Commit edf71d1d authored by Brendan Cully's avatar Brendan Cully

Basic support for $ssl_client_cert when compiled with gnutls.

The key must not be encrypted. Closes #2911.
parent 320b4b15
2008-06-26 12:47 -0700 Brendan Cully <[email protected]> (be7e07963099) 2008-06-27 12:04 -0700 Petr Písař <[email protected]> (40c6e851bf76)
* po/cs.po: Updated Czech translation.
2008-06-26 12:52 -0700 Brendan Cully <[email protected]> (c5256c65eedb)
* handler.c: Mark new error message for translation.
* curs_lib.c: Force a resize event after calling an external editor. * curs_lib.c: Force a resize event after calling an external editor.
Closes #2207 Closes #2207
......
...@@ -6,6 +6,7 @@ The keys used are: ...@@ -6,6 +6,7 @@ The keys used are:
hg tip: hg tip:
+ $ssl_client_cert available with gnutls as well as openssl
+ 'mime_lookup application/octet-stream' added to system Muttrc + 'mime_lookup application/octet-stream' added to system Muttrc
1.5.18 (2008-05-17): 1.5.18 (2008-05-17):
......
...@@ -127,18 +127,16 @@ WHERE char *Spoolfile; ...@@ -127,18 +127,16 @@ WHERE char *Spoolfile;
WHERE char *SpamSep; WHERE char *SpamSep;
#if defined(USE_SSL) #if defined(USE_SSL)
WHERE char *SslCertFile INITVAL (NULL); WHERE char *SslCertFile INITVAL (NULL);
#endif
#ifdef USE_SSL_OPENSSL
WHERE char *SslClientCert INITVAL (NULL); WHERE char *SslClientCert INITVAL (NULL);
#ifdef USE_SSL_OPENSSL
WHERE LIST *SslSessionCerts INITVAL (NULL); WHERE LIST *SslSessionCerts INITVAL (NULL);
#endif #endif
#if defined(USE_SSL)
WHERE char *SslEntropyFile INITVAL (NULL); WHERE char *SslEntropyFile INITVAL (NULL);
#endif
#ifdef USE_SSL_GNUTLS #ifdef USE_SSL_GNUTLS
WHERE short SslDHPrimeBits; WHERE short SslDHPrimeBits;
WHERE char *SslCACertFile INITVAL (NULL); WHERE char *SslCACertFile INITVAL (NULL);
#endif #endif
#endif
WHERE char *StChars; WHERE char *StChars;
WHERE char *Status; WHERE char *Status;
WHERE char *Tempdir; WHERE char *Tempdir;
......
...@@ -1995,14 +1995,12 @@ struct option_t MuttVars[] = { ...@@ -1995,14 +1995,12 @@ struct option_t MuttVars[] = {
*/ */
#if defined(USE_SSL) #if defined(USE_SSL)
#ifdef USE_SSL_OPENSSL
{ "ssl_client_cert", DT_PATH, R_NONE, UL &SslClientCert, 0 }, { "ssl_client_cert", DT_PATH, R_NONE, UL &SslClientCert, 0 },
/* /*
** .pp ** .pp
** The file containing a client certificate and its associated private ** The file containing a client certificate and its associated private
** key. ** key.
*/ */
#endif /* USE_SSL_OPENSSL */
{ "ssl_force_tls", DT_BOOL, R_NONE, OPTSSLFORCETLS, 0 }, { "ssl_force_tls", DT_BOOL, R_NONE, OPTSSLFORCETLS, 0 },
/* /*
** .pp ** .pp
......
...@@ -384,6 +384,9 @@ static int mutt_sasl_cb_authname (void* context, int id, const char** result, ...@@ -384,6 +384,9 @@ static int mutt_sasl_cb_authname (void* context, int id, const char** result,
{ {
ACCOUNT* account = (ACCOUNT*) context; ACCOUNT* account = (ACCOUNT*) context;
if (!result)
return SASL_FAIL;
*result = NULL; *result = NULL;
if (len) if (len)
*len = 0; *len = 0;
......
...@@ -199,10 +199,12 @@ static int tls_negotiate (CONNECTION * conn) ...@@ -199,10 +199,12 @@ static int tls_negotiate (CONNECTION * conn)
GNUTLS_X509_FMT_PEM); GNUTLS_X509_FMT_PEM);
} }
/* if (SslClientCert)
gnutls_set_x509_client_key (data->xcred, "", ""); {
gnutls_set_x509_cert_callback (data->xcred, cert_callback); dprint (2, (debugfile, "Using client certificate %s\n", SslClientCert));
*/ gnutls_certificate_set_x509_key_file (data->xcred, SslClientCert,
SslClientCert, GNUTLS_X509_FMT_PEM);
}
gnutls_init(&data->state, GNUTLS_CLIENT); gnutls_init(&data->state, GNUTLS_CLIENT);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment