From 11c8f13754f514c34e2136e5a706929955ea2230 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Mon, 18 Dec 2006 23:58:02 +0000 Subject: Fix Debian Bug#400950, certificate CN overrides --user option. Now it's only a default and --user takes precedence. svn path=/branches/BRANCH_6-3/; revision=4994 --- NEWS | 8 +++++++- TODO.txt | 2 -- socket.c | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index 7f865073..f375104f 100644 --- a/NEWS +++ b/NEWS @@ -73,9 +73,15 @@ fetchmail 6.3.6 (not yet released): headers is found while fetchmail's mda option is in use. BerliOS bugs #9364, #9412, #9449. Stack backtrace provided by Neil Hoggarth - thanks. -# BUG FIXES: +# REGRESSION FIXES: * Repair --logfile, broken in 6.3.5. BerliOS Bug #9059, reported by Brian Harring. +* In 6.3.5 (as a side effect of the authenticate external patch), using SSL + certificate/key authentication overrode the --user option. Now the latter + takes precedence, and only defaults to the certificate's common name. + Debian Bug #400950, reported by Jorgen Schaefer . + +# BUG FIXES: * POP3: Probe capabilities when Kerberos V5 is attempted. * RPOP: The password is now shrouded in the local logs. * Robustness: If a stale lockfile cannot be deleted, truncate it to avoid diff --git a/TODO.txt b/TODO.txt index ff06d451..3dcba733 100644 --- a/TODO.txt +++ b/TODO.txt @@ -1,7 +1,5 @@ 6.3.6: - Zak's further minor issues -- Debian Bug #400950: SSL cert CN overrides --user, since - Götz Nimrill's authenticate external patch. 6.3.7: - more SMTP/LMTP error detail on message rejections even outside verbose mode. diff --git a/socket.c b/socket.c index 172c5ee0..db04734d 100644 --- a/socket.c +++ b/socket.c @@ -942,7 +942,7 @@ int SSLOpen(int sock, char *mycert, char *mykey, char *myproto, int certck, char if( !mycert ) mycert = mykey; - if (SSLCertGetCN(mycert, buffer, sizeof(buffer))) { + if ((!*remotename || !**remotename) && SSLCertGetCN(mycert, buffer, sizeof(buffer))) { free(*remotename); *remotename = xstrdup(buffer); } -- cgit v1.2.3