diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2015-09-16 16:49:00 +0200 | 
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2015-09-16 16:50:31 +0200 | 
| commit | 0e1e8e06debc4d7b00670eaa981ca5b382d90591 (patch) | |
| tree | 66fe976371bdec5a014e14ab954a44fe20256cab | |
| parent | 40864537f86e31e037a1232f015a06e9d73bf1e6 (diff) | |
Set X.509 certificate purpose to 'SSL Server' for SSL_verify=YES.
| -rw-r--r-- | Changelog | 1 | ||||
| -rw-r--r-- | lib/Net/IMAP/InterIMAP.pm | 2 | 
2 files changed, 3 insertions, 0 deletions
| @@ -25,6 +25,7 @@ interimap (0.2) upstream;    * Don't set SO_KEEPALIVE on the socket.  This is most likely useless      in our case since the TCP keepalive time is usually much higher than      the IMAP timeout. +  * Set X.509 certificate purpose to 'SSL Server' for SSL_verify=YES.   -- Guilhem Moulin <guilhem@guilhem.org>  Wed, 09 Sep 2015 00:44:35 +0200 diff --git a/lib/Net/IMAP/InterIMAP.pm b/lib/Net/IMAP/InterIMAP.pm index a0be91e..53fddec 100644 --- a/lib/Net/IMAP/InterIMAP.pm +++ b/lib/Net/IMAP/InterIMAP.pm @@ -1398,6 +1398,8 @@ sub _start_ssl($$) {                  or $self->_ssl_error("Can't load verify locations");          }          Net::SSLeay::CTX_set_verify($ctx, Net::SSLeay::VERIFY_PEER()); +        Net::SSLeay::CTX_set_purpose($ctx, Net::SSLeay::X509_PURPOSE_SSL_SERVER()) +                or $self->_ssl_error("Can't set purpose");      }      else {          Net::SSLeay::CTX_set_verify($ctx, Net::SSLeay::VERIFY_NONE()); | 
