strarr_push(&conf_argv, input->extra_modules[i]);
}
}
- if (input->module != NULL || input->extra_modules != NULL) {
+ if ((service->flags & MASTER_SERVICE_FLAG_DISABLE_SSL_SET) == 0 &&
+ (input->module != NULL || input->extra_modules != NULL)) {
strarr_push(&conf_argv, "-m");
if (service->want_ssl_server)
strarr_push(&conf_argv, "ssl-server");
for (unsigned int i = 0; input->extra_modules[i] != NULL; i++)
str_printfa(str, "\tmodule=%s", input->extra_modules[i]);
}
- if (input->module != NULL || input->extra_modules != NULL) {
+ if ((service->flags & MASTER_SERVICE_FLAG_DISABLE_SSL_SET) == 0 &&
+ (input->module != NULL || input->extra_modules != NULL)) {
str_printfa(str, "\tmodule=%s",
service->want_ssl_server ? "ssl-server" : "ssl");
}
/* Show number of connections in process title
(only if verbose_proctitle setting is enabled) */
MASTER_SERVICE_FLAG_UPDATE_PROCTITLE = 0x100,
+ /* Don't read any SSL settings. This is mainly needed to prevent master
+ process from trying to pass through huge list of SSL CA certificates
+ through environment for ssl_ca setting, which could fail. Although
+ the same problem can still happen with standalone doveadm if it
+ reads settings via doveconf instead of config socket. */
+ MASTER_SERVICE_FLAG_DISABLE_SSL_SET = 0x200,
/* Don't initialize SSL context automatically. */
MASTER_SERVICE_FLAG_NO_SSL_INIT = 0x400,
/* Don't create a data stack frame between master_service_init() and
projects / thirdparty / dovecot / core.git / commitdiff
