Bug#466676: ejabberd: Add support for sending certificate chain (EJAB-209)

Wed, 20 Feb 2008 02:36:49 -0800 

Package: ejabberd
Version: 1.1.4-5
Severity: normal
Tags: patch

Please add changes described in
https://support.process-one.net/browse/EJAB-209


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages ejabberd depends on:
ii  adduser                3.105             add and remove users and groups
ii  debconf [debconf-2.0]  1.5.19            Debian configuration management sy
ii  erlang-base [erlang-ab 1:12.b.1-dfsg-1   Concurrent, real-time, distributed
ii  erlang-nox             1:12.b.1-dfsg-1   Concurrent, real-time, distributed
ii  libc6                  2.7-8             GNU C Library: Shared libraries
ii  libexpat1              1.95.8-4          XML parsing C library - runtime li
ii  libssl0.9.8            0.9.8g-7          SSL shared libraries
ii  openssl                0.9.8g-7          Secure Socket Layer (SSL) binary a
ii  ucf                    3.004             Update Configuration File: preserv
ii  zlib1g                 1:1.2.3.3.dfsg-11 compression library - runtime

ejabberd recommends no packages.

-- debconf information excluded

Index: ejabberd-1.1.4/src/tls/tls_drv.c
===================================================================
--- ejabberd-1.1.4.orig/src/tls/tls_drv.c       2008-02-20 13:28:24.000000000 
+0300
+++ ejabberd-1.1.4/src/tls/tls_drv.c    2008-02-20 13:28:53.000000000 +0300
@@ -108,8 +108,8 @@
         d->ctx = SSL_CTX_new(SSLv23_method());
         die_unless(d->ctx, "SSL_CTX_new failed");
 
-        res = SSL_CTX_use_certificate_file(d->ctx, buf, SSL_FILETYPE_PEM);
-        die_unless(res > 0, "SSL_CTX_use_certificate_file failed");
+        res = SSL_CTX_use_certificate_chain(d->ctx, buf);
+        die_unless(res > 0, "SSL_CTX_use_certificate_chain failed");
 
         res = SSL_CTX_use_PrivateKey_file(d->ctx, buf, SSL_FILETYPE_PEM);
         die_unless(res > 0, "SSL_CTX_use_PrivateKey_file failed");

Reply via email to