lib-login: Rename LOGIN_REQUEST_FLAG_CONN_SSL_SECURED to ..._FLAG_END_CLIENT_SECURED_TLS

diff --git a/src/imap/main.c b/src/imap/main.c
index 03944024d104e813b93b465f7c95c4124f188d68..48f33ed7bb3c06a5e48ec02654b639b82c01622a 100644 (file)
--- a/src/imap/main.c
+++ b/src/imap/main.c
@@ -374,8 +374,8 @@ login_request_finished(const struct login_server_request *request,
        input.username = username;
        input.userdb_fields = extra_fields;
        input.session_id = request->session_id;
-       if ((flags & LOGIN_REQUEST_FLAG_CONN_SSL_SECURED) != 0)
-               input.conn_ssl_secured = TRUE;
+       if ((flags & LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS) != 0)
+               input.end_client_tls_secured = TRUE;
 
        client_parse_imap_login_request(request->data,
                                        request->auth_req.data_size,

diff --git a/src/lib-login/login-interface.h b/src/lib-login/login-interface.h
index d01b33204cac684c2376c76646b930ffa6c769a2..682231aeb99ea308656bcbc102e81fbc31e939d3 100644 (file)
--- a/src/lib-login/login-interface.h
+++ b/src/lib-login/login-interface.h
@@ -19,8 +19,9 @@
 enum login_request_flags {
        /* Connection has TLS compression enabled */
        LOGIN_REQUEST_FLAG_TLS_COMPRESSION      = BIT(0),
-       /* Connection is secured using SSL specifically */
-       LOGIN_REQUEST_FLAG_CONN_SSL_SECURED     = BIT(2),
+       /* The end client connection (not just the previous hop proxy
+          connection) is using TLS. */
+       LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS = BIT(2),
        /* This login is implicit; no command reply is expected */
        LOGIN_REQUEST_FLAG_IMPLICIT             = BIT(3),
 };

diff --git a/src/lib-login/test-login-server-auth.c b/src/lib-login/test-login-server-auth.c
index c12ed9053298f178f96ce8918a4dc2734112d297..cc65744ffb6cb77fb12a767a65c1404f03c9f146 100644 (file)
--- a/src/lib-login/test-login-server-auth.c
+++ b/src/lib-login/test-login-server-auth.c
@@ -743,7 +743,7 @@ test_client_request_parallel(pid_t client_pid, unsigned int concurrency,
        login_req.local_port = 143;
        (void)net_addr2ip("10.0.0.211", &login_req.remote_ip);
        login_req.remote_port = 45546;
-       login_req.flags = LOGIN_REQUEST_FLAG_CONN_SSL_SECURED;
+       login_req.flags = LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS;
 
        ioloop = io_loop_create();
 

diff --git a/src/lib-storage/mail-storage-service.c b/src/lib-storage/mail-storage-service.c
index 66b9074c7f0151ef3cde57d8fcebbc00652426f9..b2163e72584c307c5e1529776ed408268556d08b 100644 (file)
--- a/src/lib-storage/mail-storage-service.c
+++ b/src/lib-storage/mail-storage-service.c
@@ -679,7 +679,7 @@ mail_storage_service_init_post(struct mail_storage_service_ctx *ctx,
        conn_data.remote_ip = &user->input.remote_ip;
        conn_data.local_port = user->input.local_port;
        conn_data.remote_port = user->input.remote_port;
-       conn_data.ssl_secured = user->input.conn_ssl_secured;
+       conn_data.ssl_secured = user->input.end_client_tls_secured;
 
        /* NOTE: if more user initialization is added, add it also to
           mail_user_dup() */

diff --git a/src/lib-storage/mail-storage-service.h b/src/lib-storage/mail-storage-service.h
index c2f38c73b25ea563c85d3e50febb1f5db06d9a4b..cf5b8798ab7f36e28b52c78926ea68f9453ec357 100644 (file)
--- a/src/lib-storage/mail-storage-service.h
+++ b/src/lib-storage/mail-storage-service.h
@@ -68,8 +68,9 @@ struct mail_storage_service_input {
        bool no_userdb_lookup:1;
        /* Enable auth_debug=yes for this lookup */
        bool debug:1;
-       /* Connection is secured using SSL specifically */
-       bool conn_ssl_secured:1;
+       /* The end client connection (not just the previous hop proxy
+          connection) is using TLS. */
+       bool end_client_tls_secured:1;
 };
 
 extern struct module *mail_storage_service_modules;

diff --git a/src/lmtp/lmtp-client.c b/src/lmtp/lmtp-client.c
index 985f59df501bfe7044d9fde86ca7f589c19fd9d8..dbb7195be41364bb067cbb7e5f98312c68a169e5 100644 (file)
--- a/src/lmtp/lmtp-client.c
+++ b/src/lmtp/lmtp-client.c
@@ -121,7 +121,7 @@ static void client_read_settings(struct client *client, bool ssl)
        input.remote_ip = client->remote_ip;
        input.local_port = client->local_port;
        input.remote_port = client->remote_port;
-       input.conn_ssl_secured = ssl;
+       input.end_client_tls_secured = ssl;
        input.username = "";
 
        if (mail_storage_service_read_settings(storage_service, &input,

diff --git a/src/lmtp/lmtp-local.c b/src/lmtp/lmtp-local.c
index 35f16e3ae7b24c4c1437213ad023d5cbe0d156f1..a3cba1492feb0ce098d9224cc11b182094facb5d 100644 (file)
--- a/src/lmtp/lmtp-local.c
+++ b/src/lmtp/lmtp-local.c
@@ -305,7 +305,7 @@ int lmtp_local_rcpt(struct client *client,
        input.local_port = client->local_port;
        input.remote_port = client->remote_port;
        input.session_id = lrcpt->session_id;
-       input.conn_ssl_secured =
+       input.end_client_tls_secured =
                client->end_client_tls_secured_set ?
                client->end_client_tls_secured :
                smtp_server_connection_is_ssl_secured(client->conn);

diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
index e09a16fd34bac6197b85487891784e08fe65d5d0..9a68fe2b76e4f13eabe327204a218704308eac51 100644 (file)
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -182,7 +182,7 @@ static int master_send_request(struct anvil_request *anvil_request)
            ssl_iostream_get_compression(client->ssl_iostream) != NULL)
                req.flags |= LOGIN_REQUEST_FLAG_TLS_COMPRESSION;
        if (client->end_client_tls_secured)
-               req.flags |= LOGIN_REQUEST_FLAG_CONN_SSL_SECURED;
+               req.flags |= LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS;
        if (HAS_ALL_BITS(client->auth_flags, SASL_SERVER_AUTH_FLAG_IMPLICIT))
                req.flags |= LOGIN_REQUEST_FLAG_IMPLICIT;
        memcpy(req.cookie, anvil_request->cookie, sizeof(req.cookie));

diff --git a/src/pop3/main.c b/src/pop3/main.c
index 4043c89d2da67f27ec03d7cb32f87b9c0761947d..57da7616adfeb2c774f2843ef64e62770f06e10a 100644 (file)
--- a/src/pop3/main.c
+++ b/src/pop3/main.c
@@ -304,8 +304,8 @@ login_request_finished(const struct login_server_request *login_client,
        input.username = username;
        input.userdb_fields = extra_fields;
        input.session_id = login_client->session_id;
-       if ((flags & LOGIN_REQUEST_FLAG_CONN_SSL_SECURED) != 0)
-               input.conn_ssl_secured = TRUE;
+       if ((flags & LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS) != 0)
+               input.end_client_tls_secured = TRUE;
 
        buffer_create_from_const_data(&input_buf, login_client->data,
                                      login_client->auth_req.data_size);

diff --git a/src/submission/main.c b/src/submission/main.c
index 2ba92a38a69f2b5d2c3e9adf9751d24201adb330..f7889c5c80d607fe72d2e8987527539c2fad3f5d 100644 (file)
--- a/src/submission/main.c
+++ b/src/submission/main.c
@@ -291,8 +291,8 @@ login_request_finished(const struct login_server_request *request,
        input.username = username;
        input.userdb_fields = extra_fields;
        input.session_id = request->session_id;
-       if ((flags & LOGIN_REQUEST_FLAG_CONN_SSL_SECURED) != 0)
-               input.conn_ssl_secured = TRUE;
+       if ((flags & LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS) != 0)
+               input.end_client_tls_secured = TRUE;
 
        buffer_create_from_const_data(&input_buf, request->data,
                                      request->auth_req.data_size);