SSL fields for CA cert file and private key password

diff --git a/dovecot/CHANGELOG b/dovecot/CHANGELOG
index a73124b..1598a3b 100644 (file)
--- a/dovecot/CHANGELOG
+++ b/dovecot/CHANGELOG
@@ -15,3 +15,5 @@ Supported newer versions of Dovecot which use mail_location instead of default_m
 ---- Changes since 1.410 ----
 The locking methods for mailboxes and index files can be configured on the Mail Files page.
 Added fields for setting the index and control files locations.
+---- Changes since 1.430 ----
+Added fields to the SSL page for an optional CA certificate file and private key password.

diff --git a/dovecot/dovecot-lib.pl b/dovecot/dovecot-lib.pl
index b9d536b..ca8e750 100644 (file)
--- a/dovecot/dovecot-lib.pl
+++ b/dovecot/dovecot-lib.pl
@@ -302,13 +302,11 @@ if (defined($def)) {
        if (defined($map)) {
                return "$text{'default'} ($map->[1])";
                }
-       else {
+       elsif ($def) {
                return "$text{'default'} ($def)";
                }
        }
-else {
-       return $text{'default'};
-       }
+return $text{'default'};
 }
 
 # get_dovecot_version()

diff --git a/dovecot/edit_ssl.cgi b/dovecot/edit_ssl.cgi
index 74bba66..8c42ebf 100755 (executable)
--- a/dovecot/edit_ssl.cgi
+++ b/dovecot/edit_ssl.cgi
@@ -19,6 +19,19 @@ print &ui_table_row($text{'ssl_key'},
            &ui_opt_textbox("key", $key, 40, &getdef("ssl_key_file")), 3,
            [ undef, "nowrap" ]);
 
+# SSL key password
+$pass = &find_value("ssl_key_password", $conf);
+print &ui_table_row($text{'ssl_pass'},
+           &ui_opt_textbox("pass", $pass, 20, $text{'ssl_prompt'}), 3,
+           [ undef, "nowrap" ]);
+
+# SSL CA file
+$ca = &find_value("ssl_ca_file", $conf);
+print &ui_table_row($text{'ssl_ca'},
+           &ui_opt_textbox("ca", $ca, 40,
+               &getdef("ssl_ca_file", [ [ "", $text{'ssl_none'} ] ])), 3,
+           [ undef, "nowrap" ]);
+
 # Parameter regen time
 $regen = &find_value("ssl_parameters_regenerate", $conf);
 print &ui_table_row($text{'ssl_regen'},

diff --git a/dovecot/lang/en b/dovecot/lang/en
index 6013b82..ff5fc76 100644 (file)
--- a/dovecot/lang/en
+++ b/dovecot/lang/en
@@ -52,6 +52,9 @@ ssl_title=SSL Configuration
 ssl_header=IMAP and POP3 SSL mode options
 ssl_key=SSL private key file
 ssl_cert=SSL certificate file
+ssl_ca=SSL CA certificate file
+ssl_pass=Password for key file
+ssl_prompt=None needed
 ssl_regen=Interval between SSL parameter regeneration
 ssl_hours=hours
 ssl_none=None
@@ -59,7 +62,9 @@ ssl_plain=Disallow plaintext authentication in non-SSL mode?
 ssl_err=Failed to save SSL configuration
 ssl_ekey=Missing or non-existant private key file
 ssl_ecert=Missing or non-existant certificate file
+ssl_eca=Missing or non-existant CA certificate file
 ssl_eregen=Missing or non-numeric parameter regeneration interval
+ssl_epass=No SSL key file password entered
 
 misc_title=Other Options
 

diff --git a/dovecot/save_ssl.cgi b/dovecot/save_ssl.cgi
index ff45059..1d324ac 100755 (executable)
--- a/dovecot/save_ssl.cgi
+++ b/dovecot/save_ssl.cgi
@@ -7,11 +7,21 @@ require './dovecot-lib.pl';
 &lock_file($config{'dovecot_config'});
 $conf = &get_config();
 
+# Save SSL cert and key
 $in{'cert_def'} || -r $in{'cert'} || &error($text{'ssl_ecert'});
 $in{'key_def'} || -r $in{'key'} || &error($text{'ssl_ekey'});
 &save_directive($conf, "ssl_cert_file", $in{'cert_def'} ? undef : $in{'cert'});
 &save_directive($conf, "ssl_key_file", $in{'key_def'} ? undef : $in{'key'});
 
+# Save SSL CA cert
+$in{'ca_def'} || -r $in{'ca'} || &error($text{'ssl_eca'});
+&save_directive($conf, "ssl_ca_file", $in{'ca_def'} ? undef : $in{'ca'});
+
+# Save SSL key password
+$in{'pass_def'} || $in{'pass'} =~ /\S/ || &error($text{'ssl_epass'});
+&save_directive($conf, "ssl_key_password",
+               $in{'pass_def'} ? undef : $in{'pass'});
+
 $in{'regen_def'} || $in{'regen'} =~ /^\d+$/ || &error($text{'ssl_eregen'});
 &save_directive($conf, "ssl_parameters_regenerate",
                $in{'regen_def'} ? undef : $in{'regen'});