From: Timo Sirainen Date: Thu, 23 May 2013 14:36:54 +0000 (+0300) Subject: lib-http: Added ssl_cert|key|key_password settings to be passed to ssl-iostream. X-Git-Tag: 2.2.3~131 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=35e962a9186b4e9b2001628c1d7b55c24b33ce84;p=thirdparty%2Fdovecot%2Fcore.git lib-http: Added ssl_cert|key|key_password settings to be passed to ssl-iostream. These are used for sending client's SSL certificate. --- diff --git a/src/lib-http/http-client.c b/src/lib-http/http-client.c index b6846f0875..f153b51432 100644 --- a/src/lib-http/http-client.c +++ b/src/lib-http/http-client.c @@ -86,6 +86,9 @@ struct http_client *http_client_init(const struct http_client_settings *set) client->set.ssl_ca = p_strdup(pool, set->ssl_ca); client->set.ssl_crypto_device = p_strdup(pool, set->ssl_crypto_device); client->set.ssl_allow_invalid_cert = set->ssl_allow_invalid_cert; + client->set.ssl_cert = p_strdup(pool, set->ssl_cert); + client->set.ssl_key = p_strdup(pool, set->ssl_key); + client->set.ssl_key_password = p_strdup(pool, set->ssl_key_password); client->set.max_idle_time_msecs = set->max_idle_time_msecs; client->set.max_parallel_connections = (set->max_parallel_connections > 0 ? set->max_parallel_connections : 1); @@ -197,6 +200,9 @@ int http_client_init_ssl_ctx(struct http_client *client, const char **error_r) ssl_set.ca = client->set.ssl_ca; ssl_set.verify_remote_cert = TRUE; ssl_set.crypto_device = client->set.ssl_crypto_device; + ssl_set.cert = client->set.ssl_cert; + ssl_set.key = client->set.ssl_key; + ssl_set.key_password = client->set.ssl_key_password; ssl_set.verbose = client->set.debug; ssl_set.verbose_invalid_cert = client->set.debug; diff --git a/src/lib-http/http-client.h b/src/lib-http/http-client.h index 69cb448191..9c8d131904 100644 --- a/src/lib-http/http-client.h +++ b/src/lib-http/http-client.h @@ -36,6 +36,8 @@ struct http_client_settings { const char *ssl_ca_dir, *ssl_ca_file, *ssl_ca; const char *ssl_crypto_device; bool ssl_allow_invalid_cert; + /* user cert */ + const char *ssl_cert, *ssl_key, *ssl_key_password; const char *rawlog_dir;