From 30dca95419d100d0736cc927738966ceb33ed1d0 Mon Sep 17 00:00:00 2001
From: Aki Tuomi <aki.tuomi@dovecot.fi>
Date: Mon, 16 Oct 2017 10:47:36 +0300
Subject: [PATCH] lib-master: Add master_service_ssl_settings_to_iostream_set

---
 src/lib-master/master-service-ssl-settings.c | 33 ++++++++++++++++++++
 src/lib-master/master-service-ssl-settings.h |  7 +++++
 2 files changed, 40 insertions(+)

diff --git a/src/lib-master/master-service-ssl-settings.c b/src/lib-master/master-service-ssl-settings.c
index 5b76ec21da..c35cde4566 100644
--- a/src/lib-master/master-service-ssl-settings.c
+++ b/src/lib-master/master-service-ssl-settings.c
@@ -4,6 +4,7 @@
 #include "settings-parser.h"
 #include "master-service-private.h"
 #include "master-service-ssl-settings.h"
+#include "iostream-ssl.h"
 
 #include <stddef.h>
 
@@ -163,3 +164,35 @@ master_service_ssl_settings_get(struct master_service *service)
 	sets = settings_parser_get_list(service->set_parser);
 	return sets[1];
 }
+
+void
+master_service_ssl_settings_to_iostream_set(struct master_service *service, pool_t pool,
+					    struct ssl_iostream_settings *set_r)
+{
+	const struct master_service_ssl_settings *ssl_set =
+		master_service_ssl_settings_get(service);
+	i_assert(ssl_set != NULL);
+
+	i_zero(set_r);
+	set_r->protocols = p_strdup(pool, ssl_set->ssl_protocols);
+	set_r->cipher_list = p_strdup(pool, ssl_set->ssl_cipher_list);
+	set_r->ca = p_strdup(pool, ssl_set->ssl_ca);
+	set_r->dh = p_strdup(pool, ssl_set->ssl_dh);
+	set_r->crypto_device = p_strdup(pool, ssl_set->ssl_crypto_device);
+	set_r->verbose = ssl_set->verbose_ssl;
+	set_r->verbose_invalid_cert = ssl_set->verbose_ssl;
+	set_r->verify_remote_cert = ssl_set->ssl_verify_client_cert;
+	set_r->allow_invalid_cert = !set_r->verify_remote_cert;
+	set_r->prefer_server_ciphers = ssl_set->ssl_prefer_server_ciphers;
+	set_r->compression = ssl_set->parsed_opts.compression;
+	set_r->tickets = ssl_set->parsed_opts.tickets;
+	set_r->cert.cert = p_strdup(pool, ssl_set->ssl_cert);
+	set_r->cert.key = p_strdup(pool, ssl_set->ssl_key);
+	set_r->cert.key_password = p_strdup(pool, ssl_set->ssl_key_password);
+	if (ssl_set->ssl_alt_cert != NULL && *ssl_set->ssl_alt_cert != '\0') {
+		set_r->alt_cert.cert = p_strdup(pool, ssl_set->ssl_alt_cert);
+		set_r->alt_cert.key = p_strdup(pool, ssl_set->ssl_alt_key);
+		set_r->alt_cert.key_password = p_strdup(pool, ssl_set->ssl_key_password);
+	}
+	set_r->cert_username_field = p_strdup(pool, ssl_set->ssl_cert_username_field);
+}
diff --git a/src/lib-master/master-service-ssl-settings.h b/src/lib-master/master-service-ssl-settings.h
index 1df8d43c48..2c3f8dafbd 100644
--- a/src/lib-master/master-service-ssl-settings.h
+++ b/src/lib-master/master-service-ssl-settings.h
@@ -2,6 +2,7 @@
 #define MASTER_SERVICE_SSL_SETTINGS_H
 
 struct master_service;
+struct ssl_iostream_settings;
 
 struct master_service_ssl_settings {
 	const char *ssl;
@@ -36,4 +37,10 @@ extern const struct setting_parser_info master_service_ssl_setting_parser_info;
 const struct master_service_ssl_settings *
 master_service_ssl_settings_get(struct master_service *service);
 
+/* Provides master service ssl settings to iostream settings */
+void
+master_service_ssl_settings_to_iostream_set(struct master_service *service, pool_t pool,
+					    struct ssl_iostream_settings *set_r);
+
+
 #endif
-- 
2.47.3