From: Timo Sirainen Date: Wed, 18 Dec 2024 10:07:44 +0000 (+0200) Subject: global: Use ssl_client/server_settings_get() X-Git-Tag: 2.4.1~352 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=da97979f6f50b91950e9c8a0858cf4dbcac72f24;p=thirdparty%2Fdovecot%2Fcore.git global: Use ssl_client/server_settings_get() --- diff --git a/src/auth/db-ldap.c b/src/auth/db-ldap.c index 6d168ad57c..c7add80138 100644 --- a/src/auth/db-ldap.c +++ b/src/auth/db-ldap.c @@ -1484,8 +1484,8 @@ struct ldap_connection *db_ldap_init(struct event *event) const char *error; set = settings_get_or_fatal(event, &ldap_setting_parser_info); - ssl_set = settings_get_or_fatal(event, &ssl_setting_parser_info); - if (ldap_setting_post_check(set, &error) < 0 || + if (ssl_client_settings_get(event, &ssl_set, &error) < 0 || + ldap_setting_post_check(set, &error) < 0 || ldap_set_tls_validate(ssl_set, &error) < 0) i_fatal("%s: %s", set->uris, error); diff --git a/src/lib-http/http-client.c b/src/lib-http/http-client.c index 690c9421ed..70df64b098 100644 --- a/src/lib-http/http-client.c +++ b/src/lib-http/http-client.c @@ -372,8 +372,7 @@ int http_client_init_ssl_ctx(struct http_client *client, const char **error_r) } /* no ssl settings given via http_client_settings - look them up automatically */ - if (settings_get(client->event, &ssl_setting_parser_info, - 0, &ssl_set, error_r) < 0) + if (ssl_client_settings_get(client->event, &ssl_set, error_r) < 0) return -1; ssl_client_settings_to_iostream_set(ssl_set, &set); diff --git a/src/lib-ldap/ldap-settings.c b/src/lib-ldap/ldap-settings.c index 7f7ef46cfa..ed76fd9713 100644 --- a/src/lib-ldap/ldap-settings.c +++ b/src/lib-ldap/ldap-settings.c @@ -74,7 +74,7 @@ int ldap_client_settings_get(struct event *event, struct ldap_client_settings *set = NULL; const struct ssl_settings *ssl_set = NULL; if (settings_get(event, &ldap_client_setting_parser_info, 0, &set, error_r) < 0 || - settings_get(event, &ssl_setting_parser_info, 0, &ssl_set, error_r) < 0 || + ssl_client_settings_get(event, &ssl_set, error_r) < 0 || ldap_client_settings_postcheck(set, error_r) < 0 || ldap_set_tls_validate(ssl_set, error_r) < 0) { settings_free(set); diff --git a/src/lib-master/master-service-ssl.c b/src/lib-master/master-service-ssl.c index bf4063f2aa..0c58874a0a 100644 --- a/src/lib-master/master-service-ssl.c +++ b/src/lib-master/master-service-ssl.c @@ -22,12 +22,9 @@ void master_service_ssl_ctx_init(struct master_service *service) initialization fails we can close the SSL listeners */ i_assert(service->listeners != NULL || service->socket_count == 0); - if (settings_get(service->event, &ssl_setting_parser_info, 0, - &set, &error) < 0 || - settings_get(service->event, &ssl_server_setting_parser_info, 0, - &server_set, &error) < 0) { + if (ssl_server_settings_get(service->event, &set, &server_set, + &error) < 0) { e_error(service->event, "%s - disabling SSL", error); - settings_free(set); master_service_ssl_io_listeners_remove(service); return; } diff --git a/src/lib-smtp/smtp-client.c b/src/lib-smtp/smtp-client.c index 37f6b9e437..a068ec580a 100644 --- a/src/lib-smtp/smtp-client.c +++ b/src/lib-smtp/smtp-client.c @@ -133,8 +133,7 @@ int smtp_client_init_ssl_ctx(struct smtp_client *client, const char **error_r) } /* no ssl settings given via smtp_client_settings - look them up automatically */ - if (settings_get(client->event, &ssl_setting_parser_info, - 0, &ssl_set, error_r) < 0) + if (ssl_client_settings_get(client->event, &ssl_set, error_r) < 0) return -1; ssl_client_settings_to_iostream_set(ssl_set, &set); diff --git a/src/lib-smtp/smtp-server-connection.c b/src/lib-smtp/smtp-server-connection.c index 1a3dae1c66..c0d77cca6c 100644 --- a/src/lib-smtp/smtp-server-connection.c +++ b/src/lib-smtp/smtp-server-connection.c @@ -359,14 +359,9 @@ smtp_server_connection_sni_callback(const char *name, const char **error_r, event_add_str(conn->event, "local_name", name); i_free(conn->local_name); conn->local_name = i_strdup(name); - if (settings_get(conn->event, &ssl_setting_parser_info, 0, &ssl_set, - error_r) < 0) + if (ssl_server_settings_get(conn->event, &ssl_set, &ssl_server_set, + error_r) < 0) return -1; - if (settings_get(conn->event, &ssl_server_setting_parser_info, 0, - &ssl_server_set, error_r) < 0) { - settings_free(ssl_set); - return -1; - } if (conn->local_name != NULL && *conn->local_name != '\0') conn->set.hostname = conn->local_name; if (conn->callbacks->conn_tls_sni_callback != NULL && diff --git a/src/lib-sql/driver-cassandra.c b/src/lib-sql/driver-cassandra.c index 60aa169f13..a5dabb0c81 100644 --- a/src/lib-sql/driver-cassandra.c +++ b/src/lib-sql/driver-cassandra.c @@ -1111,8 +1111,7 @@ driver_cassandra_init_v(struct event *event, struct sql_db **db_r, return -1; if (strcmp(set->ssl, "no") != 0) { - if (settings_get(event, &ssl_setting_parser_info, 0, - &ssl_set, error_r) < 0) { + if (ssl_client_settings_get(event, &ssl_set, error_r) < 0) { settings_free(set); return -1; } diff --git a/src/lib-sql/driver-mysql.c b/src/lib-sql/driver-mysql.c index 6bcbae72bf..bf42f5bc3e 100644 --- a/src/lib-sql/driver-mysql.c +++ b/src/lib-sql/driver-mysql.c @@ -351,8 +351,7 @@ driver_mysql_init_v(struct event *event, struct sql_db **db_r, } if (set->ssl) { - if (settings_get(event, &ssl_setting_parser_info, 0, - &ssl_set, error_r) < 0) { + if (ssl_client_settings_get(event, &ssl_set, error_r) < 0) { settings_free(set); return -1; } diff --git a/src/lib-ssl-iostream/iostream-ssl.c b/src/lib-ssl-iostream/iostream-ssl.c index a69273b310..7ad468c551 100644 --- a/src/lib-ssl-iostream/iostream-ssl.c +++ b/src/lib-ssl-iostream/iostream-ssl.c @@ -140,8 +140,8 @@ int io_stream_autocreate_ssl_client( int ret; i_assert(parameters->event_parent != NULL); - if (settings_get(parameters->event_parent, &ssl_setting_parser_info, - 0, &ssl_set, error_r) < 0) + if (ssl_client_settings_get(parameters->event_parent, + &ssl_set, error_r) < 0) return -1; ssl_client_settings_to_iostream_set(ssl_set, &set); if ((parameters->flags & SSL_IOSTREAM_FLAG_DISABLE_CA_FILES) != 0) { @@ -186,14 +186,9 @@ int io_stream_autocreate_ssl_server( int ret; i_assert(parameters->event_parent != NULL); - if (settings_get(parameters->event_parent, &ssl_setting_parser_info, - 0, &ssl_set, error_r) < 0) + if (ssl_server_settings_get(parameters->event_parent, &ssl_set, + &ssl_server_set, error_r) < 0) return -1; - if (settings_get(parameters->event_parent, &ssl_server_setting_parser_info, - 0, &ssl_server_set, error_r) < 0) { - settings_free(ssl_set); - return -1; - } ssl_server_settings_to_iostream_set(ssl_set, ssl_server_set, &set); settings_free(ssl_set); settings_free(ssl_server_set); diff --git a/src/login-common/client-common.c b/src/login-common/client-common.c index cbec0eca0d..9a5a2405e7 100644 --- a/src/login-common/client-common.c +++ b/src/login-common/client-common.c @@ -210,10 +210,8 @@ static int client_settings_get(struct client *client, const char **error_r) if (settings_get(client->event, &login_setting_parser_info, 0, &client->set, error_r) < 0 || - settings_get(client->event, &ssl_setting_parser_info, - 0, &client->ssl_set, error_r) < 0 || - settings_get(client->event, &ssl_server_setting_parser_info, - 0, &client->ssl_server_set, error_r) < 0) { + ssl_server_settings_get(client->event, &client->ssl_set, + &client->ssl_server_set, error_r) < 0) { client_settings_free(client); return -1; } diff --git a/src/login-common/main.c b/src/login-common/main.c index b9eecb17db..1692ac0d92 100644 --- a/src/login-common/main.c +++ b/src/login-common/main.c @@ -515,12 +515,10 @@ int login_binary_run(struct login_binary *binary, SETTINGS_GET_FLAG_NO_EXPAND, &global_login_settings, &error) < 0) i_fatal("%s", error); - global_ssl_settings = settings_get_or_fatal( - master_service_get_event(master_service), - &ssl_setting_parser_info); - global_ssl_server_settings = settings_get_or_fatal( - master_service_get_event(master_service), - &ssl_server_setting_parser_info); + if (ssl_server_settings_get(master_service_get_event(master_service), + &global_ssl_settings, + &global_ssl_server_settings, &error) < 0) + i_fatal("%s", error); if (argv[optind] != NULL) login_socket = argv[optind];