dovecot-2.0: dovecot -p: And fixed it to really work this time.
dovecot at dovecot.org
dovecot at dovecot.org
Wed Sep 9 03:05:51 EEST 2009
details: http://hg.dovecot.org/dovecot-2.0/rev/3e4f64af6c9a
changeset: 9914:3e4f64af6c9a
user: Timo Sirainen <tss at iki.fi>
date: Tue Sep 08 20:05:45 2009 -0400
description:
dovecot -p: And fixed it to really work this time.
diffstat:
4 files changed, 23 insertions(+), 18 deletions(-)
src/lib-master/master-interface.h | 4 ++++
src/login-common/ssl-proxy-openssl.c | 3 ++-
src/master/main.c | 20 ++++++++++----------
src/master/service-process.c | 14 +++++++-------
diffs (108 lines):
diff -r e819f6dfe5f4 -r 3e4f64af6c9a src/lib-master/master-interface.h
--- a/src/lib-master/master-interface.h Tue Sep 08 20:00:18 2009 -0400
+++ b/src/lib-master/master-interface.h Tue Sep 08 20:05:45 2009 -0400
@@ -87,6 +87,10 @@ struct master_auth_reply {
/* getenv(MASTER_DOVECOT_VERSION_ENV) provides master's version number */
#define MASTER_DOVECOT_VERSION_ENV "DOVECOT_VERSION"
+/* getenv(MASTER_SSL_KEY_PASSWORD_ENV) returns manually typed SSL key password,
+ if dovecot was started with -p parameter. */
+#define MASTER_SSL_KEY_PASSWORD_ENV "SSL_KEY_PASSWORD"
+
/* Write pipe to anvil. Currently available only for auth destination
services, for others it's /dev/null. */
#define MASTER_ANVIL_FD 3
diff -r e819f6dfe5f4 -r 3e4f64af6c9a src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c Tue Sep 08 20:00:18 2009 -0400
+++ b/src/login-common/ssl-proxy-openssl.c Tue Sep 08 20:05:45 2009 -0400
@@ -9,6 +9,7 @@
#include "safe-memset.h"
#include "llist.h"
#include "master-service.h"
+#include "master-interface.h"
#include "ssl-proxy.h"
#include <fcntl.h>
@@ -898,7 +899,7 @@ static EVP_PKEY *ssl_proxy_load_key(cons
i_fatal("BIO_new_mem_buf() failed");
password = *set->ssl_key_password != '\0' ? set->ssl_key_password :
- getenv("SSL_KEY_PASSWORD");
+ getenv(MASTER_SSL_KEY_PASSWORD_ENV);
dup_password = t_strdup_noconst(password);
pkey = PEM_read_bio_PrivateKey(bio, NULL, pem_password_callback,
dup_password);
diff -r e819f6dfe5f4 -r 3e4f64af6c9a src/master/main.c
--- a/src/master/main.c Tue Sep 08 20:00:18 2009 -0400
+++ b/src/master/main.c Tue Sep 08 20:05:45 2009 -0400
@@ -711,16 +711,22 @@ int main(int argc, char *argv[])
fd_close_on_exec(null_fd, TRUE);
} while (null_fd <= STDERR_FILENO);
- if (dup2(null_fd, STDIN_FILENO) < 0 ||
- dup2(null_fd, STDOUT_FILENO) < 0)
- i_fatal("dup2(null_fd) failed: %m");
-
if (master_service_settings_read_simple(master_service, set_roots,
&error) < 0)
i_fatal("Error reading configuration: %s", error);
sets = master_service_settings_get_others(master_service);
set = sets[0];
+ if (ask_key_pass) {
+ askpass("Give the password for SSL keys: ",
+ ssl_manual_key_password,
+ sizeof(ssl_manual_key_password));
+ }
+
+ if (dup2(null_fd, STDIN_FILENO) < 0 ||
+ dup2(null_fd, STDOUT_FILENO) < 0)
+ i_fatal("dup2(null_fd) failed: %m");
+
pidfile_path =
i_strconcat(set->base_dir, "/"MASTER_PID_FILE_NAME, NULL);
if (send_signal != 0)
@@ -739,12 +745,6 @@ int main(int argc, char *argv[])
auth_warning_print(set);
}
- if (ask_key_pass) {
- askpass("Give the password for SSL keys",
- ssl_manual_key_password,
- sizeof(ssl_manual_key_password));
- }
-
/* save TZ environment. AIX depends on it to get the timezone
correctly. */
env_tz = getenv("TZ");
diff -r e819f6dfe5f4 -r 3e4f64af6c9a src/master/service-process.c
--- a/src/master/service-process.c Tue Sep 08 20:00:18 2009 -0400
+++ b/src/master/service-process.c Tue Sep 08 20:05:45 2009 -0400
@@ -426,6 +426,13 @@ service_process_setup_environment(struct
if (!service->set->master_set->version_ignore)
env_put(MASTER_DOVECOT_VERSION_ENV"="PACKAGE_VERSION);
+
+ if (*ssl_manual_key_password != '\0' && service->have_inet_listeners) {
+ /* manually given SSL password. give it only to services
+ that have inet listeners. */
+ env_put(t_strconcat(MASTER_SSL_KEY_PASSWORD_ENV"=",
+ ssl_manual_key_password, NULL));
+ }
}
static void service_process_status_timeout(struct service_process *process)
@@ -458,13 +465,6 @@ handle_request(const struct service_proc
env_put(t_strconcat("LOCAL_IP=", net_ip2addr(&request->local_ip), NULL));
env_put(t_strconcat("IP=", net_ip2addr(&request->remote_ip), NULL));
- if (*ssl_manual_key_password != '\0' &&
- request->process->process.service->have_inet_listeners) {
- /* manually given SSL password. give it only to services
- that have inet listeners. */
- env_put(t_strconcat("SSL_KEY_PASSWORD=",
- ssl_manual_key_password, NULL));
- }
}
struct service_process *
More information about the dovecot-cvs
mailing list