From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Thu, 8 Feb 2018 11:27:25 +0000 (+0200)
Subject: lib-http: client: Fix using non-context SSL settings
X-Git-Tag: 2.3.9~2341
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ca400a499cf1f6a5b28cd3f62f69b1a3b5487c67;p=thirdparty%2Fdovecot%2Fcore.git

lib-http: client: Fix using non-context SSL settings

The SSL settings were used for the SSL context, but they weren't used for
individual SSL streams. This broke stream-only settings, like
allow_invalid_cert=TRUE.
---

diff --git a/src/lib-http/http-client-connection.c b/src/lib-http/http-client-connection.c
index d28a11dd17..9d12a0ef1b 100644
--- a/src/lib-http/http-client-connection.c
+++ b/src/lib-http/http-client-connection.c
@@ -1383,7 +1383,7 @@ http_client_connection_ssl_init(struct http_client_connection *conn,
 
 	i_assert(ssl_ctx != NULL);
 
-	i_zero(&ssl_set);
+	ssl_set = *set->ssl;
 	if (!set->ssl->allow_invalid_cert) {
 		ssl_set.verbose_invalid_cert = TRUE;
 	}