From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Fri, 15 Nov 2024 07:36:14 +0000 (+0200)
Subject: lib-ssl-iostream: Add autocreate parameters to client and server
X-Git-Tag: 2.4.0~200
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9a4d66a1dbc2add89107cba27ac0d282310bd478;p=thirdparty%2Fdovecot%2Fcore.git

lib-ssl-iostream: Add autocreate parameters to client and server
---

diff --git a/src/doveadm/client-connection-tcp.c b/src/doveadm/client-connection-tcp.c
index 57a50c0a06..9e95da79e5 100644
--- a/src/doveadm/client-connection-tcp.c
+++ b/src/doveadm/client-connection-tcp.c
@@ -505,7 +505,10 @@ client_connection_tcp_init_ssl(struct client_connection_tcp *conn)
 {
 	const char *error;
 
-	if (io_stream_autocreate_ssl_server(conn->conn.event,
+	struct ssl_iostream_server_autocreate_parameters parameters = {
+		.event_parent = conn->conn.event,
+	};
+	if (io_stream_autocreate_ssl_server(&parameters,
 					    &conn->input, &conn->output,
 					    &conn->ssl_iostream, &error) < 0) {
 		e_error(conn->conn.event, "SSL init failed: %s", error);
diff --git a/src/doveadm/doveadm-compress.c b/src/doveadm/doveadm-compress.c
index a70d11fada..616d29fa3a 100644
--- a/src/doveadm/doveadm-compress.c
+++ b/src/doveadm/doveadm-compress.c
@@ -206,7 +206,12 @@ static void client_init_ssl(struct client *client)
 
 	io_remove(&client->io_server);
 
-	if (io_stream_autocreate_ssl_client(client->event, client->host, 0,
+	const struct ssl_iostream_client_autocreate_parameters parameters = {
+		.event_parent = client->event,
+		.host = client->host,
+		.flags = 0,
+	};
+	if (io_stream_autocreate_ssl_client(&parameters,
 					    &client->input, &client->output,
 					    &client->ssl_iostream, &error) < 0)
 		i_fatal("STARTTLS failed: %s", error);
diff --git a/src/lib-doveadm/doveadm-client.c b/src/lib-doveadm/doveadm-client.c
index 29e8f38b4a..5d389197bb 100644
--- a/src/lib-doveadm/doveadm-client.c
+++ b/src/lib-doveadm/doveadm-client.c
@@ -564,10 +564,14 @@ static int doveadm_client_init_ssl(struct doveadm_client *conn,
 	const char *hostname =
 		conn->set.hostname != NULL ? conn->set.hostname : "";
 	connection_input_halt(&conn->conn);
-	if (io_stream_autocreate_ssl_client(conn->conn.event, hostname,
-					ssl_flags,
-					&conn->conn.input, &conn->conn.output,
-					&conn->ssl_iostream, &error) < 0) {
+	const struct ssl_iostream_client_autocreate_parameters parameters = {
+		.event_parent = conn->conn.event,
+		.host = hostname,
+		.flags = ssl_flags,
+	};
+	if (io_stream_autocreate_ssl_client(&parameters,
+					    &conn->conn.input, &conn->conn.output,
+					    &conn->ssl_iostream, &error) < 0) {
 		*error_r = t_strdup_printf(
 			"Couldn't initialize SSL client: %s", error);
 		return -1;
diff --git a/src/lib-http/http-server-connection.c b/src/lib-http/http-server-connection.c
index 0803012027..6ed46cf15a 100644
--- a/src/lib-http/http-server-connection.c
+++ b/src/lib-http/http-server-connection.c
@@ -370,7 +370,10 @@ http_server_connection_ssl_init(struct http_server_connection *conn)
 
 	http_server_connection_input_halt(conn);
 	if (server->ssl_set == NULL) {
-		ret = io_stream_autocreate_ssl_server(server->event,
+		const struct ssl_iostream_server_autocreate_parameters parameters = {
+			.event_parent = server->event,
+		};
+		ret = io_stream_autocreate_ssl_server(&parameters,
 						      &conn->conn.input,
 						      &conn->conn.output,
 						      &conn->ssl_iostream,
diff --git a/src/lib-imap-client/imapc-connection.c b/src/lib-imap-client/imapc-connection.c
index 0a5f2a6bad..aa29ae87d9 100644
--- a/src/lib-imap-client/imapc-connection.c
+++ b/src/lib-imap-client/imapc-connection.c
@@ -1687,9 +1687,12 @@ static int imapc_connection_ssl_init(struct imapc_connection *conn)
 
