aboutsummaryrefslogtreecommitdiffstats
path: root/camel/camel-tcp-stream-ssl.c
diff options
context:
space:
mode:
Diffstat (limited to 'camel/camel-tcp-stream-ssl.c')
-rw-r--r--camel/camel-tcp-stream-ssl.c55
1 files changed, 0 insertions, 55 deletions
diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c
index 9b467b3463..7f914c8734 100644
--- a/camel/camel-tcp-stream-ssl.c
+++ b/camel/camel-tcp-stream-ssl.c
@@ -426,53 +426,6 @@ ssl_auth_cert (void *data, PRFileDesc *sockfd, PRBool checksig, PRBool is_server
}
#endif
-static void
-save_ssl_cert (const char *certid)
-{
- char *path, *filename;
- struct stat st;
- int fd;
-
- path = g_strdup_printf ("%s/.camel_certs", getenv ("HOME"));
- if (mkdir (path, 0700) == -1) {
- if (errno != EEXIST)
- return;
-
- if (stat (path, &st) == -1)
- return;
-
- if (!S_ISDIR (st.st_mode))
- return;
- }
-
- filename = g_strdup_printf ("%s/%s", path, certid);
- g_free (path);
-
- fd = open (filename, O_WRONLY | O_CREAT, 0600);
- if (fd != -1)
- close (fd);
-
- g_free (filename);
-}
-
-static gboolean
-ssl_cert_is_saved (const char *certid)
-{
- char *filename;
- struct stat st;
-
- filename = g_strdup_printf ("%s/.camel_certs/%s", getenv ("HOME"), certid);
-
- if (stat (filename, &st) == -1) {
- g_free (filename);
- return FALSE;
- }
-
- g_free (filename);
-
- return st.st_uid == getuid ();
-}
-
static SECStatus
ssl_bad_cert (void *data, PRFileDesc *sockfd)
{
@@ -490,10 +443,6 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd)
ssl = CAMEL_TCP_STREAM_SSL (data);
service = ssl->priv->service;
- /* this is part of a work-around hack */
- if (ssl_cert_is_saved (ssl->priv->expected_host))
- return SECSuccess;
-
cert = SSL_PeerCertificate (sockfd);
/* calculate the MD5 hash of the raw certificate */
@@ -546,10 +495,6 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd)
CERT_ImportCerts (CERT_GetDefaultCertDB (), certUsageSSLServer, 1, certs,
NULL, TRUE, FALSE, cert->nickname);
-
- /* and since the above code doesn't seem to
- work... time for a good ol' fashioned hack */
- save_ssl_cert (ssl->priv->expected_host);
#endif
return SECSuccess;
}