]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
doveadm: server-connection - Move initializing ssl settings to caller
authorTimo Sirainen <timo.sirainen@open-xchange.com>
Thu, 29 Jul 2021 17:33:10 +0000 (20:33 +0300)
committerAki Tuomi <aki.tuomi@open-xchange.com>
Mon, 17 Jan 2022 11:52:09 +0000 (13:52 +0200)
src/doveadm/doveadm-dsync.c
src/doveadm/doveadm-mail-server.c
src/doveadm/server-connection.c
src/doveadm/server-connection.h

index 455655d976007c92b7f07ef9defb4ae462eec4b7..43a332268e9745032cf3f55dbba71c7660f3de4d 100644 (file)
@@ -851,21 +851,6 @@ static void dsync_connected_callback(const struct doveadm_server_reply *reply,
        io_loop_stop(current_ioloop);
 }
 
-static int dsync_init_ssl_ctx(struct dsync_cmd_context *ctx,
-                             const struct master_service_ssl_settings *ssl_set,
-                             const char **error_r)
-{
-       struct ssl_iostream_settings ssl_ctx_set;
-
-       if (ctx->ssl_ctx != NULL)
-               return 0;
-
-       master_service_ssl_client_settings_to_iostream_set(ssl_set,
-               pool_datastack_create(), &ssl_ctx_set);
-       return ssl_iostream_client_context_cache_get(&ssl_ctx_set,
-                                                    &ctx->ssl_ctx, error_r);
-}
-
 static void dsync_server_run_command(struct dsync_cmd_context *ctx,
                                     struct server_connection *conn)
 {
@@ -916,7 +901,13 @@ dsync_connect_tcp(struct dsync_cmd_context *ctx,
        }
 
        if (ssl) {
-               if (dsync_init_ssl_ctx(ctx, ssl_set, &error) < 0) {
+               master_service_ssl_client_settings_to_iostream_set(ssl_set,
+                       pool_datastack_create(), &conn_set.ssl_set);
+
+               if (ctx->ssl_ctx == NULL &&
+                   ssl_iostream_client_context_cache_get(&conn_set.ssl_set,
+                                                         &ctx->ssl_ctx,
+                                                         &error) < 0) {
                        *error_r = t_strdup_printf(
                                "Couldn't initialize SSL context: %s", error);
                        return -1;
index 7fd46ec7ea4109c673b60594277acf6e7ea32e6d..34549f7825b7b494a21fb629aa3f621d6c93641a 100644 (file)
@@ -544,6 +544,8 @@ static int doveadm_mail_server_request_queue_handle_next(const char **error_r)
        request_copy = *request;
        array_pop_front(&doveadm_server_request_queue);
 
+       doveadm_get_ssl_settings(&request_copy.set.ssl_set,
+                                pool_datastack_create());
        if (server_connection_create(&request_copy.set, &conn, error_r) < 0) {
                internal_failure = TRUE;
                return -1;
@@ -709,6 +711,8 @@ int doveadm_mail_server_user(struct doveadm_mail_cmd_context *ctx,
        }
 
        if (server_connections_count() <= limit) {
+               doveadm_get_ssl_settings(&conn_set.ssl_set,
+                                        pool_datastack_create());
                if (server_connection_create(&conn_set, &conn, error_r) < 0) {
                        internal_failure = TRUE;
                        return -1;
index 928925ee4b06accbbf7c97a839e9183a3daad9dd..07bc0344748491ae7061c13f13b3c0b08018a99e 100644 (file)
@@ -81,6 +81,7 @@ void doveadm_client_settings_dup(const struct doveadm_client_settings *src,
        dest_r->password = p_strdup(pool, src->password);
 
        dest_r->ssl_flags = src->ssl_flags;
+       dest_r->ssl_set = *ssl_iostream_settings_dup(pool, &src->ssl_set);
        if (src->ssl_ctx != NULL) {
                dest_r->ssl_ctx = src->ssl_ctx;
                ssl_iostream_context_ref(dest_r->ssl_ctx);
@@ -514,14 +515,12 @@ static bool server_connection_input_one(struct server_connection *conn)
 static int server_connection_init_ssl(struct server_connection *conn,
                                      const char **error_r)
 {
-       struct ssl_iostream_settings ssl_set;
+       struct ssl_iostream_settings ssl_set = conn->set.ssl_set;
        const char *error;
 
        if (conn->set.ssl_flags == 0)
                return 0;
 
-       doveadm_get_ssl_settings(&ssl_set, pool_datastack_create());
-
        if ((conn->set.ssl_flags & AUTH_PROXY_SSL_FLAG_ANY_CERT) != 0)
                ssl_set.allow_invalid_cert = TRUE;
        if (ssl_set.allow_invalid_cert)
index 1d83512205b460245654a8482c46b2689ef71880..dee054bb674d0707cdd0ad32f4d7bafe762e998c 100644 (file)
@@ -2,6 +2,7 @@
 #define SERVER_CONNECTION_H
 
 #include "auth-proxy.h"
+#include "iostream-ssl.h"
 
 #define SERVER_EXIT_CODE_DISCONNECTED 1000
 
@@ -38,6 +39,8 @@ struct doveadm_client_settings {
 
        /* SSL flags. */
        enum auth_proxy_ssl_flags ssl_flags;
+       /* SSL settings. */
+       struct ssl_iostream_settings ssl_set;
        /* SSL context, or NULL to create a new one. */
        struct ssl_iostream_context *ssl_ctx;
 };