aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeffrey Stedfast <fejj@ximian.com>2001-10-03 10:55:50 +0800
committerJeffrey Stedfast <fejj@src.gnome.org>2001-10-03 10:55:50 +0800
commit27da08a1bf16735d6bece830f6a676013e296b12 (patch)
tree67e8cefe5e9f964f0a9f08e1a87250ba899e40c2
parente4281865f9ddef690cf8b20d89f28f1ab307592c (diff)
downloadgsoc2013-evolution-27da08a1bf16735d6bece830f6a676013e296b12.tar.gz
gsoc2013-evolution-27da08a1bf16735d6bece830f6a676013e296b12.tar.zst
gsoc2013-evolution-27da08a1bf16735d6bece830f6a676013e296b12.zip
Import the certificate if the user accepts it.
2001-10-02 Jeffrey Stedfast <fejj@ximian.com> * camel-tcp-stream-ssl.c (ssl_bad_cert): Import the certificate if the user accepts it. svn path=/trunk/; revision=13363
-rw-r--r--camel/ChangeLog10
-rw-r--r--camel/camel-tcp-stream-ssl.c26
2 files changed, 16 insertions, 20 deletions
diff --git a/camel/ChangeLog b/camel/ChangeLog
index 80adf35e7c..eb71bd7d32 100644
--- a/camel/ChangeLog
+++ b/camel/ChangeLog
@@ -1,11 +1,17 @@
+2001-10-02 Jeffrey Stedfast <fejj@ximian.com>
+
+ * camel-tcp-stream-ssl.c (ssl_bad_cert): Import the certificate if
+ the user accepts it.
+
2001-10-02 <NotZed@Ximian.com>
* providers/local/camel-local-provider.c (local_url_hash,
local_url_equal): for hashing/comparing local url's, we ignore
trailing /'s in paths (maybe shuld handle multiple /'s too).
- (camel_provider_module_init): Use local_url_hash/equal for all functions.
+ (camel_provider_module_init): Use local_url_hash/equal for all
+ functions.
- * camel-sasl-digest-md5.c (digest_response): Change to
+ * camel-sasl-digest-md5.c (digest_response): Change to
camel_charset_iconv_open/close.
* camel-pgp-context.c (pgp_verify): Change to
diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c
index c5d1766ca8..83a468b281 100644
--- a/camel/camel-tcp-stream-ssl.c
+++ b/camel/camel-tcp-stream-ssl.c
@@ -375,29 +375,19 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd)
g_free (prompt);
if (accept) {
-#if 0
- /* this code would work, except guess what? mozilla
- again changed api - these are all deprecated
- functions again. */
- CERTCertificate *temp;
- CERTCertTrust *trust;
- PK11SlotInfo *slot;
- char *nickname;
-
- nickname = CERT_MakeCANickname (cert);
+ SECItem *certs[1];
+ SECStatus ret;
- slot = PK11_GetInternalKeySlot ();
+ if (!cert->trust)
+ cert->trust = PORT_ZAlloc (sizeof (CERTCertTrust));
- trust = PORT_ZAlloc (sizeof (CERTCertTrust));
- trust->sslFlags = CERTDB_TRUSTED_CA | CERTDB_VALID_CA;
+ cert->trust->sslFlags = CERTDB_VALID_PEER | CERTDB_TRUSTED;
- temp = CERT_NewTempCertificate (CERT_GetDefaultCertDB (), &cert->derCert, NULL, PR_FALSE, PR_TRUE);
+ certs[0] = &cert->derCert;
- CERT_AddTempCertToPerm (temp, nickname, trust);
+ CERT_ImportCerts (CERT_GetDefaultCertDB (), certUsageSSLServer, 1, certs,
+ NULL, TRUE, FALSE, cert->nickname);
- CERT_DestroyCertificate (temp);
- PORT_Free (nickname);
-#endif
return SECSuccess;
}