 	io_remove(&conn->io);
 	enum ssl_iostream_flags ssl_flags = 0;
-	if (io_stream_autocreate_ssl_client(conn->event,
-					    conn->client->set->imapc_host,
-					    ssl_flags,
+	const struct ssl_iostream_client_autocreate_parameters parameters = {
+		.event_parent = conn->event,
+		.host = conn->client->set->imapc_host,
+		.flags = ssl_flags,
+	};
+	if (io_stream_autocreate_ssl_client(&parameters,
 					    &conn->input, &conn->output,
 					    &conn->ssl_iostream, &error) < 0) {
 		e_error(conn->event, "Couldn't initialize SSL client: %s",
diff --git a/src/lib-smtp/smtp-server-connection.c b/src/lib-smtp/smtp-server-connection.c
index fc29115d70..645601b251 100644
--- a/src/lib-smtp/smtp-server-connection.c
+++ b/src/lib-smtp/smtp-server-connection.c
@@ -409,7 +409,10 @@ int smtp_server_connection_ssl_init(struct smtp_server_connection *conn)
 
 	smtp_server_connection_input_halt(conn);
 	if (conn->set.ssl == NULL) {
-		ret = io_stream_autocreate_ssl_server(conn->event,
+		const struct ssl_iostream_server_autocreate_parameters parameters = {
+			.event_parent = conn->event,
+		};
+		ret = io_stream_autocreate_ssl_server(&parameters,
 			&conn->conn.input, &conn->conn.output,
 			&conn->ssl_iostream, &error);
 	} else if (ssl_iostream_server_context_cache_get(conn->set.ssl,
diff --git a/src/lib-ssl-iostream/iostream-ssl.c b/src/lib-ssl-iostream/iostream-ssl.c
index 33b5e8e336..8320e718d2 100644
--- a/src/lib-ssl-iostream/iostream-ssl.c
+++ b/src/lib-ssl-iostream/iostream-ssl.c
@@ -129,8 +129,7 @@ int io_stream_create_ssl_server(struct ssl_iostream_context *ctx,
 }
 
 int io_stream_autocreate_ssl_client(
-	struct event *event_parent, const char *host,
-	enum ssl_iostream_flags flags,
+	const struct ssl_iostream_client_autocreate_parameters *parameters,
 	struct istream **input, struct ostream **output,
 	struct ssl_iostream **iostream_r,
 	const char **error_r)
@@ -140,11 +139,12 @@ int io_stream_autocreate_ssl_client(
 	struct ssl_iostream_context *ctx;
 	int ret;
 
-	if (settings_get(event_parent, &ssl_setting_parser_info,
+	i_assert(parameters->event_parent != NULL);
+	if (settings_get(parameters->event_parent, &ssl_setting_parser_info,
 			 0, &ssl_set, error_r) < 0)
 		return -1;
 	ssl_client_settings_to_iostream_set(ssl_set, &set);
-	if ((flags & SSL_IOSTREAM_FLAG_DISABLE_CA_FILES) != 0) {
+	if ((parameters->flags & SSL_IOSTREAM_FLAG_DISABLE_CA_FILES) != 0) {
 		pool_t pool = pool_alloconly_create("ssl iostream settings copy",
 						    sizeof(*set));
 		struct ssl_iostream_settings *set_copy =
@@ -162,14 +162,16 @@ int io_stream_autocreate_ssl_client(
 	if (ret < 0)
 		return -1;
 
-	ret = io_stream_create_ssl_client(ctx, host, event_parent, flags, input,
+	ret = io_stream_create_ssl_client(ctx, parameters->host,
+					  parameters->event_parent,
+					  parameters->flags, input,
 					  output, iostream_r, error_r);
 	ssl_iostream_context_unref(&ctx);
 	return ret;
 }
 
 int io_stream_autocreate_ssl_server(
-	struct event *event_parent,
+	const struct ssl_iostream_server_autocreate_parameters *parameters,
 	struct istream **input, struct ostream **output,
 	struct ssl_iostream **iostream_r,
 	const char **error_r)
@@ -180,10 +182,11 @@ int io_stream_autocreate_ssl_server(
 	struct ssl_iostream_context *ctx;
 	int ret;
 
-	if (settings_get(event_parent, &ssl_setting_parser_info,
+	i_assert(parameters->event_parent != NULL);
+	if (settings_get(parameters->event_parent, &ssl_setting_parser_info,
 			 0, &ssl_set, error_r) < 0)
 		return -1;
-	if (settings_get(event_parent, &ssl_server_setting_parser_info,
+	if (settings_get(parameters->event_parent, &ssl_server_setting_parser_info,
 			 0, &ssl_server_set, error_r) < 0) {
 		settings_free(ssl_set);
 		return -1;
@@ -196,7 +199,7 @@ int io_stream_autocreate_ssl_server(
 	settings_free(set);
 	if (ret < 0)
 		return -1;
-	ret = io_stream_create_ssl_server(ctx, event_parent, input,
+	ret = io_stream_create_ssl_server(ctx, parameters->event_parent, input,
 					  output, iostream_r, error_r);
 	ssl_iostream_context_unref(&ctx);
 	return ret;
diff --git a/src/lib-ssl-iostream/iostream-ssl.h b/src/lib-ssl-iostream/iostream-ssl.h
index a65f30c337..968859b237 100644
--- a/src/lib-ssl-iostream/iostream-ssl.h
+++ b/src/lib-ssl-iostream/iostream-ssl.h
@@ -95,18 +95,27 @@ int io_stream_create_ssl_server(struct ssl_iostream_context *ctx,
 				struct ssl_iostream **iostream_r,
 				const char **error_r);
 
