Displaying 2 results from an estimated 2 matches for "load_ca".
2015 Feb 11
2
[PATCH] Fix for client certificate validation does not work
...=============
--- dovecot-2.2.9.orig/src/login-common/ssl-proxy-openssl.c 2015-02-11 00:31:24.986198000 -0500
+++ dovecot-2.2.9/src/login-common/ssl-proxy-openssl.c 2015-02-11 00:32:19.262198000 -0500
@@ -951,54 +951,25 @@
return strstr(cert, "PRIVATE KEY---") != NULL;
}
-static void load_ca(X509_STORE *store, const char *ca,
- STACK_OF(X509_NAME) **xnames_r)
+static void load_ca(SSL_CTX *ssl_ctx, const char *ca)
{
- /* mostly just copy&pasted from X509_load_cert_crl_file() */
- STACK_OF(X509_INFO) *inf;
- X509_INFO *itmp;
- X509_NAME *xname;
- BIO *bio;
- int i;
-
- bio = BI...
2013 Jul 06
1
[PATCH] login-common: Add support for ECDH/ECDHE cipher suites
...l_settings *set);
+static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set);
+
static unsigned int ssl_server_context_hash(const struct ssl_server_context *ctx)
{
unsigned int i, g, h = 0;
@@ -993,11 +997,58 @@
store = SSL_CTX_get_cert_store(ssl_ctx);
load_ca(store, set->ssl_ca, load_xnames ? &xnames : NULL);
}
+ ssl_proxy_ctx_set_crypto_params(ssl_ctx, set);
SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback);
+ return xnames;
+}
+
+static void
+ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx,
+ const struct...