From: Marco Bettini <marco.bettini@open-xchange.com>
Date: Fri, 11 Oct 2024 15:49:43 +0000 (+0000)
Subject: lib-ldap: ldap_client_settings - Remove ssl_ioset
X-Git-Tag: 2.4.0~129
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4ab700c2aa641621dfdf1914c360543aaf7818b2;p=thirdparty%2Fdovecot%2Fcore.git

lib-ldap: ldap_client_settings - Remove ssl_ioset
---

diff --git a/src/lib-ldap/ldap-connection.c b/src/lib-ldap/ldap-connection.c
index 8ccc39274f..a38e2a904f 100644
--- a/src/lib-ldap/ldap-connection.c
+++ b/src/lib-ldap/ldap-connection.c
@@ -125,7 +125,7 @@ bool ldap_connection_have_settings(struct ldap_connection *conn,
 			    conn_set, set, NULL))
 		return FALSE;
 
-	if (set->ssl_ioset == NULL || !set->starttls)
+	if (strstr(set->uris, "ldaps://") == NULL && !set->starttls)
 	 	return TRUE;
 
 	return settings_equal(&ssl_setting_parser_info,
@@ -163,21 +163,26 @@ int ldap_connection_init(struct ldap_client *client,
 	/* cannot use these */
 	i_zero(&conn->ssl_ioset.ca);
 
-	if (set->ssl_ioset != NULL) {
+	{
+		const struct ssl_iostream_settings *ssl_ioset;
+		ssl_client_settings_to_iostream_set(set->ssl_set, &ssl_ioset);
+
 		/* keep in sync with ldap_connection_have_settings() */
-		conn->ssl_ioset.min_protocol = p_strdup(pool, set->ssl_ioset->min_protocol);
-		conn->ssl_ioset.cipher_list = p_strdup(pool, set->ssl_ioset->cipher_list);
-		conn->ssl_ioset.ca.path = p_strdup(pool, set->ssl_ioset->ca.path);
+		conn->ssl_ioset.min_protocol = p_strdup(pool, ssl_ioset->min_protocol);
+		conn->ssl_ioset.cipher_list = p_strdup(pool, ssl_ioset->cipher_list);
+		conn->ssl_ioset.ca.path = p_strdup(pool, ssl_ioset->ca.path);
 		conn->ssl_ioset.ca.content =
-			p_strdup(pool, set->ssl_ioset->ca.content);
+			p_strdup(pool, ssl_ioset->ca.content);
 		conn->ssl_ioset.cert.cert.path =
-			p_strdup(pool, set->ssl_ioset->cert.cert.path);
+			p_strdup(pool, ssl_ioset->cert.cert.path);
 		conn->ssl_ioset.cert.cert.content =
-			p_strdup(pool, set->ssl_ioset->cert.cert.content);
+			p_strdup(pool, ssl_ioset->cert.cert.content);
 		conn->ssl_ioset.cert.key.path =
-			p_strdup(pool, set->ssl_ioset->cert.key.path);
+			p_strdup(pool, ssl_ioset->cert.key.path);
 		conn->ssl_ioset.cert.key.content =
-			p_strdup(pool, set->ssl_ioset->cert.key.content);
+			p_strdup(pool, ssl_ioset->cert.key.content);
+
+		settings_free(ssl_ioset);
 	}
 	i_assert(ldap_connection_have_settings(conn, set));
 
diff --git a/src/lib-ldap/ldap-settings.c b/src/lib-ldap/ldap-settings.c
index 2618c09ee4..6aefe48e92 100644
--- a/src/lib-ldap/ldap-settings.c
+++ b/src/lib-ldap/ldap-settings.c
@@ -90,9 +90,7 @@ int ldap_client_settings_get(struct event *event,
 		return -1;
 	}
 
-	ssl_client_settings_to_iostream_set(set->ssl_set, &set->ssl_ioset);
 	bind_pool(set->pool, set->ssl_set->pool);
-	bind_pool(set->pool, set->ssl_ioset->pool);
 
 	*set_r = set;
 	*error_r = NULL;
diff --git a/src/lib-ldap/ldap-settings.h b/src/lib-ldap/ldap-settings.h
index d4d66915d1..9725bfe0c9 100644
--- a/src/lib-ldap/ldap-settings.h
+++ b/src/lib-ldap/ldap-settings.h
@@ -16,7 +16,6 @@ struct ldap_client_settings {
 
 	struct event *event_parent;
 	const struct ssl_settings *ssl_set;
-	const struct ssl_iostream_settings *ssl_ioset;
 };
 
 extern const struct setting_parser_info ldap_client_setting_parser_info;