lib-storage: Add all client ssl settings to mail storage settings

diff --git a/src/lib-master/master-service-ssl-settings.c b/src/lib-master/master-service-ssl-settings.c
index ae69ea526caee6d6e6ba3f8347f77a410ca8eff3..06aeb9d861f6c5c17baff686d7183d803f634108 100644 (file)
--- a/src/lib-master/master-service-ssl-settings.c
+++ b/src/lib-master/master-service-ssl-settings.c
@@ -49,6 +49,7 @@ static const struct master_service_ssl_settings master_service_ssl_default_setti
 #else
        .ssl = "no:yes:required",
 #endif
+       /* keep synced with mail-storage-settings */
        .ssl_ca = "",
        .ssl_cert = "",
        .ssl_key = "",

diff --git a/src/lib-storage/mail-storage-settings.c b/src/lib-storage/mail-storage-settings.c
index e647cb7d9ca406bfb83df1aa6d0df92e2f1c9204..1a26908e4f39fdda4f3f2d30dff0ae402b31b739 100644 (file)
--- a/src/lib-storage/mail-storage-settings.c
+++ b/src/lib-storage/mail-storage-settings.c
@@ -80,9 +80,16 @@ static const struct setting_define mail_storage_setting_defines[] = {
        DEF(SET_STR, hostname),
        DEF(SET_STR, recipient_delimiter),
 
-       DEF(SET_STR, ssl_client_ca_dir),
        DEF(SET_STR, ssl_client_ca_file),
+       DEF(SET_STR, ssl_client_ca_dir),
+       DEF(SET_STR, ssl_client_cert),
+       DEF(SET_STR, ssl_client_key),
+       DEF(SET_STR, ssl_cipher_list),
+       DEF(SET_STR, ssl_curve_list),
+       DEF(SET_STR, ssl_min_protocol),
        DEF(SET_STR, ssl_crypto_device),
+       DEF(SET_BOOL, ssl_client_require_valid_cert),
+       DEF(SET_BOOL, verbose_ssl),
 
        SETTING_DEFINE_LIST_END
 };
@@ -139,9 +146,17 @@ const struct mail_storage_settings mail_storage_default_settings = {
        .hostname = "",
        .recipient_delimiter = "+",
 
-       .ssl_client_ca_dir = "",
+       /* Keep synced with master-service-ssl-settings */
        .ssl_client_ca_file = "",
-       .ssl_crypto_device = ""
+       .ssl_client_ca_dir = "",
+       .ssl_client_cert = "",
+       .ssl_client_key = "",
+       .ssl_cipher_list = "ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH",
+       .ssl_curve_list = "",
+       .ssl_min_protocol = "TLSv1",
+       .ssl_crypto_device = "",
+       .ssl_client_require_valid_cert = TRUE,
+       .verbose_ssl = FALSE,
 };
 
 const struct setting_parser_info mail_storage_setting_parser_info = {

diff --git a/src/lib-storage/mail-storage-settings.h b/src/lib-storage/mail-storage-settings.h
index 858bedf4e9fe1fd5847f81075a00b6aff25ec71b..c5a4dece01649fce89aa5dbd8f8826eca4d8641e 100644 (file)
--- a/src/lib-storage/mail-storage-settings.h
+++ b/src/lib-storage/mail-storage-settings.h
@@ -63,9 +63,16 @@ struct mail_storage_settings {
        const char *hostname;
        const char *recipient_delimiter;
 
-       const char *ssl_client_ca_dir;
        const char *ssl_client_ca_file;
+       const char *ssl_client_ca_dir;
+       const char *ssl_client_cert;
+       const char *ssl_client_key;
+       const char *ssl_cipher_list;
+       const char *ssl_curve_list;
+       const char *ssl_min_protocol;
        const char *ssl_crypto_device;
+       bool ssl_client_require_valid_cert;
+       bool verbose_ssl;
        const char *mail_attachment_detection_options;
 
        enum file_lock_method parsed_lock_method;