uschar *exp_tls_crl;
uschar *exp_tls_require_ciphers;
uschar *exp_tls_ocsp_file;
-#ifdef EXPERIMENTAL_CERTNAMES
uschar *exp_tls_verify_cert_hostnames;
-#endif
#ifdef EXPERIMENTAL_EVENT
uschar *event_action;
#endif
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL, NULL, NULL, NULL,
-#ifdef EXPERIMENTAL_CERTNAMES
- NULL,
-#endif
+ NULL,
#ifdef EXPERIMENTAL_EVENT
NULL,
#endif
else
{
-#ifdef EXPERIMENTAL_CERTNAMES
if (state->exp_tls_verify_cert_hostnames)
{
int sep = 0;
return TRUE;
}
}
-#endif
state->peer_cert_verified = TRUE;
DEBUG(D_tls) debug_printf("TLS certificate verified: peerdn=\"%s\"\n",
state->peerdn ? state->peerdn : US"<unset>");
-#ifdef EXPERIMENTAL_CERTNAMES
static void
tls_client_setup_hostname_checks(host_item * host, exim_gnutls_state_st * state,
smtp_transport_options_block * ob)
state->exp_tls_verify_cert_hostnames);
}
}
-#endif
/*************************************************
|| verify_check_given_host(&ob->tls_verify_hosts, host) == OK
)
{
-#ifdef EXPERIMENTAL_CERTNAMES
tls_client_setup_hostname_checks(host, state, ob);
-#endif
DEBUG(D_tls)
debug_printf("TLS: server certificate verification required.\n");
state->verify_requirement = VERIFY_REQUIRED;
}
else if (verify_check_given_host(&ob->tls_try_verify_hosts, host) == OK)
{
-#ifdef EXPERIMENTAL_CERTNAMES
tls_client_setup_hostname_checks(host, state, ob);
-#endif
DEBUG(D_tls)
debug_printf("TLS: server certificate verification optional.\n");
state->verify_requirement = VERIFY_OPTIONAL;