Moved ssl_client_ca_dir and ssl_crypto_device to mail_storage_settings.

Probably could also be moved to master_service_settings, but that makes
accessing them a bit more tricky with the current code.

diff --git a/src/doveadm/doveadm-settings.c b/src/doveadm/doveadm-settings.c
index eafe43e8286f4e912d36fd2b7e01098ae4c40c8a..b5016061a575f4e8a2408b27d1d6481e492e50cf 100644 (file)
--- a/src/doveadm/doveadm-settings.c
+++ b/src/doveadm/doveadm-settings.c
@@ -65,9 +65,6 @@ static const struct setting_define doveadm_setting_defines[] = {
        DEF(SET_STR, dsync_alt_char),
        DEF(SET_STR, dsync_remote_cmd),
 
-       DEF(SET_STR, ssl_client_ca_dir),
-       DEF(SET_STR, ssl_crypto_device),
-
        { SET_STRLIST, "plugin", offsetof(struct doveadm_settings, plugin_envs), NULL },
 
        SETTING_DEFINE_LIST_END
@@ -86,9 +83,6 @@ const struct doveadm_settings doveadm_default_settings = {
        .dsync_alt_char = "_",
        .dsync_remote_cmd = "ssh -l%{login} %{host} doveadm dsync-server -u%u",
 
-       .ssl_client_ca_dir = "",
-       .ssl_crypto_device = "",
-
        .plugin_envs = ARRAY_INIT
 };
 

diff --git a/src/doveadm/doveadm-settings.h b/src/doveadm/doveadm-settings.h
index ff4f70a4e3e7156eb9ea283e55e17ec10693c905..ee7de6fbcafc0bea8953ef710a98861720ed5e93 100644 (file)
--- a/src/doveadm/doveadm-settings.h
+++ b/src/doveadm/doveadm-settings.h
@@ -14,9 +14,6 @@ struct doveadm_settings {
        const char *dsync_alt_char;
        const char *dsync_remote_cmd;
 
-       const char *ssl_client_ca_dir;
-       const char *ssl_crypto_device;
-
        ARRAY(const char *) plugin_envs;
 };
 

diff --git a/src/doveadm/dsync/doveadm-dsync.c b/src/doveadm/dsync/doveadm-dsync.c
index f4b61a3ecc93ca79ab9c455507632d2b307df102..7e6c7b8d0b629800696ee9675a514c784000b3cb 100644 (file)
--- a/src/doveadm/dsync/doveadm-dsync.c
+++ b/src/doveadm/dsync/doveadm-dsync.c
@@ -551,7 +551,8 @@ static void dsync_connected_callback(enum server_cmd_reply reply, void *context)
        io_loop_stop(current_ioloop);
 }
 
-static int dsync_init_ssl_ctx(struct dsync_cmd_context *ctx)
+static int dsync_init_ssl_ctx(struct dsync_cmd_context *ctx,
+                             const struct mail_storage_settings *mail_set)
 {
        struct ssl_iostream_settings ssl_set;
 
@@ -559,16 +560,18 @@ static int dsync_init_ssl_ctx(struct dsync_cmd_context *ctx)
                return 0;
 
        memset(&ssl_set, 0, sizeof(ssl_set));
-       ssl_set.ca_dir = doveadm_settings->ssl_client_ca_dir;
+       ssl_set.ca_dir = mail_set->ssl_client_ca_dir;
        ssl_set.verify_remote_cert = TRUE;
-       ssl_set.crypto_device = doveadm_settings->ssl_crypto_device;
+       ssl_set.crypto_device = mail_set->ssl_crypto_device;
 
        return ssl_iostream_context_init_client("doveadm", &ssl_set,
                                                &ctx->ssl_ctx);
 }
 
