diff options
Diffstat (limited to 'camel/camel-tcp-stream-ssl.c')
-rw-r--r-- | camel/camel-tcp-stream-ssl.c | 26 |
1 files changed, 8 insertions, 18 deletions
diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c index c5d1766ca8..83a468b281 100644 --- a/camel/camel-tcp-stream-ssl.c +++ b/camel/camel-tcp-stream-ssl.c @@ -375,29 +375,19 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd) g_free (prompt); if (accept) { -#if 0 - /* this code would work, except guess what? mozilla - again changed api - these are all deprecated - functions again. */ - CERTCertificate *temp; - CERTCertTrust *trust; - PK11SlotInfo *slot; - char *nickname; - - nickname = CERT_MakeCANickname (cert); + SECItem *certs[1]; + SECStatus ret; - slot = PK11_GetInternalKeySlot (); + if (!cert->trust) + cert->trust = PORT_ZAlloc (sizeof (CERTCertTrust)); - trust = PORT_ZAlloc (sizeof (CERTCertTrust)); - trust->sslFlags = CERTDB_TRUSTED_CA | CERTDB_VALID_CA; + cert->trust->sslFlags = CERTDB_VALID_PEER | CERTDB_TRUSTED; - temp = CERT_NewTempCertificate (CERT_GetDefaultCertDB (), &cert->derCert, NULL, PR_FALSE, PR_TRUE); + certs[0] = &cert->derCert; - CERT_AddTempCertToPerm (temp, nickname, trust); + CERT_ImportCerts (CERT_GetDefaultCertDB (), certUsageSSLServer, 1, certs, + NULL, TRUE, FALSE, cert->nickname); - CERT_DestroyCertificate (temp); - PORT_Free (nickname); -#endif return SECSuccess; } |