+struct ssl_iostream_client_autocreate_parameters {
+	struct event *event_parent;
+	const char *host;
+	enum ssl_iostream_flags flags;
+};
+
+struct ssl_iostream_server_autocreate_parameters {
+	struct event *event_parent;
+};
+
 /* Lookup settings from event, use ssl_iostream_client_context_cache_get() to
    get the context and call io_stream_create_ssl_client(). */
 int io_stream_autocreate_ssl_client(
-	struct event *event_parent, const char *host,
-	enum ssl_iostream_flags flags,
+	const struct ssl_iostream_client_autocreate_parameters *parameters,
 	struct istream **input, struct ostream **output,
 	struct ssl_iostream **iostream_r,
 	const char **error_r);
 /* Lookup settings from event, use ssl_iostream_server_context_cache_get() to
    get the context and call io_stream_create_ssl_server(). */
 int io_stream_autocreate_ssl_server(
-	struct event *event_parent,
+	const struct ssl_iostream_server_autocreate_parameters *parameters,
 	struct istream **input, struct ostream **output,
 	struct ssl_iostream **iostream_r,
 	const char **error_r);
diff --git a/src/lib-storage/index/pop3c/pop3c-client.c b/src/lib-storage/index/pop3c/pop3c-client.c
index 874faef5ce..bba9a37003 100644
--- a/src/lib-storage/index/pop3c/pop3c-client.c
+++ b/src/lib-storage/index/pop3c/pop3c-client.c
@@ -557,8 +557,12 @@ static int pop3c_client_ssl_init(struct pop3c_client *client)
 	enum ssl_iostream_flags ssl_flags = 0;
 	if (client->set.ssl_allow_invalid_cert)
 		ssl_flags |= SSL_IOSTREAM_FLAG_ALLOW_INVALID_CERT;
-	if (io_stream_autocreate_ssl_client(client->event, client->set.host,
-					    ssl_flags,
+	const struct ssl_iostream_client_autocreate_parameters parameters = {
+		.event_parent = client->event,
+		.host = client->set.host,
+		.flags = ssl_flags,
+	};
+	if (io_stream_autocreate_ssl_client(&parameters,
 					    &client->input, &client->output,
 					    &client->ssl_iostream, &error) < 0) {
 		e_error(client->event,
diff --git a/src/login-common/client-common.c b/src/login-common/client-common.c
index a115eb1632..2cd3b21981 100644
--- a/src/login-common/client-common.c
+++ b/src/login-common/client-common.c
@@ -727,9 +727,12 @@ int client_init_ssl(struct client *client)
 
 	if (client->v.iostream_change_pre != NULL)
 		client->v.iostream_change_pre(client);
-	int ret = io_stream_autocreate_ssl_server(client->event,
-			&client->input, &client->output,
-			&client->ssl_iostream, &error);
+	const struct ssl_iostream_server_autocreate_parameters parameters = {
+		.event_parent = client->event,
+	};
+	int ret = io_stream_autocreate_ssl_server(&parameters,
+						  &client->input, &client->output,
+						  &client->ssl_iostream, &error);
 	if (client->v.iostream_change_post != NULL)
 		client->v.iostream_change_post(client);
 	if (ret < 0) {
diff --git a/src/login-common/login-proxy.c b/src/login-common/login-proxy.c
index 3004c50daf..be17623ee3 100644
--- a/src/login-common/login-proxy.c
+++ b/src/login-common/login-proxy.c
@@ -1222,9 +1222,12 @@ int login_proxy_starttls(struct login_proxy *proxy)
 		proxy->multiplex_orig_input = NULL;
 		add_multiplex_istream = TRUE;
 	}
-
-	if (io_stream_autocreate_ssl_client(proxy->event, proxy->host,
-					    ssl_flags,
+	const struct ssl_iostream_client_autocreate_parameters parameters = {
+		.event_parent = proxy->event,
+		.host = proxy->host,
+		.flags = ssl_flags,
+	};
+	if (io_stream_autocreate_ssl_client(&parameters,
 					    &proxy->server_input,
 					    &proxy->server_output,
 					    &proxy->server_ssl_iostream,