From: Aki Tuomi <aki.tuomi@dovecot.fi>
Date: Wed, 14 Nov 2018 12:43:52 +0000 (+0200)
Subject: lib-master: When duplicating SSL settings set empty values NULL
X-Git-Tag: 2.3.6~114
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=143a1a371978b3485b151e1c2dcc5a6896a13b1b;p=thirdparty%2Fdovecot%2Fcore.git

lib-master: When duplicating SSL settings set empty values NULL

Otherwise default CA is not used for client connections.

Broken in 30dca954
---

diff --git a/src/lib-master/master-service-ssl-settings.c b/src/lib-master/master-service-ssl-settings.c
index 06aeb9d861..7b480378e2 100644
--- a/src/lib-master/master-service-ssl-settings.c
+++ b/src/lib-master/master-service-ssl-settings.c
@@ -178,7 +178,7 @@ void master_service_ssl_settings_to_iostream_set(
 	set_r->cipher_list = p_strdup(pool, ssl_set->ssl_cipher_list);
 	/* NOTE: It's a bit questionable whether ssl_ca should be used for
 	   clients. But at least for now it's needed for login-proxy. */
-	set_r->ca = p_strdup(pool, ssl_set->ssl_ca);
+	set_r->ca = p_strdup_empty(pool, ssl_set->ssl_ca);
 
 	switch (type) {
 	case MASTER_SERVICE_SSL_SETTINGS_TYPE_SERVER:
@@ -194,8 +194,8 @@ void master_service_ssl_settings_to_iostream_set(
 		set_r->allow_invalid_cert = !set_r->verify_remote_cert;
 		break;
 	case MASTER_SERVICE_SSL_SETTINGS_TYPE_CLIENT:
-		set_r->ca_file = p_strdup(pool, ssl_set->ssl_client_ca_file);
-		set_r->ca_dir = p_strdup(pool, ssl_set->ssl_client_ca_dir);
+		set_r->ca_file = p_strdup_empty(pool, ssl_set->ssl_client_ca_file);
+		set_r->ca_dir = p_strdup_empty(pool, ssl_set->ssl_client_ca_dir);
 		set_r->cert.cert = p_strdup_empty(pool, ssl_set->ssl_client_cert);
 		set_r->cert.key = p_strdup_empty(pool, ssl_set->ssl_client_key);
 		set_r->verify_remote_cert = ssl_set->ssl_client_require_valid_cert;