From: Aki Tuomi <aki.tuomi@dovecot.fi>
Date: Wed, 31 Oct 2018 12:09:30 +0000 (+0200)
Subject: lib-storage: Add all client ssl settings to mail storage settings
X-Git-Tag: 2.3.6~117
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=90a5d98ab7cf97557745e28afe7f7bed71730845;p=thirdparty%2Fdovecot%2Fcore.git

lib-storage: Add all client ssl settings to mail storage settings
---

diff --git a/src/lib-master/master-service-ssl-settings.c b/src/lib-master/master-service-ssl-settings.c
index ae69ea526c..06aeb9d861 100644
--- a/src/lib-master/master-service-ssl-settings.c
+++ b/src/lib-master/master-service-ssl-settings.c
@@ -49,6 +49,7 @@ static const struct master_service_ssl_settings master_service_ssl_default_setti
 #else
 	.ssl = "no:yes:required",
 #endif
+	/* keep synced with mail-storage-settings */
 	.ssl_ca = "",
 	.ssl_cert = "",
 	.ssl_key = "",
diff --git a/src/lib-storage/mail-storage-settings.c b/src/lib-storage/mail-storage-settings.c
index e647cb7d9c..1a26908e4f 100644
--- a/src/lib-storage/mail-storage-settings.c
+++ b/src/lib-storage/mail-storage-settings.c
@@ -80,9 +80,16 @@ static const struct setting_define mail_storage_setting_defines[] = {
 	DEF(SET_STR, hostname),
 	DEF(SET_STR, recipient_delimiter),
 
-	DEF(SET_STR, ssl_client_ca_dir),
 	DEF(SET_STR, ssl_client_ca_file),
+	DEF(SET_STR, ssl_client_ca_dir),
+	DEF(SET_STR, ssl_client_cert),
+	DEF(SET_STR, ssl_client_key),
+	DEF(SET_STR, ssl_cipher_list),
+	DEF(SET_STR, ssl_curve_list),
+	DEF(SET_STR, ssl_min_protocol),
 	DEF(SET_STR, ssl_crypto_device),
+	DEF(SET_BOOL, ssl_client_require_valid_cert),
+	DEF(SET_BOOL, verbose_ssl),
 
 	SETTING_DEFINE_LIST_END
 };
@@ -139,9 +146,17 @@ const struct mail_storage_settings mail_storage_default_settings = {
 	.hostname = "",
 	.recipient_delimiter = "+",
 
-	.ssl_client_ca_dir = "",
+	/* Keep synced with master-service-ssl-settings */
 	.ssl_client_ca_file = "",
-	.ssl_crypto_device = ""
+	.ssl_client_ca_dir = "",
+	.ssl_client_cert = "",
+	.ssl_client_key = "",
+	.ssl_cipher_list = "ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH",
+	.ssl_curve_list = "",
+	.ssl_min_protocol = "TLSv1",
+	.ssl_crypto_device = "",
+	.ssl_client_require_valid_cert = TRUE,
+	.verbose_ssl = FALSE,
 };
 
 const struct setting_parser_info mail_storage_setting_parser_info = {
diff --git a/src/lib-storage/mail-storage-settings.h b/src/lib-storage/mail-storage-settings.h
index 858bedf4e9..c5a4dece01 100644
--- a/src/lib-storage/mail-storage-settings.h
+++ b/src/lib-storage/mail-storage-settings.h
@@ -63,9 +63,16 @@ struct mail_storage_settings {
 	const char *hostname;
 	const char *recipient_delimiter;
 
-	const char *ssl_client_ca_dir;
 	const char *ssl_client_ca_file;
+	const char *ssl_client_ca_dir;
+	const char *ssl_client_cert;
+	const char *ssl_client_key;
+	const char *ssl_cipher_list;
+	const char *ssl_curve_list;
+	const char *ssl_min_protocol;
 	const char *ssl_crypto_device;
+	bool ssl_client_require_valid_cert;
+	bool verbose_ssl;
 	const char *mail_attachment_detection_options;
 
 	enum file_lock_method parsed_lock_method;