[dovecot-cvs] dovecot/src/master .cvsignore, 1.2, 1.3 Makefile.am,
1.18, 1.19 common.h, 1.25, 1.26 main.c, 1.76,
1.77 ssl-init-main.c, NONE, 1.1 ssl-init.c, 1.24,
1.25 ssl-init.h, 1.4, 1.5
cras at dovecot.org
cras at dovecot.org
Sun Feb 5 20:00:18 EET 2006
Update of /var/lib/cvs/dovecot/src/master
In directory talvi:/tmp/cvs-serv4864
Modified Files:
.cvsignore Makefile.am common.h main.c ssl-init.c ssl-init.h
Added Files:
ssl-init-main.c
Log Message:
Added ssl-build-param binary to build the ssl-parameters.dat. This way
dovecot master binary doesn't anymore need to be linked with SSL libraries,
and the process title is also clearer.
Index: .cvsignore
===================================================================
RCS file: /var/lib/cvs/dovecot/src/master/.cvsignore,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- .cvsignore 30 Jan 2003 17:59:31 -0000 1.2
+++ .cvsignore 5 Feb 2006 18:00:15 -0000 1.3
@@ -7,3 +7,4 @@
Makefile.in
so_locations
dovecot
+ssl-build-param
Index: Makefile.am
===================================================================
RCS file: /var/lib/cvs/dovecot/src/master/Makefile.am,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- Makefile.am 15 Jan 2006 13:16:53 -0000 1.18
+++ Makefile.am 5 Feb 2006 18:00:15 -0000 1.19
@@ -1,6 +1,7 @@
pkglibexecdir = $(libexecdir)/dovecot
sbin_PROGRAMS = dovecot
+pkglibexec_PROGRAMS = ssl-build-param
AM_CPPFLAGS = \
-I$(top_srcdir)/src/lib \
@@ -13,8 +14,7 @@
dovecot_LDADD = \
../lib-settings/libsettings.a \
- ../lib/liblib.a \
- $(SSL_LIBS)
+ ../lib/liblib.a
dovecot_SOURCES = \
auth-process.c \
@@ -26,9 +26,7 @@
main.c \
master-settings.c \
syslog-util.c \
- ssl-init.c \
- ssl-init-gnutls.c \
- ssl-init-openssl.c
+ ssl-init.c
noinst_HEADERS = \
auth-process.h \
@@ -42,3 +40,13 @@
master-settings.h \
syslog-util.h \
ssl-init.h
+
+ssl_build_param_SOURCES = \
+ ssl-init-main.c \
+ ssl-init-openssl.c \
+ ssl-init-gnutls.c
+
+ssl_build_param_LDADD = \
+ ../lib/liblib.a \
+ $(SSL_LIBS)
+
Index: common.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/master/common.h,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -r1.25 -r1.26
--- common.h 15 Jan 2006 13:16:53 -0000 1.25
+++ common.h 5 Feb 2006 18:00:15 -0000 1.26
@@ -24,6 +24,7 @@
extern struct hash_table *pids;
extern int null_fd, inetd_login_fd;
extern uid_t master_uid;
+extern char program_path[];
extern const char *process_names[];
extern char ssl_manual_key_password[];
Index: main.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/master/main.c,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -d -r1.76 -r1.77
--- main.c 31 Jan 2006 06:02:35 -0000 1.76
+++ main.c 5 Feb 2006 18:00:15 -0000 1.77
@@ -32,7 +32,7 @@
"login",
"imap",
"pop3",
- "ssl-param",
+ "ssl-build-param",
"dict"
};
@@ -44,6 +44,7 @@
struct hash_table *pids;
int null_fd, inetd_login_fd;
uid_t master_uid;
+char program_path[PATH_MAX];
char ssl_manual_key_password[100];
#ifdef DEBUG
static bool gdb;
@@ -604,7 +605,7 @@
static void print_help(void)
{
printf(
-"Usage: dovecot [-F] [-c <config file>] [-p] [--build-ssl-parameters]\n"
+"Usage: dovecot [-F] [-c <config file>] [-p]\n"
" [--exec-mail <protocol>] [--version] [--build-options]\n");
