From 27da08a1bf16735d6bece830f6a676013e296b12 Mon Sep 17 00:00:00 2001 From: Jeffrey Stedfast Date: Wed, 3 Oct 2001 02:55:50 +0000 Subject: Import the certificate if the user accepts it. 2001-10-02 Jeffrey Stedfast * camel-tcp-stream-ssl.c (ssl_bad_cert): Import the certificate if the user accepts it. svn path=/trunk/; revision=13363 --- camel/camel-tcp-stream-ssl.c | 26 ++++++++------------------ 1 file changed, 8 insertions(+), 18 deletions(-) (limited to 'camel/camel-tcp-stream-ssl.c') diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c index c5d1766ca8..83a468b281 100644 --- a/camel/camel-tcp-stream-ssl.c +++ b/camel/camel-tcp-stream-ssl.c @@ -375,29 +375,19 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd) g_free (prompt); if (accept) { -#if 0 - /* this code would work, except guess what? mozilla - again changed api - these are all deprecated - functions again. */ - CERTCertificate *temp; - CERTCertTrust *trust; - PK11SlotInfo *slot; - char *nickname; - - nickname = CERT_MakeCANickname (cert); + SECItem *certs[1]; + SECStatus ret; - slot = PK11_GetInternalKeySlot (); + if (!cert->trust) + cert->trust = PORT_ZAlloc (sizeof (CERTCertTrust)); - trust = PORT_ZAlloc (sizeof (CERTCertTrust)); - trust->sslFlags = CERTDB_TRUSTED_CA | CERTDB_VALID_CA; + cert->trust->sslFlags = CERTDB_VALID_PEER | CERTDB_TRUSTED; - temp = CERT_NewTempCertificate (CERT_GetDefaultCertDB (), &cert->derCert, NULL, PR_FALSE, PR_TRUE); + certs[0] = &cert->derCert; - CERT_AddTempCertToPerm (temp, nickname, trust); + CERT_ImportCerts (CERT_GetDefaultCertDB (), certUsageSSLServer, 1, certs, + NULL, TRUE, FALSE, cert->nickname); - CERT_DestroyCertificate (temp); - PORT_Free (nickname); -#endif return SECSuccess; } -- cgit v1.2.3