Mercurial > dovecot > core-2.2
changeset 9914:3e4f64af6c9a HEAD
dovecot -p: And fixed it to really work this time.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 08 Sep 2009 20:05:45 -0400 |
parents | e819f6dfe5f4 |
children | aecf6e5be9e2 |
files | src/lib-master/master-interface.h src/login-common/ssl-proxy-openssl.c src/master/main.c src/master/service-process.c |
diffstat | 4 files changed, 23 insertions(+), 18 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-master/master-interface.h Tue Sep 08 20:00:18 2009 -0400 +++ b/src/lib-master/master-interface.h Tue Sep 08 20:05:45 2009 -0400 @@ -87,6 +87,10 @@ /* getenv(MASTER_DOVECOT_VERSION_ENV) provides master's version number */ #define MASTER_DOVECOT_VERSION_ENV "DOVECOT_VERSION" +/* getenv(MASTER_SSL_KEY_PASSWORD_ENV) returns manually typed SSL key password, + if dovecot was started with -p parameter. */ +#define MASTER_SSL_KEY_PASSWORD_ENV "SSL_KEY_PASSWORD" + /* Write pipe to anvil. Currently available only for auth destination services, for others it's /dev/null. */ #define MASTER_ANVIL_FD 3
--- a/src/login-common/ssl-proxy-openssl.c Tue Sep 08 20:00:18 2009 -0400 +++ b/src/login-common/ssl-proxy-openssl.c Tue Sep 08 20:05:45 2009 -0400 @@ -9,6 +9,7 @@ #include "safe-memset.h" #include "llist.h" #include "master-service.h" +#include "master-interface.h" #include "ssl-proxy.h" #include <fcntl.h> @@ -898,7 +899,7 @@ i_fatal("BIO_new_mem_buf() failed"); password = *set->ssl_key_password != '\0' ? set->ssl_key_password : - getenv("SSL_KEY_PASSWORD"); + getenv(MASTER_SSL_KEY_PASSWORD_ENV); dup_password = t_strdup_noconst(password); pkey = PEM_read_bio_PrivateKey(bio, NULL, pem_password_callback, dup_password);
--- a/src/master/main.c Tue Sep 08 20:00:18 2009 -0400 +++ b/src/master/main.c Tue Sep 08 20:05:45 2009 -0400 @@ -711,16 +711,22 @@ fd_close_on_exec(null_fd, TRUE); } while (null_fd <= STDERR_FILENO); - if (dup2(null_fd, STDIN_FILENO) < 0 || - dup2(null_fd, STDOUT_FILENO) < 0) - i_fatal("dup2(null_fd) failed: %m"); - if (master_service_settings_read_simple(master_service, set_roots, &error) < 0) i_fatal("Error reading configuration: %s", error); sets = master_service_settings_get_others(master_service); set = sets[0]; + if (ask_key_pass) { + askpass("Give the password for SSL keys: ", + ssl_manual_key_password, + sizeof(ssl_manual_key_password)); + } + + if (dup2(null_fd, STDIN_FILENO) < 0 || + dup2(null_fd, STDOUT_FILENO) < 0) + i_fatal("dup2(null_fd) failed: %m"); + pidfile_path = i_strconcat(set->base_dir, "/"MASTER_PID_FILE_NAME, NULL); if (send_signal != 0) @@ -739,12 +745,6 @@ auth_warning_print(set); } - if (ask_key_pass) { - askpass("Give the password for SSL keys", - ssl_manual_key_password, - sizeof(ssl_manual_key_password)); - } - /* save TZ environment. AIX depends on it to get the timezone correctly. */ env_tz = getenv("TZ");
--- a/src/master/service-process.c Tue Sep 08 20:00:18 2009 -0400 +++ b/src/master/service-process.c Tue Sep 08 20:05:45 2009 -0400 @@ -426,6 +426,13 @@ if (!service->set->master_set->version_ignore) env_put(MASTER_DOVECOT_VERSION_ENV"="PACKAGE_VERSION); + + if (*ssl_manual_key_password != '\0' && service->have_inet_listeners) { + /* manually given SSL password. give it only to services + that have inet listeners. */ + env_put(t_strconcat(MASTER_SSL_KEY_PASSWORD_ENV"=", + ssl_manual_key_password, NULL)); + } } static void service_process_status_timeout(struct service_process *process) @@ -458,13 +465,6 @@ env_put(t_strconcat("LOCAL_IP=", net_ip2addr(&request->local_ip), NULL)); env_put(t_strconcat("IP=", net_ip2addr(&request->remote_ip), NULL)); - if (*ssl_manual_key_password != '\0' && - request->process->process.service->have_inet_listeners) { - /* manually given SSL password. give it only to services - that have inet listeners. */ - env_put(t_strconcat("SSL_KEY_PASSWORD=", - ssl_manual_key_password, NULL)); - } } struct service_process *