-static int dsync_connect_tcp(struct dsync_cmd_context *ctx, const char *target,
-                            bool ssl, const char **error_r)
+static int
+dsync_connect_tcp(struct dsync_cmd_context *ctx,
+                 const struct mail_storage_settings *mail_set,
+                 const char *target, bool ssl, const char **error_r)
 {
        struct doveadm_server *server;
        struct server_connection *conn;
@@ -578,7 +581,7 @@ static int dsync_connect_tcp(struct dsync_cmd_context *ctx, const char *target,
        server = p_new(ctx->ctx.pool, struct doveadm_server, 1);
        server->name = p_strdup(ctx->ctx.pool, target);
        if (ssl) {
-               if (dsync_init_ssl_ctx(ctx) < 0) {
+               if (dsync_init_ssl_ctx(ctx, mail_set) < 0) {
                        *error_r = "Couldn't initialize SSL context";
                        return -1;
                }
@@ -624,18 +627,22 @@ static int dsync_connect_tcp(struct dsync_cmd_context *ctx, const char *target,
 }
 
 static int
-parse_location(struct dsync_cmd_context *ctx, const char *location,
+parse_location(struct dsync_cmd_context *ctx,
+              const struct mail_storage_settings *mail_set,
+              const char *location,
               const char *const **remote_cmd_args_r, const char **error_r)
 {
        if (strncmp(location, "tcp:", 4) == 0) {
                /* TCP connection to remote dsync */
                ctx->remote_name = location+4;
-               return dsync_connect_tcp(ctx, ctx->remote_name, FALSE, error_r);
+               return dsync_connect_tcp(ctx, mail_set, ctx->remote_name,
+                                        FALSE, error_r);
        }
        if (strncmp(location, "tcps:", 5) == 0) {
                /* TCP+SSL connection to remote dsync */
                ctx->remote_name = location+5;
-               return dsync_connect_tcp(ctx, ctx->remote_name, TRUE, error_r);
+               return dsync_connect_tcp(ctx, mail_set, ctx->remote_name,
+                                        TRUE, error_r);
        }
 
        if (strncmp(location, "remote:", 7) == 0) {
@@ -663,9 +670,11 @@ static int cmd_dsync_prerun(struct doveadm_mail_cmd_context *_ctx,
        struct dsync_cmd_context *ctx = (struct dsync_cmd_context *)_ctx;
        const char *const *remote_cmd_args = NULL;
        const struct mail_user_settings *user_set;
+       const struct mail_storage_settings *mail_set;
        const char *username = "";
 
        user_set = mail_storage_service_user_get_set(service_user)[0];
+       mail_set = mail_storage_service_user_get_mail_set(service_user);
 
        ctx->fd_in = -1;
        ctx->fd_out = -1;
@@ -697,8 +706,8 @@ static int cmd_dsync_prerun(struct doveadm_mail_cmd_context *_ctx,
        }
 
        if (remote_cmd_args == NULL && ctx->local_location != NULL) {
-               if (parse_location(ctx, ctx->local_location, &remote_cmd_args,
-                                  error_r) < 0)
+               if (parse_location(ctx, mail_set, ctx->local_location,
+                                  &remote_cmd_args, error_r) < 0)
                        return -1;
        }
 

diff --git a/src/lib-storage/index/imapc/imapc-settings.c b/src/lib-storage/index/imapc/imapc-settings.c
index f55177c85c0e0e46185c4a93f8b43e7527d35fd7..dc234d99ebae0a7c6af8860bfce9ee534666b386 100644 (file)
--- a/src/lib-storage/index/imapc/imapc-settings.c
+++ b/src/lib-storage/index/imapc/imapc-settings.c
@@ -29,9 +29,6 @@ static const struct setting_define imapc_setting_defines[] = {
        DEF(SET_STR, imapc_list_prefix),
        DEF(SET_TIME, imapc_max_idle_time),
 
-       DEF(SET_STR, ssl_client_ca_dir),
-       DEF(SET_STR, ssl_crypto_device),
-
        SETTING_DEFINE_LIST_END
 };
 
