From 6d2344f5b8befb95acf44c1393d9e3e3d6211de8 Mon Sep 17 00:00:00 2001 From: Brendan Cully Date: Sat, 28 Jun 2008 18:44:10 -0700 Subject: [PATCH] Basic support for $ssl_client_cert when compiled with gnutls. The key must not be encrypted. Closes #2911. --- ChangeLog | 8 +++++++- UPDATING | 1 + globals.h | 6 ++---- init.h | 2 -- mutt_sasl.c | 3 +++ mutt_ssl_gnutls.c | 10 ++++++---- 6 files changed, 19 insertions(+), 11 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5ba564465..db479e42c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,10 @@ -2008-06-26 12:47 -0700 Brendan Cully (be7e07963099) +2008-06-27 12:04 -0700 Petr Písař (40c6e851bf76) + + * po/cs.po: Updated Czech translation. + +2008-06-26 12:52 -0700 Brendan Cully (c5256c65eedb) + + * handler.c: Mark new error message for translation. * curs_lib.c: Force a resize event after calling an external editor. Closes #2207 diff --git a/UPDATING b/UPDATING index 480ad7922..0da8c21c5 100644 --- a/UPDATING +++ b/UPDATING @@ -6,6 +6,7 @@ The keys used are: hg tip: + + $ssl_client_cert available with gnutls as well as openssl + 'mime_lookup application/octet-stream' added to system Muttrc 1.5.18 (2008-05-17): diff --git a/globals.h b/globals.h index 258827058..efecd8cf5 100644 --- a/globals.h +++ b/globals.h @@ -127,18 +127,16 @@ WHERE char *Spoolfile; WHERE char *SpamSep; #if defined(USE_SSL) WHERE char *SslCertFile INITVAL (NULL); -#endif -#ifdef USE_SSL_OPENSSL WHERE char *SslClientCert INITVAL (NULL); +#ifdef USE_SSL_OPENSSL WHERE LIST *SslSessionCerts INITVAL (NULL); #endif -#if defined(USE_SSL) WHERE char *SslEntropyFile INITVAL (NULL); -#endif #ifdef USE_SSL_GNUTLS WHERE short SslDHPrimeBits; WHERE char *SslCACertFile INITVAL (NULL); #endif +#endif WHERE char *StChars; WHERE char *Status; WHERE char *Tempdir; diff --git a/init.h b/init.h index de1ef0bff..5f5b4fd4e 100644 --- a/init.h +++ b/init.h @@ -1995,14 +1995,12 @@ struct option_t MuttVars[] = { */ #if defined(USE_SSL) -#ifdef USE_SSL_OPENSSL { "ssl_client_cert", DT_PATH, R_NONE, UL &SslClientCert, 0 }, /* ** .pp ** The file containing a client certificate and its associated private ** key. */ -#endif /* USE_SSL_OPENSSL */ { "ssl_force_tls", DT_BOOL, R_NONE, OPTSSLFORCETLS, 0 }, /* ** .pp diff --git a/mutt_sasl.c b/mutt_sasl.c index a7d748854..c85b769e4 100644 --- a/mutt_sasl.c +++ b/mutt_sasl.c @@ -384,6 +384,9 @@ static int mutt_sasl_cb_authname (void* context, int id, const char** result, { ACCOUNT* account = (ACCOUNT*) context; + if (!result) + return SASL_FAIL; + *result = NULL; if (len) *len = 0; diff --git a/mutt_ssl_gnutls.c b/mutt_ssl_gnutls.c index f537f8fde..bf70753ae 100644 --- a/mutt_ssl_gnutls.c +++ b/mutt_ssl_gnutls.c @@ -199,10 +199,12 @@ static int tls_negotiate (CONNECTION * conn) GNUTLS_X509_FMT_PEM); } -/* - gnutls_set_x509_client_key (data->xcred, "", ""); - gnutls_set_x509_cert_callback (data->xcred, cert_callback); -*/ + if (SslClientCert) + { + dprint (2, (debugfile, "Using client certificate %s\n", SslClientCert)); + gnutls_certificate_set_x509_key_file (data->xcred, SslClientCert, + SslClientCert, GNUTLS_X509_FMT_PEM); + } gnutls_init(&data->state, GNUTLS_CLIENT); -- 2.40.0