From 00058a66d67aef6a18d123063f1cc61d1516ba3d Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Fri, 16 Feb 2024 07:25:46 +0200 Subject: [PATCH] lib-ssl-iostream: Add ssl_client_key_password setting --- src/lib-ssl-iostream/ssl-settings.c | 3 +++ src/lib-ssl-iostream/ssl-settings.h | 1 + 2 files changed, 4 insertions(+) diff --git a/src/lib-ssl-iostream/ssl-settings.c b/src/lib-ssl-iostream/ssl-settings.c index 3436f857a0..0fd7c89ca5 100644 --- a/src/lib-ssl-iostream/ssl-settings.c +++ b/src/lib-ssl-iostream/ssl-settings.c @@ -18,6 +18,7 @@ static const struct setting_define ssl_setting_defines[] = { DEF(STR, ssl_client_ca_dir), DEF(FILE, ssl_client_cert_file), DEF(FILE, ssl_client_key_file), + DEF(STR, ssl_client_key_password), DEF(STR, ssl_cipher_list), DEF(STR, ssl_cipher_suites), @@ -36,6 +37,7 @@ const struct ssl_settings ssl_default_settings = { .ssl_client_ca_dir = "", .ssl_client_cert_file = "", .ssl_client_key_file = "", + .ssl_client_key_password = "", .ssl_cipher_list = "ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH", .ssl_cipher_suites = "", /* Use TLS library provided value */ @@ -195,6 +197,7 @@ void ssl_client_settings_to_iostream_set( set->pool, &set->cert.cert); settings_file_get(ssl_set->ssl_client_key_file, set->pool, &set->cert.key); + set->cert.key_password = ssl_set->ssl_client_key_password; set->verify_remote_cert = ssl_set->ssl_client_require_valid_cert; set->allow_invalid_cert = !set->verify_remote_cert; /* client-side CRL checking not supported currently */ diff --git a/src/lib-ssl-iostream/ssl-settings.h b/src/lib-ssl-iostream/ssl-settings.h index 1c8b66092e..2202488782 100644 --- a/src/lib-ssl-iostream/ssl-settings.h +++ b/src/lib-ssl-iostream/ssl-settings.h @@ -10,6 +10,7 @@ struct ssl_settings { const char *ssl_client_ca_dir; const char *ssl_client_cert_file; const char *ssl_client_key_file; + const char *ssl_client_key_password; const char *ssl_cipher_list; const char *ssl_cipher_suites; -- 2.47.3