From: Aki Tuomi <aki.tuomi@dovecot.fi>
Date: Mon, 8 May 2017 09:24:21 +0000 (+0300)
Subject: passdb-imap: Add ssl_ca_file setting
X-Git-Tag: 2.3.0.rc1~1661
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6a65a1d090cfb8d5d1cce4ad8e16a22953b4d2f6;p=thirdparty%2Fdovecot%2Fcore.git

passdb-imap: Add ssl_ca_file setting

Allow setting SSL trust roots from a file
---

diff --git a/src/auth/passdb-imap.c b/src/auth/passdb-imap.c
index a6e562c315..d4c2a9d68e 100644
--- a/src/auth/passdb-imap.c
+++ b/src/auth/passdb-imap.c
@@ -99,7 +99,8 @@ passdb_imap_verify_plain(struct auth_request *auth_request,
 	set.max_idle_time = IMAPC_DEFAULT_MAX_IDLE_TIME;
 	if (set.ssl_ca_dir == NULL)
 		set.ssl_ca_dir = auth_request->set->ssl_client_ca_dir;
-	set.ssl_ca_file = auth_request->set->ssl_client_ca_file;
+	if (set.ssl_ca_file == NULL)
+		set.ssl_ca_file = auth_request->set->ssl_client_ca_file;
 
 	if (module->set_have_vars) {
 		str = t_str_new(128);
@@ -170,6 +171,8 @@ passdb_imap_preinit(pool_t pool, const char *args)
 			module->set.username = value;
 		else if (strcmp(key, "ssl_ca_dir") == 0)
 			module->set.ssl_ca_dir = value;
+		else if (strcmp(key, "ssl_ca_file") == 0)
+			module->set.ssl_ca_file = value;
 		else if (strcmp(key, "rawlog_dir") == 0)
 			module->set.rawlog_dir = value;
 		else if (strcmp(key, "ssl") == 0) {