From 27da08a1bf16735d6bece830f6a676013e296b12 Mon Sep 17 00:00:00 2001 From: Jeffrey Stedfast Date: Wed, 3 Oct 2001 02:55:50 +0000 Subject: Import the certificate if the user accepts it. 2001-10-02 Jeffrey Stedfast * camel-tcp-stream-ssl.c (ssl_bad_cert): Import the certificate if the user accepts it. svn path=/trunk/; revision=13363 --- camel/ChangeLog | 10 ++++++++-- camel/camel-tcp-stream-ssl.c | 26 ++++++++------------------ 2 files changed, 16 insertions(+), 20 deletions(-) (limited to 'camel') diff --git a/camel/ChangeLog b/camel/ChangeLog index 80adf35e7c..eb71bd7d32 100644 --- a/camel/ChangeLog +++ b/camel/ChangeLog @@ -1,11 +1,17 @@ +2001-10-02 Jeffrey Stedfast + + * camel-tcp-stream-ssl.c (ssl_bad_cert): Import the certificate if + the user accepts it. + 2001-10-02 * providers/local/camel-local-provider.c (local_url_hash, local_url_equal): for hashing/comparing local url's, we ignore trailing /'s in paths (maybe shuld handle multiple /'s too). - (camel_provider_module_init): Use local_url_hash/equal for all functions. + (camel_provider_module_init): Use local_url_hash/equal for all + functions. - * camel-sasl-digest-md5.c (digest_response): Change to + * camel-sasl-digest-md5.c (digest_response): Change to camel_charset_iconv_open/close. * camel-pgp-context.c (pgp_verify): Change to diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c index c5d1766ca8..83a468b281 100644 --- a/camel/camel-tcp-stream-ssl.c +++ b/camel/camel-tcp-stream-ssl.c @@ -375,29 +375,19 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd) g_free (prompt); if (accept) { -#if 0 - /* this code would work, except guess what? mozilla - again changed api - these are all deprecated - functions again. */ - CERTCertificate *temp; - CERTCertTrust *trust; - PK11SlotInfo *slot; - char *nickname; - - nickname = CERT_MakeCANickname (cert); + SECItem *certs[1]; + SECStatus ret; - slot = PK11_GetInternalKeySlot (); + if (!cert->trust) + cert->trust = PORT_ZAlloc (sizeof (CERTCertTrust)); - trust = PORT_ZAlloc (sizeof (CERTCertTrust)); - trust->sslFlags = CERTDB_TRUSTED_CA | CERTDB_VALID_CA; + cert->trust->sslFlags = CERTDB_VALID_PEER | CERTDB_TRUSTED; - temp = CERT_NewTempCertificate (CERT_GetDefaultCertDB (), &cert->derCert, NULL, PR_FALSE, PR_TRUE); + certs[0] = &cert->derCert; - CERT_AddTempCertToPerm (temp, nickname, trust); + CERT_ImportCerts (CERT_GetDefaultCertDB (), certUsageSSLServer, 1, certs, + NULL, TRUE, FALSE, cert->nickname); - CERT_DestroyCertificate (temp); - PORT_Free (nickname); -#endif return SECSuccess; } -- cgit v1.2.3