From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Mon, 30 Oct 2017 14:55:43 +0000 (+0200)
Subject: lib-ssl-iostream: Change ssl_iostream_context.set to not be a pointer
X-Git-Tag: 2.3.0.rc1~540
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=319bc5ff46e9c941efb573b1e00f85fdeb08942d;p=thirdparty%2Fdovecot%2Fcore.git

lib-ssl-iostream: Change ssl_iostream_context.set to not be a pointer

It's just unnecessary memory usage.
---

diff --git a/src/lib-ssl-iostream/iostream-openssl-context.c b/src/lib-ssl-iostream/iostream-openssl-context.c
index 17a995ab44..4fe8b420f9 100644
--- a/src/lib-ssl-iostream/iostream-openssl-context.c
+++ b/src/lib-ssl-iostream/iostream-openssl-context.c
@@ -279,7 +279,7 @@ ssl_iostream_ctx_verify_remote_cert(struct ssl_iostream_context *ctx,
 				    STACK_OF(X509_NAME) *ca_names)
 {
 #if OPENSSL_VERSION_NUMBER >= 0x00907000L
-	if (!ctx->set->skip_crl_check) {
+	if (!ctx->set.skip_crl_check) {
 		X509_STORE *store;
 
 		store = SSL_CTX_get_cert_store(ctx->ssl_ctx);
@@ -358,7 +358,7 @@ ssl_iostream_context_set(struct ssl_iostream_context *ctx,
 			 const struct ssl_iostream_settings *set,
 			 const char **error_r)
 {
-	ctx->set = ssl_iostream_settings_dup(ctx->pool, set);
+	ssl_iostream_settings_init_from(ctx->pool, &ctx->set, set);
 	if (set->cipher_list != NULL &&
 	    SSL_CTX_set_cipher_list(ctx->ssl_ctx, set->cipher_list) == 0) {
 		*error_r = t_strdup_printf("Can't set cipher list to '%s': %s",
@@ -377,9 +377,9 @@ ssl_iostream_context_set(struct ssl_iostream_context *ctx,
 		SSL_CTX_set_options(ctx->ssl_ctx,
 				    SSL_OP_CIPHER_SERVER_PREFERENCE);
 	}
-	if (ctx->set->protocols != NULL) {
+	if (ctx->set.protocols != NULL) {
 		SSL_CTX_set_options(ctx->ssl_ctx,
-			    openssl_get_protocol_options(ctx->set->protocols));
+			    openssl_get_protocol_options(ctx->set.protocols));
 	}
 
 	if (set->cert.cert != NULL &&
diff --git a/src/lib-ssl-iostream/iostream-openssl.c b/src/lib-ssl-iostream/iostream-openssl.c
index cb2e9c5644..73f22d16ee 100644
--- a/src/lib-ssl-iostream/iostream-openssl.c
+++ b/src/lib-ssl-iostream/iostream-openssl.c
@@ -146,7 +146,7 @@ openssl_iostream_set(struct ssl_iostream *ssl_io,
 		     const struct ssl_iostream_settings *set,
 		     const char **error_r)
 {
-	const struct ssl_iostream_settings *ctx_set = ssl_io->ctx->set;
+	const struct ssl_iostream_settings *ctx_set = &ssl_io->ctx->set;
 	int verify_flags;
 
 	if (set->verbose)
diff --git a/src/lib-ssl-iostream/iostream-openssl.h b/src/lib-ssl-iostream/iostream-openssl.h
index 34b59ec3e4..5849b48c50 100644
--- a/src/lib-ssl-iostream/iostream-openssl.h
+++ b/src/lib-ssl-iostream/iostream-openssl.h
@@ -19,7 +19,7 @@ struct ssl_iostream_context {
 	SSL_CTX *ssl_ctx;
 
 	pool_t pool;
-	const struct ssl_iostream_settings *set;
+	struct ssl_iostream_settings set;
 
 	DH *dh_512, *dh_default;
 	int username_nid;