From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Fri, 4 Nov 2022 20:43:34 +0000 (+0200)
Subject: lib-login: Rename LOGIN_REQUEST_FLAG_CONN_SSL_SECURED to ..._FLAG_END_CLIENT_SECURED_TLS
X-Git-Tag: 2.4.0~3410
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2d41afff980abc1493fb39f017d3c762d44c6221;p=thirdparty%2Fdovecot%2Fcore.git

lib-login: Rename LOGIN_REQUEST_FLAG_CONN_SSL_SECURED to ..._FLAG_END_CLIENT_SECURED_TLS
---

diff --git a/src/imap/main.c b/src/imap/main.c
index 03944024d1..48f33ed7bb 100644
--- a/src/imap/main.c
+++ b/src/imap/main.c
@@ -374,8 +374,8 @@ login_request_finished(const struct login_server_request *request,
 	input.username = username;
 	input.userdb_fields = extra_fields;
 	input.session_id = request->session_id;
-	if ((flags & LOGIN_REQUEST_FLAG_CONN_SSL_SECURED) != 0)
-		input.conn_ssl_secured = TRUE;
+	if ((flags & LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS) != 0)
+		input.end_client_tls_secured = TRUE;
 
 	client_parse_imap_login_request(request->data,
 					request->auth_req.data_size,
diff --git a/src/lib-login/login-interface.h b/src/lib-login/login-interface.h
index d01b33204c..682231aeb9 100644
--- a/src/lib-login/login-interface.h
+++ b/src/lib-login/login-interface.h
@@ -19,8 +19,9 @@
 enum login_request_flags {
 	/* Connection has TLS compression enabled */
 	LOGIN_REQUEST_FLAG_TLS_COMPRESSION	= BIT(0),
-	/* Connection is secured using SSL specifically */
-	LOGIN_REQUEST_FLAG_CONN_SSL_SECURED	= BIT(2),
+	/* The end client connection (not just the previous hop proxy
+	   connection) is using TLS. */
+	LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS = BIT(2),
 	/* This login is implicit; no command reply is expected */
 	LOGIN_REQUEST_FLAG_IMPLICIT		= BIT(3),
 };
diff --git a/src/lib-login/test-login-server-auth.c b/src/lib-login/test-login-server-auth.c
index c12ed90532..cc65744ffb 100644
--- a/src/lib-login/test-login-server-auth.c
+++ b/src/lib-login/test-login-server-auth.c
@@ -743,7 +743,7 @@ test_client_request_parallel(pid_t client_pid, unsigned int concurrency,
 	login_req.local_port = 143;
 	(void)net_addr2ip("10.0.0.211", &login_req.remote_ip);
 	login_req.remote_port = 45546;
-	login_req.flags = LOGIN_REQUEST_FLAG_CONN_SSL_SECURED;
+	login_req.flags = LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS;
 
 	ioloop = io_loop_create();
 
diff --git a/src/lib-storage/mail-storage-service.c b/src/lib-storage/mail-storage-service.c
index 66b9074c7f..b2163e7258 100644
--- a/src/lib-storage/mail-storage-service.c
+++ b/src/lib-storage/mail-storage-service.c
@@ -679,7 +679,7 @@ mail_storage_service_init_post(struct mail_storage_service_ctx *ctx,
 	conn_data.remote_ip = &user->input.remote_ip;
 	conn_data.local_port = user->input.local_port;
 	conn_data.remote_port = user->input.remote_port;
-	conn_data.ssl_secured = user->input.conn_ssl_secured;
+	conn_data.ssl_secured = user->input.end_client_tls_secured;
 
