| changeset 847: | 6d85be38374c |
|---|---|
| parent 846: | 8fc81b820353 |
| child 848: | 72fac8384b7c |
| author: | Simon Horman <horms@verge.net.au> |
| date: | Wed Jul 28 10:28:43 2010 +0900 (2 years ago) |
| files: | perdition/ssl.c |
| description: | ssl: Set session_id This allows session re-negoatiation to work in conjunction with the verification of client certificates. In particular, it allows Thunderbird 3.1 to connect to perdition using TLS. An alternate work-around is to disable all certificate verification using --ssl_no_client_cert_verify or disable client certificate verification using --ssl_no_cert_verify (introduced in 1.19-rc1). This relates to Mozilla Bug #575915 https://bugzilla.mozilla.org/show_bug.cgi?id=575915 Tested-by: John Feuerstein <john@feurix.com> Signed-off-by: Simon Horman <horms@verge.net.au> |
1--- a/perdition/ssl.c Mon Jul 26 15:29:04 2010 +0900 2+++ b/perdition/ssl.c Wed Jul 28 10:28:43 2010 +0900 3@@ -528,6 +528,14 @@ 4 return NULL; 5 } 6 7+ /* Set context for session */ 8+ if (!SSL_CTX_set_session_id_context(ssl_ctx, 9+ (unsigned char *)PACKAGE, 10+ strlen(PACKAGE))) { 11+ VANESSA_LOGGER_DEBUG("SSL_CTX_set_session_id_context"); 12+ goto err; 13+ } 14+ 15 /* 16 * Set the available ciphers 17 */