300)
author Aki Tuomi <aki.tuomi@dovecot.fi>
Fri, 28 Apr 2017 17:28:23 +0000 (20:28 +0300)
committer GitLab <gitlab@git.dovecot.net>
Mon, 8 May 2017 11:19:30 +0000 (14:19 +0300)
diff --git a/src/auth/passdb-imap.c b/src/auth/passdb-imap.c

index 9e18a4cb43c3d9a8925d05141db0a84ec0f3c73d..a6e562c31560f8fa413d74fd3fac5091bf4afff3 100644 (file)
--- a/src/auth/passdb-imap.c
+++ b/src/auth/passdb-imap.c
@@ -151,6 +151,7 @@ passdb_imap_preinit(pool_t pool, const char *args)
         module->set.ssl_mode = IMAPC_CLIENT_SSL_MODE_NONE;
         module->set.username = "%u";
         module->set.rawlog_dir = "";
+       module->set.ssl_verify = TRUE;
  
         for (tmp = p_strsplit(pool, args, " "); *tmp != NULL; tmp++) {
                 key = *tmp;
@@ -184,6 +185,15 @@ passdb_imap_preinit(pool_t pool, const char *args)
                                 i_fatal("passdb imap: Invalid ssl mode: %s",
                                         value);
                         }
+               } else if (strcmp(key, "allow_invalid_cert") == 0) {
+                       if (strcmp(value, "yes") == 0) {
+                               module->set.ssl_verify = FALSE;
+                       } else if (strcmp(value, "no") == 0) {
+                               module->set.ssl_verify = TRUE;
+                       } else {
+                               i_fatal("passdb imap: Invalid allow_invalid_cert value: %s",
+                                       value);
+                       }
                 } else {
                         i_fatal("passdb imap: Unknown parameter: %s", key);
                 }
author	Aki Tuomi <aki.tuomi@dovecot.fi>
	Fri, 28 Apr 2017 17:28:23 +0000 (20:28 +0300)
committer	GitLab <gitlab@git.dovecot.net>
	Mon, 8 May 2017 11:19:30 +0000 (14:19 +0300)