From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Mon, 20 Apr 2020 15:07:58 +0000 (+0300)
Subject: lib-master: MASTER_SERVICE_FLAG_USE_SSL_SETTINGS no longer initialized SSL server
X-Git-Tag: 2.3.11.2~197
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4452a0c36107742cbc6dcc552e5f6bc4afa09c75;p=thirdparty%2Fdovecot%2Fcore.git

lib-master: MASTER_SERVICE_FLAG_USE_SSL_SETTINGS no longer initialized SSL server
---

diff --git a/src/lib-master/master-service-private.h b/src/lib-master/master-service-private.h
index 33dba32aa2..e822951517 100644
--- a/src/lib-master/master-service-private.h
+++ b/src/lib-master/master-service-private.h
@@ -82,6 +82,7 @@ struct master_service {
 	bool call_avail_overflow:1;
 	bool config_path_changed_with_param:1;
 	bool want_ssl_settings:1;
+	bool want_ssl_server:1;
 	bool ssl_ctx_initialized:1;
 	bool config_path_from_master:1;
 	bool log_initialized:1;
diff --git a/src/lib-master/master-service.c b/src/lib-master/master-service.c
index d7b1f4c629..b111b9bf77 100644
--- a/src/lib-master/master-service.c
+++ b/src/lib-master/master-service.c
@@ -191,9 +191,10 @@ static void master_service_init_socket_listeners(struct master_service *service)
 			}
 		}
 	}
-	service->want_ssl_settings = have_ssl_sockets ||
-		(service->flags & (MASTER_SERVICE_FLAG_USE_SSL_SETTINGS |
-				   MASTER_SERVICE_FLAG_HAVE_STARTTLS)) != 0;
+	service->want_ssl_server = have_ssl_sockets ||
+		(service->flags & MASTER_SERVICE_FLAG_HAVE_STARTTLS) != 0;
+	service->want_ssl_settings = service->want_ssl_server ||
+		(service->flags & MASTER_SERVICE_FLAG_USE_SSL_SETTINGS) != 0;
 }
 
 struct master_service *
@@ -640,7 +641,7 @@ void master_service_init_finish(struct master_service *service)
 		lib_signals_set_handler(SIGQUIT, 0, sig_close_listeners, service);
 	}
 	master_service_io_listeners_add(service);
-	if (service->want_ssl_settings &&
+	if (service->want_ssl_server &&
 	    (service->flags & MASTER_SERVICE_FLAG_NO_SSL_INIT) == 0)
 		master_service_ssl_ctx_init(service);
 
diff --git a/src/lib-master/master-service.h b/src/lib-master/master-service.h
index acbeaf4504..5a81b8b36e 100644
--- a/src/lib-master/master-service.h
+++ b/src/lib-master/master-service.h
@@ -27,9 +27,10 @@ enum master_service_flags {
 	/* Show number of connections in process title
 	   (only if verbose_proctitle setting is enabled) */
 	MASTER_SERVICE_FLAG_UPDATE_PROCTITLE	= 0x100,
-	/* SSL settings are always looked up when we have ssl listeners.
-	   This flag enables looking up SSL settings even without ssl
-	   listeners (i.e. the service does STARTTLS). */
+	/* Always read SSL settings into memory, even if there are no ssl
+	   listeners or _HAVE_STARTTLS flag hasn't been set. This is mainly
+	   intended to be used when SSL client settings are wanted to be
+	   accessed via lib-master. */
 	MASTER_SERVICE_FLAG_USE_SSL_SETTINGS	= 0x200,
 	/* Don't initialize SSL context automatically. */
 	MASTER_SERVICE_FLAG_NO_SSL_INIT		= 0x400,