struct master_login_settings login_set;
enum master_service_flags service_flags = 0;
enum mail_storage_service_flags storage_service_flags =
+ MAIL_STORAGE_SERVICE_FLAG_NO_SSL_CA |
/*
* We include MAIL_STORAGE_SERVICE_FLAG_NO_NAMESPACES so
* that the mail_user initialization is fast and we can
str_printfa(str, "\tmodule=%s",
service->want_ssl_server ? "ssl-server" : "ssl");
}
+ if (input->no_ssl_ca)
+ str_append(str, "\texclude=ssl_ca\texclude=ssl_verify_client_cert");
if (input->service != NULL)
str_printfa(str, "\tservice=%s", input->service);
if (input->username != NULL)
const char *username;
struct ip_addr local_ip, remote_ip;
const char *local_name;
+
+ /* A bit of a memory saving kludge: Mail processes (especially imap)
+ shouldn't read ssl_ca setting since it's likely not needed and it
+ can use a lot of memory. */
+ bool no_ssl_ca;
};
struct master_service_settings_output {
(flags & MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP) == 0;
set_input.use_sysexits =
(flags & MAIL_STORAGE_SERVICE_FLAG_USE_SYSEXITS) != 0;
+ set_input.no_ssl_ca =
+ (flags & MAIL_STORAGE_SERVICE_FLAG_NO_SSL_CA) != 0;
if (input != NULL) {
set_input.module = input->module;
MAIL_STORAGE_SERVICE_FLAG_USE_SYSEXITS = 0x400,
/* Don't create namespaces, only the user. */
MAIL_STORAGE_SERVICE_FLAG_NO_NAMESPACES = 0x800,
+ /* Disable reading ssl_ca setting to save memory. */
+ MAIL_STORAGE_SERVICE_FLAG_NO_SSL_CA = 0x1000,
};
struct mail_storage_service_input {
};
struct master_login_settings login_set;
enum master_service_flags service_flags = 0;
- enum mail_storage_service_flags storage_service_flags = 0;
+ enum mail_storage_service_flags storage_service_flags =
+ MAIL_STORAGE_SERVICE_FLAG_NO_SSL_CA;
const char *username = NULL, *auth_socket_path = "auth-master";
int c;
projects / thirdparty / dovecot / core.git / commitdiff