}
@@ -704,7 +705,7 @@
{
/* parse arguments */
const char *exec_protocol = NULL, *exec_section = NULL, *user, *home;
- bool foreground = FALSE, ask_key_pass = FALSE, build_parameters = FALSE;
+ bool foreground = FALSE, ask_key_pass = FALSE;
int i;
#ifdef DEBUG
@@ -734,8 +735,6 @@
exec_protocol = argv[i];
if (i+1 != argc)
exec_section = argv[++i];
- } else if (strcmp(argv[i], "--build-ssl-parameters") == 0) {
- build_parameters = TRUE;
} else if (strcmp(argv[i], "--version") == 0) {
printf("%s\n", VERSION);
return 0;
@@ -775,10 +774,6 @@
sizeof(ssl_manual_key_password));
t_pop();
}
- if (build_parameters) {
- ssl_check_parameters_file(TRUE);
- exit(0);
- }
/* save TZ environment. AIX depends on it to get the timezone
correctly. */
--- NEW FILE: ssl-init-main.c ---
/* Copyright (C) 2006 Timo Sirainen */
#include "lib.h"
#include "lib-signals.h"
#include "randgen.h"
#include "ssl-init.h"
#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <sys/stat.h>
static void generate_parameters_file(const char *fname)
{
const char *temp_fname;
mode_t old_mask;
int fd;
temp_fname = t_strconcat(fname, ".tmp", NULL);
(void)unlink(temp_fname);
old_mask = umask(0);
fd = open(temp_fname, O_WRONLY | O_CREAT | O_EXCL, 0644);
umask(old_mask);
if (fd == -1) {
i_fatal("Can't create temporary SSL parameters file %s: %m",
temp_fname);
}
_ssl_generate_parameters(fd, temp_fname);
if (close(fd) < 0)
i_fatal("close(%s) failed: %m", temp_fname);
if (rename(temp_fname, fname) < 0)
i_fatal("rename(%s, %s) failed: %m", temp_fname, fname);
i_info("SSL parameters regeneration completed");
}
int main(int argc, char *argv[])
{
lib_init();
i_set_failure_internal();
if (argc < 2)
i_fatal("Usage: ssl-build-param <path>");
random_init();
generate_parameters_file(argv[1]);
random_deinit();
lib_deinit();
return 0;
}
Index: ssl-init.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/master/ssl-init.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- ssl-init.c 26 Jan 2006 20:10:22 -0000 1.24
+++ ssl-init.c 5 Feb 2006 18:00:15 -0000 1.25
@@ -2,6 +2,8 @@
#include "common.h"
#include "ioloop.h"
+#include "env-util.h"
+#include "log.h"
#include "ssl-init.h"
#ifdef HAVE_SSL
@@ -15,54 +17,41 @@
static struct timeout *to;
static bool generating;
-static void generate_parameters_file(const char *fname)
-{
- const char *temp_fname;
- mode_t old_mask;
- int fd;
-
- temp_fname = t_strconcat(fname, ".tmp", NULL);
- (void)unlink(temp_fname);
-
- old_mask = umask(0);
- fd = open(temp_fname, O_WRONLY | O_CREAT | O_EXCL, 0644);
- umask(old_mask);
-
- if (fd == -1) {
- i_fatal("Can't create temporary SSL parameters file %s: %m",
- temp_fname);
- }
-
- _ssl_generate_parameters(fd, temp_fname);
-
- if (close(fd) < 0)
- i_fatal("close(%s) failed: %m", temp_fname);
-
- if (rename(temp_fname, fname) < 0)
- i_fatal("rename(%s, %s) failed: %m", temp_fname, fname);
-
- i_info("SSL parameters regeneration completed");
-}
-
static void start_generate_process(const char *fname)
{
+ const char *binpath = PKG_LIBEXECDIR"/ssl-build-param";
+ struct log_io *log;
pid_t pid;
+ int log_fd;
- pid = fork();
- if (pid < 0) {
- i_error("fork() failed: %m");
+ log_fd = log_create_pipe(&log, 10);
