diff options
| author | Jeffrey Stedfast <fejj@ximian.com> | 2001-10-03 10:55:50 +0800 |
|---|---|---|
| committer | Jeffrey Stedfast <fejj@src.gnome.org> | 2001-10-03 10:55:50 +0800 |
| commit | 27da08a1bf16735d6bece830f6a676013e296b12 (patch) | |
| tree | 67e8cefe5e9f964f0a9f08e1a87250ba899e40c2 | |
| parent | e4281865f9ddef690cf8b20d89f28f1ab307592c (diff) | |
| download | gsoc2013-evolution-27da08a1bf16735d6bece830f6a676013e296b12.tar.gz gsoc2013-evolution-27da08a1bf16735d6bece830f6a676013e296b12.tar.zst gsoc2013-evolution-27da08a1bf16735d6bece830f6a676013e296b12.zip | |
Import the certificate if the user accepts it.
2001-10-02 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-ssl.c (ssl_bad_cert): Import the certificate if
the user accepts it.
svn path=/trunk/; revision=13363
| -rw-r--r-- | camel/ChangeLog | 10 | ||||
| -rw-r--r-- | camel/camel-tcp-stream-ssl.c | 26 |
2 files changed, 16 insertions, 20 deletions
diff --git a/camel/ChangeLog b/camel/ChangeLog index 80adf35e7c..eb71bd7d32 100644 --- a/camel/ChangeLog +++ b/camel/ChangeLog @@ -1,11 +1,17 @@ +2001-10-02 Jeffrey Stedfast <fejj@ximian.com> + + * camel-tcp-stream-ssl.c (ssl_bad_cert): Import the certificate if + the user accepts it. + 2001-10-02 <NotZed@Ximian.com> * providers/local/camel-local-provider.c (local_url_hash, local_url_equal): for hashing/comparing local url's, we ignore trailing /'s in paths (maybe shuld handle multiple /'s too). - (camel_provider_module_init): Use local_url_hash/equal for all functions. + (camel_provider_module_init): Use local_url_hash/equal for all + functions. - * camel-sasl-digest-md5.c (digest_response): Change to + * camel-sasl-digest-md5.c (digest_response): Change to camel_charset_iconv_open/close. * camel-pgp-context.c (pgp_verify): Change to diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c index c5d1766ca8..83a468b281 100644 --- a/camel/camel-tcp-stream-ssl.c +++ b/camel/camel-tcp-stream-ssl.c @@ -375,29 +375,19 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd) g_free (prompt); if (accept) { -#if 0 - /* this code would work, except guess what? mozilla - again changed api - these are all deprecated - functions again. */ - CERTCertificate *temp; - CERTCertTrust *trust; - PK11SlotInfo *slot; - char *nickname; - - nickname = CERT_MakeCANickname (cert); + SECItem *certs[1]; + SECStatus ret; - slot = PK11_GetInternalKeySlot (); + if (!cert->trust) + cert->trust = PORT_ZAlloc (sizeof (CERTCertTrust)); - trust = PORT_ZAlloc (sizeof (CERTCertTrust)); - trust->sslFlags = CERTDB_TRUSTED_CA | CERTDB_VALID_CA; + cert->trust->sslFlags = CERTDB_VALID_PEER | CERTDB_TRUSTED; - temp = CERT_NewTempCertificate (CERT_GetDefaultCertDB (), &cert->derCert, NULL, PR_FALSE, PR_TRUE); + certs[0] = &cert->derCert; - CERT_AddTempCertToPerm (temp, nickname, trust); + CERT_ImportCerts (CERT_GetDefaultCertDB (), certUsageSSLServer, 1, certs, + NULL, TRUE, FALSE, cert->nickname); - CERT_DestroyCertificate (temp); - PORT_Free (nickname); -#endif return SECSuccess; } |