Blame SOURCES/mutt-1.5.21-testcert.patch
|
 |
e35c5e |
diff -up mutt-1.5.21/mutt_ssl_gnutls.c.old mutt-1.5.21/mutt_ssl_gnutls.c
|
|
|
e35c5e |
--- mutt-1.5.21/mutt_ssl_gnutls.c.old 2011-03-23 11:46:28.760386765 +0100
|
|
|
e35c5e |
+++ mutt-1.5.21/mutt_ssl_gnutls.c 2011-03-23 14:34:45.839456449 +0100
|
|
|
e35c5e |
@@ -978,6 +978,7 @@ static int tls_check_certificate (CONNEC
|
|
|
e35c5e |
unsigned int cert_list_size = 0;
|
|
|
e35c5e |
gnutls_certificate_status certstat;
|
|
|
e35c5e |
int certerr, i, preauthrc, savedcert, rc = 0;
|
|
|
e35c5e |
+ int rcpeer;
|
|
|
e35c5e |
|
|
|
e35c5e |
if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE)
|
|
|
e35c5e |
{
|
|
|
e35c5e |
@@ -1003,6 +1004,9 @@ static int tls_check_certificate (CONNEC
|
|
|
e35c5e |
for (i = 0; i < cert_list_size; i++) {
|
|
|
e35c5e |
rc = tls_check_preauth(&cert_list[i], certstat, conn->account.host, i,
|
|
|
e35c5e |
&certerr, &savedcert);
|
|
|
e35c5e |
+ if (i == 0)
|
|
|
e35c5e |
+ rcpeer = rc;
|
|
|
e35c5e |
+
|
|
|
e35c5e |
preauthrc += rc;
|
|
|
e35c5e |
|
|
|
e35c5e |
if (savedcert)
|
|
|
e35c5e |
@@ -1028,7 +1032,7 @@ static int tls_check_certificate (CONNEC
|
|
|
e35c5e |
dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rc));
|
|
|
e35c5e |
|
|
|
e35c5e |
certstat = tls_verify_peers (state);
|
|
|
e35c5e |
- if (!certstat)
|
|
|
e35c5e |
+ if (!certstat && !rcpeer)
|
|
|
e35c5e |
return 1;
|
|
|
e35c5e |
}
|
|
|
e35c5e |
}
|