+ if (log_fd == -1)
+ pid = -1;
+ else {
+ pid = fork();
+ if (pid < 0)
+ i_error("fork() failed: %m");
+ }
+ if (pid == -1) {
+ (void)close(log_fd);
return;
}
- if (pid == 0) {
- /* child */
- generate_parameters_file(fname);
- exit(0);
- } else {
+ log_set_prefix(log, "ssl-build-param: ");
+ if (pid != 0) {
/* parent */
generating = TRUE;
PID_ADD_PROCESS_TYPE(pid, PROCESS_TYPE_SSL_PARAM);
+ return;
}
+
+ /* child. */
+ if (dup2(log_fd, 2) < 0)
+ i_fatal("dup2(stderr) failed: %m");
+
+ child_process_init_env();
+ client_process_exec(t_strconcat(binpath, " ", fname, NULL), "");
+ i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", binpath);
}
void ssl_parameter_process_destroyed(pid_t pid __attr_unused__)
@@ -70,7 +59,7 @@
generating = FALSE;
}
-static bool check_parameters_file_set(struct settings *set, bool foreground)
+static bool check_parameters_file_set(struct settings *set)
{
const char *path;
struct stat st;
@@ -100,27 +89,19 @@
(st.st_mtime + (time_t)(set->ssl_parameters_regenerate*3600));
if (regen_time < ioloop_time || st.st_size == 0 ||
st.st_uid != master_uid) {
- if (foreground) {
- i_info("Generating Diffie-Hellman parameters. "
- "This may take a while..");
- generate_parameters_file(path);
- } else {
- if (st.st_mtime == 0) {
- i_info("Generating Diffie-Hellman parameters "
- "for the first time. This may take "
- "a while..");
- }
- start_generate_process(path);
+ if (st.st_mtime == 0) {
+ i_info("Generating Diffie-Hellman parameters "
+ "for the first time. This may take "
+ "a while..");
}
+ start_generate_process(path);
return FALSE;
- } else if (foreground) {
- i_info("Diffie-Hellman parameter file already exists.");
}
return TRUE;
}
-void ssl_check_parameters_file(bool foreground)
+void ssl_check_parameters_file(void)
{
struct server_settings *server;
@@ -129,14 +110,14 @@
for (server = settings_root; server != NULL; server = server->next) {
if (server->defaults != NULL &&
- !check_parameters_file_set(server->defaults, foreground))
+ !check_parameters_file_set(server->defaults))
break;
}
}
static void check_parameters_file_timeout(void *context __attr_unused__)
{
- ssl_check_parameters_file(FALSE);
+ ssl_check_parameters_file();
}
void ssl_init(void)
@@ -146,7 +127,7 @@
/* check every 10 mins */
to = timeout_add(600 * 1000, check_parameters_file_timeout, NULL);
- ssl_check_parameters_file(FALSE);
+ ssl_check_parameters_file();
}
void ssl_deinit(void)
@@ -157,7 +138,7 @@
#else
void ssl_parameter_process_destroyed(pid_t pid __attr_unused__) {}
-void ssl_check_parameters_file(bool foreground __attr_unused__) {}
+void ssl_check_parameters_file(void) {}
void ssl_init(void) {}
void ssl_deinit(void) {}
Index: ssl-init.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/master/ssl-init.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- ssl-init.h 22 Jan 2006 10:50:54 -0000 1.4
+++ ssl-init.h 5 Feb 2006 18:00:15 -0000 1.5
@@ -5,7 +5,7 @@
void ssl_parameter_process_destroyed(pid_t pid);
-void ssl_check_parameters_file(bool foreground);
+void ssl_check_parameters_file(void);
void _ssl_generate_parameters(int fd, const char *fname);
void ssl_init(void);
More information about the dovecot-cvs
mailing list