Basic support for $ssl_client_cert when compiled with gnutls.

The key must not be encrypted. Closes #2911.

diff --git a/ChangeLog b/ChangeLog
index 5ba5644650f7b5cafc8e51025bbc49e881cfee05..db479e42c23e1ed9fc62e26cf33e44c4c563db85 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,10 @@
-2008-06-26 12:47 -0700  Brendan Cully  <brendan@kublai.com>  (be7e07963099)
+2008-06-27 12:04 -0700  Petr Písař  <petr.pisar@atlas.cz>  (40c6e851bf76)
+
+       * po/cs.po: Updated Czech translation.
+
+2008-06-26 12:52 -0700  Brendan Cully  <brendan@kublai.com>  (c5256c65eedb)
+
+       * handler.c: Mark new error message for translation.
 
        * curs_lib.c: Force a resize event after calling an external editor.
        Closes #2207

diff --git a/UPDATING b/UPDATING
index 480ad79225f238dcde5f86e8c2667d74c7d197b0..0da8c21c5b82aafc73b03440e95fea5469f5553a 100644 (file)
--- a/UPDATING
+++ b/UPDATING
@@ -6,6 +6,7 @@ The keys used are:
 
 hg tip:
 
+  + $ssl_client_cert available with gnutls as well as openssl
   + 'mime_lookup application/octet-stream' added to system Muttrc
 
 1.5.18 (2008-05-17):

diff --git a/globals.h b/globals.h
index 2588270580bfb851fbb5ef2838c522c7b7e49bb5..efecd8cf58aa13315c160847f9c32ac9283b2d5a 100644 (file)
--- a/globals.h
+++ b/globals.h
@@ -127,18 +127,16 @@ WHERE char *Spoolfile;
 WHERE char *SpamSep;
 #if defined(USE_SSL)
 WHERE char *SslCertFile INITVAL (NULL);
-#endif
-#ifdef USE_SSL_OPENSSL
 WHERE char *SslClientCert INITVAL (NULL);
+#ifdef USE_SSL_OPENSSL
 WHERE LIST *SslSessionCerts INITVAL (NULL);
 #endif
-#if defined(USE_SSL)
 WHERE char *SslEntropyFile INITVAL (NULL);
-#endif
 #ifdef USE_SSL_GNUTLS
 WHERE short SslDHPrimeBits;
 WHERE char *SslCACertFile INITVAL (NULL);
 #endif
+#endif
 WHERE char *StChars;
 WHERE char *Status;
 WHERE char *Tempdir;

diff --git a/init.h b/init.h
index de1ef0bffce7de717bf24ac6ad8f2ef4b7946094..5f5b4fd4e6d157360a8b70d6fa58e910102ea1bd 100644 (file)
--- a/init.h
+++ b/init.h
@@ -1995,14 +1995,12 @@ struct option_t MuttVars[] = {
   */
   
 #if defined(USE_SSL)
-#ifdef USE_SSL_OPENSSL
   { "ssl_client_cert", DT_PATH, R_NONE, UL &SslClientCert, 0 },
   /*
   ** .pp
   ** The file containing a client certificate and its associated private
   ** key.
   */
-#endif /* USE_SSL_OPENSSL */
   { "ssl_force_tls",           DT_BOOL, R_NONE, OPTSSLFORCETLS, 0 },
   /*
    ** .pp

diff --git a/mutt_sasl.c b/mutt_sasl.c
index a7d7488548d7b7c052d235a8a668558e6594626c..c85b769e4b986aa4ca7c45ff709df1a1ab8c2192 100644 (file)
--- a/mutt_sasl.c
+++ b/mutt_sasl.c
@@ -384,6 +384,9 @@ static int mutt_sasl_cb_authname (void* context, int id, const char** result,
 {
   ACCOUNT* account = (ACCOUNT*) context;
 
+  if (!result)
+    return SASL_FAIL;
+
   *result = NULL;
   if (len)
     *len = 0;

diff --git a/mutt_ssl_gnutls.c b/mutt_ssl_gnutls.c
index f537f8fde920a09cac326e0b97a52052189d539b..bf70753ae8a6a7339028d0590648b654c84102c9 100644 (file)
--- a/mutt_ssl_gnutls.c
+++ b/mutt_ssl_gnutls.c
@@ -199,10 +199,12 @@ static int tls_negotiate (CONNECTION * conn)
                                             GNUTLS_X509_FMT_PEM);
   }
 
-/*
-  gnutls_set_x509_client_key (data->xcred, "", "");
-  gnutls_set_x509_cert_callback (data->xcred, cert_callback);
-*/
+  if (SslClientCert)
+  {
+    dprint (2, (debugfile, "Using client certificate %s\n", SslClientCert));
+    gnutls_certificate_set_x509_key_file (data->xcred, SslClientCert,
+                                          SslClientCert, GNUTLS_X509_FMT_PEM);
+  }
 
   gnutls_init(&data->state, GNUTLS_CLIENT);