 	/* NOTE: if more user initialization is added, add it also to
 	   mail_user_dup() */
diff --git a/src/lib-storage/mail-storage-service.h b/src/lib-storage/mail-storage-service.h
index c2f38c73b2..cf5b8798ab 100644
--- a/src/lib-storage/mail-storage-service.h
+++ b/src/lib-storage/mail-storage-service.h
@@ -68,8 +68,9 @@ struct mail_storage_service_input {
 	bool no_userdb_lookup:1;
 	/* Enable auth_debug=yes for this lookup */
 	bool debug:1;
-	/* Connection is secured using SSL specifically */
-	bool conn_ssl_secured:1;
+	/* The end client connection (not just the previous hop proxy
+	   connection) is using TLS. */
+	bool end_client_tls_secured:1;
 };
 
 extern struct module *mail_storage_service_modules;
diff --git a/src/lmtp/lmtp-client.c b/src/lmtp/lmtp-client.c
index 985f59df50..dbb7195be4 100644
--- a/src/lmtp/lmtp-client.c
+++ b/src/lmtp/lmtp-client.c
@@ -121,7 +121,7 @@ static void client_read_settings(struct client *client, bool ssl)
 	input.remote_ip = client->remote_ip;
 	input.local_port = client->local_port;
 	input.remote_port = client->remote_port;
-	input.conn_ssl_secured = ssl;
+	input.end_client_tls_secured = ssl;
 	input.username = "";
 
 	if (mail_storage_service_read_settings(storage_service, &input,
diff --git a/src/lmtp/lmtp-local.c b/src/lmtp/lmtp-local.c
index 35f16e3ae7..a3cba1492f 100644
--- a/src/lmtp/lmtp-local.c
+++ b/src/lmtp/lmtp-local.c
@@ -305,7 +305,7 @@ int lmtp_local_rcpt(struct client *client,
 	input.local_port = client->local_port;
 	input.remote_port = client->remote_port;
 	input.session_id = lrcpt->session_id;
-	input.conn_ssl_secured =
+	input.end_client_tls_secured =
 		client->end_client_tls_secured_set ?
 		client->end_client_tls_secured :
 		smtp_server_connection_is_ssl_secured(client->conn);
diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
index e09a16fd34..9a68fe2b76 100644
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -182,7 +182,7 @@ static int master_send_request(struct anvil_request *anvil_request)
 	    ssl_iostream_get_compression(client->ssl_iostream) != NULL)
 		req.flags |= LOGIN_REQUEST_FLAG_TLS_COMPRESSION;
 	if (client->end_client_tls_secured)
-		req.flags |= LOGIN_REQUEST_FLAG_CONN_SSL_SECURED;
+		req.flags |= LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS;
 	if (HAS_ALL_BITS(client->auth_flags, SASL_SERVER_AUTH_FLAG_IMPLICIT))
 		req.flags |= LOGIN_REQUEST_FLAG_IMPLICIT;
 	memcpy(req.cookie, anvil_request->cookie, sizeof(req.cookie));
diff --git a/src/pop3/main.c b/src/pop3/main.c
index 4043c89d2d..57da7616ad 100644
--- a/src/pop3/main.c
+++ b/src/pop3/main.c
@@ -304,8 +304,8 @@ login_request_finished(const struct login_server_request *login_client,
 	input.username = username;
 	input.userdb_fields = extra_fields;
 	input.session_id = login_client->session_id;
-	if ((flags & LOGIN_REQUEST_FLAG_CONN_SSL_SECURED) != 0)
-		input.conn_ssl_secured = TRUE;
+	if ((flags & LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS) != 0)
+		input.end_client_tls_secured = TRUE;
 
 	buffer_create_from_const_data(&input_buf, login_client->data,
 				      login_client->auth_req.data_size);
diff --git a/src/submission/main.c b/src/submission/main.c
index 2ba92a38a6..f7889c5c80 100644
--- a/src/submission/main.c
+++ b/src/submission/main.c
@@ -291,8 +291,8 @@ login_request_finished(const struct login_server_request *request,
 	input.username = username;
 	input.userdb_fields = extra_fields;
 	input.session_id = request->session_id;
-	if ((flags & LOGIN_REQUEST_FLAG_CONN_SSL_SECURED) != 0)
-		input.conn_ssl_secured = TRUE;
+	if ((flags & LOGIN_REQUEST_FLAG_END_CLIENT_SECURED_TLS) != 0)
+		input.end_client_tls_secured = TRUE;
 
 	buffer_create_from_const_data(&input_buf, request->data,
 				      request->auth_req.data_size);