From 30d917bcd48d70af0371baf27571cc198d621a62 Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Tue, 2 Apr 2013 23:29:43 +0300 Subject: [PATCH] lib-http: Added ssl_ca setting to specify the CA certificate directly. --- src/lib-http/http-client-peer.c | 1 + src/lib-http/http-client.c | 1 + src/lib-http/http-client.h | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/lib-http/http-client-peer.c b/src/lib-http/http-client-peer.c index 23c64587ba..d805a84634 100644 --- a/src/lib-http/http-client-peer.c +++ b/src/lib-http/http-client-peer.c @@ -228,6 +228,7 @@ http_client_peer_create(struct http_client *client, const char *source; memset(&ssl_set, 0, sizeof(ssl_set)); ssl_set.ca_dir = peer->client->set.ssl_ca_dir; + ssl_set.ca = peer->client->set.ssl_ca; ssl_set.verify_remote_cert = TRUE; ssl_set.crypto_device = peer->client->set.ssl_crypto_device; diff --git a/src/lib-http/http-client.c b/src/lib-http/http-client.c index d9fd9cb184..4d9895ec65 100644 --- a/src/lib-http/http-client.c +++ b/src/lib-http/http-client.c @@ -82,6 +82,7 @@ struct http_client *http_client_init(const struct http_client_settings *set) if (set->rawlog_dir != NULL && *set->rawlog_dir != '\0') client->set.rawlog_dir = p_strdup(pool, set->rawlog_dir); client->set.ssl_ca_dir = p_strdup(pool, set->ssl_ca_dir); + client->set.ssl_ca = p_strdup(pool, set->ssl_ca); client->set.max_idle_time_msecs = set->max_idle_time_msecs; client->set.max_parallel_connections = (set->max_parallel_connections > 0 ? set->max_parallel_connections : 1); diff --git a/src/lib-http/http-client.h b/src/lib-http/http-client.h index 0e0423c64a..5eb5e89d4e 100644 --- a/src/lib-http/http-client.h +++ b/src/lib-http/http-client.h @@ -33,7 +33,7 @@ extern const char *http_request_state_names[]; struct http_client_settings { const char *dns_client_socket_path; - const char *ssl_ca_dir; + const char *ssl_ca_dir, *ssl_ca; const char *ssl_crypto_device; bool ssl_allow_invalid_cert; bool ssl_verify; -- 2.47.3