]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
projects / thirdparty / dovecot / core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5e7b0e2)
auth: Use master service ssl settings for http client in policy checks
authorAki Tuomi <aki.tuomi@dovecot.fi>
Wed, 14 Nov 2018 12:05:24 +0000 (14:05 +0200)
committerTimo Sirainen <timo.sirainen@dovecot.fi>
Wed, 14 Nov 2018 13:03:17 +0000 (13:03 +0000)
src/auth/auth-policy.c patch | blob | blame | history
src/auth/main.c patch | blob | blame | history

diff --git a/src/auth/auth-policy.c b/src/auth/auth-policy.c
index 9eecdc814a5dc05608eb05009e18c561f96bb7de..77a94bd3a11dd9a12dd21de955a25a43049aba7d 100755 (executable)
--- a/src/auth/auth-policy.c
+++ b/src/auth/auth-policy.c
@@ -11,6 +11,8 @@
 #include "http-url.h"
 #include "http-client.h"
 #include "json-parser.h"
+#include "master-service.h"
+#include "master-service-ssl-settings.h"
 #include "auth-request.h"
 #include "auth-penalty.h"
 #include "auth-settings.h"
@@ -157,18 +159,18 @@ void auth_policy_open_and_close_to_key(const char *fromkey, const char *tokey, s
 
 void auth_policy_init(void)
 {
+       const struct master_service_ssl_settings *master_ssl_set =
+               master_service_ssl_settings_get(master_service);
        struct ssl_iostream_settings ssl_set;
        i_zero(&ssl_set);
 
        http_client_set.request_absolute_timeout_msecs = global_auth_settings->policy_server_timeout_msecs;
        if (global_auth_settings->debug)
                http_client_set.debug = 1;
-       ssl_set.ca_dir = global_auth_settings->ssl_client_ca_dir;
-       ssl_set.ca_file = global_auth_settings->ssl_client_ca_file;
-       if (*ssl_set.ca_dir == '\0' &&
-           *ssl_set.ca_file == '\0')
-               ssl_set.allow_invalid_cert = TRUE;
 
+       master_service_ssl_settings_to_iostream_set(master_ssl_set, pool_datastack_create(),
+                                                   MASTER_SERVICE_SSL_SETTINGS_TYPE_CLIENT,
+                                                   &ssl_set);
        http_client_set.ssl = &ssl_set;
        http_client = http_client_init(&http_client_set);
 
diff --git a/src/auth/main.c b/src/auth/main.c
index 3cd0e82f3b685f4567dd281de362d34d44eeba70..494df33ce6240a93c6d240e6d01ff3f67a6bfe7e 100644 (file)
--- a/src/auth/main.c
+++ b/src/auth/main.c
@@ -373,8 +373,11 @@ static void auth_die(void)
 int main(int argc, char *argv[])
 {
        int c;
+       enum master_service_flags service_flags =
+               MASTER_SERVICE_FLAG_USE_SSL_SETTINGS |
+               MASTER_SERVICE_FLAG_NO_SSL_INIT;
 
-       master_service = master_service_init("auth", 0, &argc, &argv, "w");
+       master_service = master_service_init("auth", service_flags, &argc, &argv, "w");
        master_service_init_log(master_service, "auth: ");
 
        while ((c = master_getopt(master_service)) > 0) {
Mirror of https://github.com/dovecot/core.git