The default configuration file for Dovecot in Debian uses: ssl_cert = </path/to/cert
I checked my current configuration and I use: ssl_cert =/path/to/cert
What is the difference? (pipe?) And is the former better somehow?
Am 17.05.2014 17:07, schrieb Boris:
The default configuration file for Dovecot in Debian uses: ssl_cert = </path/to/cert
I checked my current configuration and I use: ssl_cert =/path/to/cert
What is the difference? (pipe?) And is the former better somehow?
a complete pointless question
- Debian follows the documentation
- you don't - why?
- if you don't and something breaks it's just your fault
http://wiki2.dovecot.org/SSL/DovecotConfiguration http://www.dovecot.org/list/dovecot-cvs/2009-May/013419.html
Why so aggressive? I just noticed that I missed the "<" and wondered whether if makes a difference because it seems to work without it. I know where to find the documentation but searching for this question is a bit hard since I can't search for "<". And the wiki doesn't explain the syntax anyway.
After reading the patch am I right in assuming that with "</" the variable in the dovecot code contains the certificate itself instead of the link to the file? And if that is correct: Was dovecot reading the file every time it needed it before the change?
Am 17.05.2014 17:31, schrieb Boris:
Why so aggressive?
because there is a documentation and the only correct answer not following that is "you are in the area of undefined bahvior"
I just noticed that I missed the "<" and wondered whether if makes a difference because it seems to work without it
most likely because some follow up commit to work around woring configurations
I know where to find the documentation but searching for this question is a bit hard since I can't search for "<". And the wiki doesn't explain the syntax anyway.
that's not a dovecot syntax that's just unix
[harry@srv-rhsoft:~]$ echo "bla" > test [harry@srv-rhsoft:~]$ cat < test bla
After reading the patch am I right in assuming that with "</" the variable in the dovecot code contains the certificate itself instead of the link to the file? And if that is correct: Was dovecot reading the file every time it needed it before the change?
no - < reads a file and without you are supposed to directly paste your certificate in the configuration instead point to a file
because there is a documentation and the only correct answer not following that is "you are in the area of undefined bahvior" The documentation does not(!) state this. It could be another way of including
On Saturday 17 May 2014 17:41:05 Reindl Harald wrote: the file.
that's not a dovecot syntax that's just unix I am talking about a configuration file and this syntax could have complete different meaning in this context. I have no way of knowing whether the dovecot config file parser follows this convention. Please don't assume people don't know the basics just because they ask questions.
no - < reads a file and without you are supposed to directly paste your certificate in the configuration instead point to a file I see. In all other places I know dovecot references files simply with "/" so I still wonder what is so different in this case.
On 05/17/2014 11:57 AM, Boris wrote:
no - < reads a file and without you are supposed to directly paste your certificate in the configuration instead point to a file I see. In all other places I know dovecot references files simply with "/" so I still wonder what is so different in this case.
In the other cases, the configurable parameter is supposed to be a path to a file. So you give it a path, beginning with "/".
The certificate parameter takes string, so you would have had to copy/paste your certificate in there. But nobody wants to do that, so there's an alternate way to read the certificate from a file.
Fictional example: it's the difference between:
valid_users = user1@example.com, user2@example.com,...
and
valid_users = </path/to/valid/users
The leading "<" means "pretend I typed the contents of this file right here." If instead you had,
valid_users = /path/to/valid/users
then dovecot might think you have one valid user named "/path/to/valid/users."
On Sunday 18 May 2014 18:21:23 Michael Orlitzky wrote:
In the other cases, the configurable parameter is supposed to be a path to a file. So you give it a path, beginning with "/".
The certificate parameter takes string, so you would have had to copy/paste your certificate in there. But nobody wants to do that, so there's an alternate way to read the certificate from a file.
Fictional example: it's the difference between:
valid_users = user1@example.com, user2@example.com,...
and
valid_users = </path/to/valid/users
The leading "<" means "pretend I typed the contents of this file right here." If instead you had,
valid_users = /path/to/valid/users
then dovecot might think you have one valid user named "/path/to/valid/users."
Thank you for the explanation Michael. I think I understand it now.
Boris
participants (3)
-
Boris
-
Michael Orlitzky
-
Reindl Harald