@@ -49,10 +46,7 @@ static const struct imapc_settings imapc_default_settings = {
        .imapc_features = "",
        .imapc_rawlog_dir = "",
        .imapc_list_prefix = "",
-       .imapc_max_idle_time = 60*29,
-
-       .ssl_client_ca_dir = "",
-       .ssl_crypto_device = ""
+       .imapc_max_idle_time = 60*29
 };
 
 static const struct setting_parser_info imapc_setting_parser_info = {
@@ -122,15 +116,6 @@ static bool imapc_settings_check(void *_set, pool_t pool ATTR_UNUSED,
                *error_r = "invalid imapc_port";
                return FALSE;
        }
-#ifndef CONFIG_BINARY
-       if (*set->ssl_client_ca_dir != '\0' &&
-           access(set->ssl_client_ca_dir, X_OK) < 0) {
-               *error_r = t_strdup_printf(
-                       "ssl_client_ca_dir: access(%s) failed: %m",
-                       set->ssl_client_ca_dir);
-               return FALSE;
-       }
-#endif
        if (set->imapc_max_idle_time == 0) {
                *error_r = "imapc_max_idle_time must not be 0";
                return FALSE;

diff --git a/src/lib-storage/index/imapc/imapc-settings.h b/src/lib-storage/index/imapc/imapc-settings.h
index 251bf38d4add564a234f2350740901440c5de84f..939f3bbf1a69f5c0a779c3000fcc1ae8fa8aa652 100644 (file)
--- a/src/lib-storage/index/imapc/imapc-settings.h
+++ b/src/lib-storage/index/imapc/imapc-settings.h
@@ -24,9 +24,6 @@ struct imapc_settings {
        const char *imapc_list_prefix;
        unsigned int imapc_max_idle_time;
 
-       const char *ssl_client_ca_dir;
-       const char *ssl_crypto_device;
-
        enum imapc_features parsed_features;
 };
 

diff --git a/src/lib-storage/index/imapc/imapc-storage.c b/src/lib-storage/index/imapc/imapc-storage.c
index 86deb65464b02903ab097c97ca204bf6a8c5d193..8a1619273b23ccba160639230584ef8c25069f1d 100644 (file)
--- a/src/lib-storage/index/imapc/imapc-storage.c
+++ b/src/lib-storage/index/imapc/imapc-storage.c
@@ -243,7 +243,7 @@ imapc_storage_create(struct mail_storage *_storage,
        mail_user_set_get_temp_prefix(str, _storage->user->set);
        set.temp_path_prefix = str_c(str);
 
-       set.ssl_ca_dir = storage->set->ssl_client_ca_dir;
+       set.ssl_ca_dir = _storage->set->ssl_client_ca_dir;
        set.ssl_verify = storage->set->imapc_ssl_verify;
        if (strcmp(storage->set->imapc_ssl, "imaps") == 0)
                set.ssl_mode = IMAPC_CLIENT_SSL_MODE_IMMEDIATE;
@@ -251,7 +251,7 @@ imapc_storage_create(struct mail_storage *_storage,
                set.ssl_mode = IMAPC_CLIENT_SSL_MODE_STARTTLS;
        else
                set.ssl_mode = IMAPC_CLIENT_SSL_MODE_NONE;
-       set.ssl_crypto_device = storage->set->ssl_crypto_device;
+       set.ssl_crypto_device = _storage->set->ssl_crypto_device;
 
        storage->list = (struct imapc_mailbox_list *)ns->list;
        storage->list->storage = storage;

diff --git a/src/lib-storage/index/pop3c/pop3c-settings.c b/src/lib-storage/index/pop3c/pop3c-settings.c
index b5acf4a87d4d5428f0301d6bf8e340419ef944bf..522e66737ba55320e16902b69d5ece984756d9b8 100644 (file)
--- a/src/lib-storage/index/pop3c/pop3c-settings.c
+++ b/src/lib-storage/index/pop3c/pop3c-settings.c
@@ -25,8 +25,6 @@ static const struct setting_define pop3c_setting_defines[] = {
        DEF(SET_BOOL, pop3c_ssl_verify),
 
        DEF(SET_STR, pop3c_rawlog_dir),
-       DEF(SET_STR, ssl_client_ca_dir),
-       DEF(SET_STR, ssl_crypto_device),
 
        SETTING_DEFINE_LIST_END
 };
@@ -42,9 +40,7 @@ static const struct pop3c_settings pop3c_default_settings = {
        .pop3c_ssl = "no:pop3s:starttls",
        .pop3c_ssl_verify = TRUE,
 
-       .pop3c_rawlog_dir = "",
-       .ssl_client_ca_dir = "",
-       .ssl_crypto_device = ""
+       .pop3c_rawlog_dir = ""
 };
 
 static const struct setting_parser_info pop3c_setting_parser_info = {
@@ -76,14 +72,5 @@ static bool pop3c_settings_check(void *_set, pool_t pool ATTR_UNUSED,
                *error_r = "invalid pop3c_port";
                return FALSE;
        }
-#ifndef CONFIG_BINARY
-       if (*set->ssl_client_ca_dir != '\0' &&
-           access(set->ssl_client_ca_dir, X_OK) < 0) {
-               *error_r = t_strdup_printf(
-                       "ssl_client_ca_dir: access(%s) failed: %m",
-                       set->ssl_client_ca_dir);
-               return FALSE;
-       }
-#endif
        return TRUE;
 }

diff --git a/src/lib-storage/index/pop3c/pop3c-settings.h b/src/lib-storage/index/pop3c/pop3c-settings.h
index 04ec6ff39f1e2328c677be7347b96b9d682c50f6..bfd3c6b151ac5608dbe3f06046a366137576ffe7 100644 (file)
--- a/src/lib-storage/index/pop3c/pop3c-settings.h
+++ b/src/lib-storage/index/pop3c/pop3c-settings.h
@@ -13,8 +13,6 @@ struct pop3c_settings {
        bool pop3c_ssl_verify;
 
        const char *pop3c_rawlog_dir;
-       const char *ssl_client_ca_dir;
-       const char *ssl_crypto_device;
 };
 
 const struct setting_parser_info *pop3c_get_setting_parser_info(void);

diff --git a/src/lib-storage/index/pop3c/pop3c-storage.c b/src/lib-storage/index/pop3c/pop3c-storage.c
index 2095c3ce8823ac51d9681a1ca8b43616005781d2..8c9335df1cdb2da8d5714f1e5d472d712f4f58d0 100644 (file)
--- a/src/lib-storage/index/pop3c/pop3c-storage.c
+++ b/src/lib-storage/index/pop3c/pop3c-storage.c
@@ -50,7 +50,7 @@ pop3c_storage_create(struct mail_storage *_storage,
 }
 
 static struct pop3c_client *
-pop3c_client_create_from_set(struct mail_user *user,
+pop3c_client_create_from_set(struct mail_storage *storage,
                             const struct pop3c_settings *set)
 {
        struct pop3c_client_settings client_set;
@@ -63,17 +63,17 @@ pop3c_client_create_from_set(struct mail_user *user,
        client_set.master_user = set->pop3c_master_user;
        client_set.password = set->pop3c_password;
        client_set.dns_client_socket_path =
-               t_strconcat(user->set->base_dir, "/",
+               t_strconcat(storage->user->set->base_dir, "/",
                            DNS_CLIENT_SOCKET_NAME, NULL);
        str = t_str_new(128);
-       mail_user_set_get_temp_prefix(str, user->set);
+       mail_user_set_get_temp_prefix(str, storage->user->set);
        client_set.temp_path_prefix = str_c(str);
 
-       client_set.debug = user->mail_debug;
+       client_set.debug = storage->user->mail_debug;
        client_set.rawlog_dir =
-               mail_user_home_expand(user, set->pop3c_rawlog_dir);
+               mail_user_home_expand(storage->user, set->pop3c_rawlog_dir);
 
-       client_set.ssl_ca_dir = set->ssl_client_ca_dir;
+       client_set.ssl_ca_dir = storage->set->ssl_client_ca_dir;
        client_set.ssl_verify = set->pop3c_ssl_verify;
        if (strcmp(set->pop3c_ssl, "pop3s") == 0)
                client_set.ssl_mode = POP3C_CLIENT_SSL_MODE_IMMEDIATE;
@@ -81,7 +81,7 @@ pop3c_client_create_from_set(struct mail_user *user,
                client_set.ssl_mode = POP3C_CLIENT_SSL_MODE_STARTTLS;
        else
                client_set.ssl_mode = POP3C_CLIENT_SSL_MODE_NONE;
-       client_set.ssl_crypto_device = set->ssl_crypto_device;
+       client_set.ssl_crypto_device = storage->set->ssl_crypto_device;
        return pop3c_client_init(&client_set);
 }
 
@@ -171,7 +171,7 @@ static int pop3c_mailbox_open(struct mailbox *box)
        if (index_storage_mailbox_open(box, FALSE) < 0)
                return -1;
 
-       mbox->client = pop3c_client_create_from_set(box->storage->user,
+       mbox->client = pop3c_client_create_from_set(box->storage,
                                                    mbox->storage->set);
        pop3c_client_login(mbox->client, pop3c_login_callback, mbox);
        pop3c_client_run(mbox->client);

diff --git a/src/lib-storage/mail-storage-settings.c b/src/lib-storage/mail-storage-settings.c
index 6522b8da16933cce4e81dd66439125e0dd639893..60b86e7d7fa85dbd46db07352d0b7ee3bdffec9b 100644 (file)
--- a/src/lib-storage/mail-storage-settings.c
+++ b/src/lib-storage/mail-storage-settings.c
@@ -53,6 +53,9 @@ static const struct setting_define mail_storage_setting_defines[] = {
        DEF(SET_ENUM, lock_method),
        DEF(SET_STR, pop3_uidl_format),
 
+       DEF(SET_STR, ssl_client_ca_dir),
+       DEF(SET_STR, ssl_crypto_device),
+
        SETTING_DEFINE_LIST_END
 };
 
@@ -83,7 +86,10 @@ const struct mail_storage_settings mail_storage_default_settings = {
        .maildir_stat_dirs = FALSE,
        .mail_shared_explicit_inbox = FALSE,
        .lock_method = "fcntl:flock:dotlock",
-       .pop3_uidl_format = "%08Xu%08Xv"
+       .pop3_uidl_format = "%08Xu%08Xv",
+
+       .ssl_client_ca_dir = "",
+       .ssl_crypto_device = ""
 };
 
 const struct setting_parser_info mail_storage_setting_parser_info = {
@@ -418,6 +424,15 @@ static bool mail_storage_settings_check(void *_set, pool_t pool ATTR_UNUSED,
                return FALSE;
        }
        hash_format_deinit_free(&format);
+#ifndef CONFIG_BINARY
+       if (*set->ssl_client_ca_dir != '\0' &&
+           access(set->ssl_client_ca_dir, X_OK) < 0) {
+               *error_r = t_strdup_printf(
+                       "ssl_client_ca_dir: access(%s) failed: %m",
+                       set->ssl_client_ca_dir);
+               return FALSE;
+       }
+#endif
        return TRUE;
 }
 

diff --git a/src/lib-storage/mail-storage-settings.h b/src/lib-storage/mail-storage-settings.h
index f380b0f01e97df644d4ac503411588ba3b5b3c4d..66097a812a84e99ec09835e082e3793df17bf582 100644 (file)
--- a/src/lib-storage/mail-storage-settings.h
+++ b/src/lib-storage/mail-storage-settings.h
@@ -38,6 +38,9 @@ struct mail_storage_settings {
        const char *lock_method;
        const char *pop3_uidl_format;
 
+       const char *ssl_client_ca_dir;
+       const char *ssl_crypto_device;
+
        enum file_lock_method parsed_lock_method;
        enum fsync_mode parsed_fsync_mode;
 };