The Arch wiki suggests that GMail changes its fingerprint occasionally;
allow using a CA database (likely the system database, which is the
default) instead of manually passing the fingerprint.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
scripts/patchew-importer | 7 ++++++-
scripts/playbooks/deploy-importers.yml | 4 ++++
scripts/playbooks/templates/importer-config.j2 | 2 ++
3 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/scripts/patchew-importer b/scripts/patchew-importer
index 5e80fb5..d9de74f 100755
--- a/scripts/patchew-importer
+++ b/scripts/patchew-importer
@@ -48,12 +48,17 @@ remotehost = $IMAP_SERVER
remoteuser = $IMAP_USER
remotepass = $IMAP_PASS
ssl= yes
-cert_fingerprint = $IMAP_CERT_FINGERPRINT
folderfilter = lambda foldername: foldername in [
$(for x in $IMAP_FOLDERS; do printf "'$x',"; done)
]
EOF
+if test -n "$IMAP_CERT_FINGERPRINT"; then
+ echo "cert_fingerprint = $IMAP_CERT_FINGERPRINT" >>$offlineimap_rc
+elif test -n "$SSL_CACERT_PATH"; then
+ echo "sslcacertfile = $SSL_CACERT_PATH" >> $offlineimap_rc
+fi
+
IMPORTED_DIR=$BASEDIR/imported
mkdir -p $IMPORTED_DIR
diff --git a/scripts/playbooks/deploy-importers.yml b/scripts/playbooks/deploy-importers.yml
index 61e6057..8d362ee 100644
--- a/scripts/playbooks/deploy-importers.yml
+++ b/scripts/playbooks/deploy-importers.yml
@@ -28,6 +28,10 @@
prompt: "IMAP cert fingerprint"
default: ""
private: no
+ - name: "ssl_cacert_path"
+ prompt: "Path to SSL certificate authorities bundle"
+ default: "/etc/pki/tls/certs/ca-bundle.crt"
+ private: no
- name: "imap_folders"
prompt: "IMAP folders to look for patches"
default: "INBOX"
diff --git a/scripts/playbooks/templates/importer-config.j2 b/scripts/playbooks/templates/importer-config.j2
index 20fd2b8..b6bc844 100644
--- a/scripts/playbooks/templates/importer-config.j2
+++ b/scripts/playbooks/templates/importer-config.j2
@@ -8,3 +8,5 @@ IMAP_PASS={{ imap_pass }}
IMAP_CERT_FINGERPRINT={{ imap_cert_fingerprint }}
IMAP_FOLDERS={{ imap_folders }}
IMAP_DELETE_AFTER_IMPORT={{ imap_delete_after_import }}
+
+SSL_CACERT_PATH={{ ssl_cacert_path }}
--
2.14.3
_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel