lib-master, config: Ignore SSL server settings when executing doveconf via doveadm

This is just a temporary kludge to allow running doveadm (as non-root) when
SSL cert/key files aren't readable. Changes later on fix this properly.

diff --git a/src/config/config-parser-private.h b/src/config/config-parser-private.h
index ec16b040508d544d482d15f37cc8b2a5443c9adb..8791404080a3f9cae2266a9a6326d4205a399718 100644 (file)
--- a/src/config/config-parser-private.h
+++ b/src/config/config-parser-private.h
@@ -59,6 +59,7 @@ struct config_parser_context {
        struct config_filter_context *filter;
        bool expand_values:1;
        bool hide_errors:1;
+       bool skip_ssl_server_settings:1; /* FIXME: temporary kludge - remove later */
 };
 
 extern void (*hook_config_parser_begin)(struct config_parser_context *ctx);

diff --git a/src/config/config-parser.c b/src/config/config-parser.c
index dc0ac0977b3696f480699840dc313f4c723e5cda..eb8ed181fea36d02c56d9be42b617bd33c4948b4 100644 (file)
--- a/src/config/config-parser.c
+++ b/src/config/config-parser.c
@@ -768,6 +768,20 @@ config_get_value(struct config_section_stack *section, const char *key,
        return NULL;
 }
 
+static bool
+config_skip_key(struct config_parser_context *ctx, const char *key)
+{
+       if (ctx->skip_ssl_server_settings &&
+           (strcmp(key, "ssl_cert") == 0 ||
+            strcmp(key, "ssl_key") == 0 ||
+            strcmp(key, "ssl_ca") == 0 ||
+            strcmp(key, "ssl_verify_client_cert") == 0)) {
+               /* FIXME: temporary kludge - remove later */
+               return TRUE;
+       }
+       return FALSE;
+}
+
 static int config_write_keyvariable(struct config_parser_context *ctx,
                                    const char *key, const char *value,
                                    string_t *str)
@@ -915,6 +929,8 @@ void config_parser_apply_line(struct config_parser_context *ctx,
        case CONFIG_LINE_TYPE_KEYVALUE:
        case CONFIG_LINE_TYPE_KEYFILE:
        case CONFIG_LINE_TYPE_KEYVARIABLE:
+               if (config_skip_key(ctx, key))
+                       break;
                str_append(ctx->str, key);
                config_parser_check_warnings(ctx, key);
                str_append_c(ctx->str, '=');
@@ -1000,6 +1016,8 @@ int config_parse_file(const char *path, enum config_parse_flags flags,
        ctx.path = path;
        ctx.hide_errors = fd == -1 ||
                (flags & CONFIG_PARSE_FLAG_HIDE_ERRORS) != 0;
+       ctx.skip_ssl_server_settings =
+               (flags & CONFIG_PARSE_FLAG_SKIP_SSL_SERVER) != 0;
 
        for (count = 0; all_roots[count] != NULL; count++) ;
        ctx.root_parsers =

diff --git a/src/config/config-parser.h b/src/config/config-parser.h
index 819c65fce2b3943f8aec92ce3a695622e66b4ce2..95984b0e60ac8ca64f2e80be94821bdd3964fcde 100644 (file)
--- a/src/config/config-parser.h
+++ b/src/config/config-parser.h
@@ -8,6 +8,7 @@
 enum config_parse_flags {
        CONFIG_PARSE_FLAG_EXPAND_VALUES = BIT(0),
        CONFIG_PARSE_FLAG_HIDE_ERRORS   = BIT(1),
+       CONFIG_PARSE_FLAG_SKIP_SSL_SERVER = BIT(2), /* FIXME: temporary kludge - remove later */
 };
 
 struct config_module_parser {

diff --git a/src/config/doveconf.c b/src/config/doveconf.c
index 6d78bd2e103f1b5059f42fac78f83ad1cba64309..62f507f1a4e108224c8849766cef7970d20fba83 100644 (file)
--- a/src/config/doveconf.c
+++ b/src/config/doveconf.c
@@ -974,6 +974,10 @@ int main(int argc, char *argv[])
                flags |= CONFIG_PARSE_FLAG_EXPAND_VALUES;
        if (disable_check_settings)
                flags |= CONFIG_PARSE_FLAG_HIDE_ERRORS;
+       if (null_strcmp(getenv("DOVECONF_SERVICE"), "doveadm") == 0) {
+               /* FIXME: temporary kludge - remove later */
+               flags |= CONFIG_PARSE_FLAG_SKIP_SSL_SERVER;
+       }
        if ((ret = config_parse_file(dump_defaults ? NULL : config_path,
                                     flags, &error)) == 0 &&
            access(EXAMPLE_CONFIG_DIR, X_OK) == 0) {