From 3948bb44ff30ebda9837480c42de7f0d384e4cb9 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Fri, 7 Mar 2008 13:16:58 +0000
Subject: Merge Daniel Richard G.'s --sslcommonname option. Exception from
 no-features policy on 6.3.X is made to keep people away from doing more
 dangerous things in order to get rid of CommonName mismatch warnings.

svn path=/branches/BRANCH_6-3/; revision=5165
---
 driver.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'driver.c')

diff --git a/driver.c b/driver.c
index d93c01c2..de078871 100644
--- a/driver.c
+++ b/driver.c
@@ -1088,10 +1088,12 @@ static int do_session(
 	set_timeout(mytimeout);
 
 	/* perform initial SSL handshake on open connection */
-	/* Note:  We pass the realhost name over for certificate
-		verification.  We may want to make this configurable */
-	if (ctl->use_ssl && SSLOpen(mailserver_socket,ctl->sslcert,ctl->sslkey,ctl->sslproto,ctl->sslcertck,
-	    ctl->sslcertpath,ctl->sslfingerprint,realhost,ctl->server.pollname,&ctl->remotename) == -1) 
+	if (ctl->use_ssl &&
+		SSLOpen(mailserver_socket, ctl->sslcert, ctl->sslkey,
+		    ctl->sslproto, ctl->sslcertck, ctl->sslcertpath,
+		    ctl->sslfingerprint, ctl->sslcommonname ?
+		    ctl->sslcommonname : realhost, ctl->server.pollname,
+		    &ctl->remotename) == -1)
 	{
 	    report(stderr, GT_("SSL connection failed.\n"));
 	    err = PS_SOCKET;
-- 
cgit v1.2.3