.struct_size = sizeof(struct crypt_settings),
.pool_offset1 = 1 + offsetof(struct crypt_settings, pool),
};
+
+#undef DEF
+#define DEF(type, name) \
+ SETTING_DEFINE_STRUCT_##type(#name, name, struct crypt_acl_settings)
+static const struct setting_define crypt_acl_setting_defines[] = {
+ DEF(BOOL, crypt_acl_require_secure_key_sharing),
+
+ SETTING_DEFINE_LIST_END
+};
+
+static const struct crypt_acl_settings crypt_acl_default_settings = {
+ .crypt_acl_require_secure_key_sharing = FALSE,
+};
+
+const struct setting_parser_info crypt_acl_setting_parser_info = {
+ .name = "crypt_acl",
+
+ .defines = crypt_acl_setting_defines,
+ .defaults = &crypt_acl_default_settings,
+
+ .struct_size = sizeof(struct crypt_acl_settings),
+ .pool_offset1 = 1 + offsetof(struct crypt_acl_settings, pool),
+};
bool crypt_user_key_require_encrypted;
};
+struct crypt_acl_settings {
+ pool_t pool;
+ bool crypt_acl_require_secure_key_sharing;
+};
+
extern const struct setting_parser_info crypt_setting_parser_info;
extern const struct setting_parser_info crypt_private_key_setting_parser_info;
+extern const struct setting_parser_info crypt_acl_setting_parser_info;
#endif
{
const char *error;
struct mail_user *dest_user;
+ const struct crypt_acl_settings *set;
struct ioloop_context *cur_ioloop_ctx;
struct dcrypt_public_key *pkey;
const char *dest_username;
int ret = 0;
- bool disallow_insecure =
- mail_user_plugin_getenv_bool(user, MAIL_CRYPT_ACL_SECURE_SHARE_SETTING);
+ if (settings_get(user->event, &crypt_acl_setting_parser_info, 0,
+ &set, &error) < 0) {
+ e_error(user->event, "%s", error);
+ return -1;
+ }
+ bool disallow_insecure = set->crypt_acl_require_secure_key_sharing;
+ settings_free(set);
ret = mcp_user_create(user, target_uid, &dest_user, &error);
#include "module-dir.h"
#include "var-expand.h"
#include "hex-binary.h"
+#include "settings.h"
#include "mail-namespace.h"
#include "mail-storage-hooks.h"
#include "mail-storage-service.h"
const char *error;
struct mail_crypt_acl_mailbox_list *mlist =
MAIL_CRYPT_ACL_LIST_CONTEXT(aclobj->backend->list);
+ const struct crypt_acl_settings *set;
struct event *event = aclobj->backend->event;
const char *username;
struct mail_user *dest_user;
if (mlist->acl_vprev.object_update(aclobj, update) < 0)
return -1;
- bool disallow_insecure =
- mail_user_plugin_getenv_bool(aclobj->backend->list->ns->user,
- MAIL_CRYPT_ACL_SECURE_SHARE_SETTING);
+ if (settings_get(event, &crypt_acl_setting_parser_info, 0,
+ &set, &error) < 0) {
+ e_error(event, "%s", error);
+ return -1;
+ }
+ bool disallow_insecure = set->crypt_acl_require_secure_key_sharing;
+ settings_free(set);
const char *box_name = mailbox_list_get_vname(aclobj->backend->list,
aclobj->name);
if (disallow_insecure) {
e_error(event, "mail-crypt-acl-plugin: "
"Secure key sharing is enabled -"
- "Remove or set plugin { %s = no }",
- MAIL_CRYPT_ACL_SECURE_SHARE_SETTING);
+ "Remove or set crypt_acl_require_secure_key_sharing=no");
ret = -1;
break;
}
#define MAIL_CRYPT_ENC_ALGORITHM "aes-256-gcm-sha256"
#define MAIL_CRYPT_KEY_ID_ALGORITHM "sha256"
#define MAIL_CRYPT_KEY_ATTRIBUTE_FORMAT DCRYPT_FORMAT_DOVECOT
-#define MAIL_CRYPT_ACL_SECURE_SHARE_SETTING "mail_crypt_acl_require_secure_key_sharing"
#define MAIL_CRYPT_HASH_BUF_SIZE 128
#define MAIL_CRYPT_KEY_BUF_SIZE 1024
#define ACTIVE_KEY_NAME "active"
projects / thirdparty / dovecot / core.git / commitdiff
