Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/master/ssl-init.c @ 9259:ea2eed32d59e HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
cache file: If offset isn't 32bit aligned, assume it's corrupted.
author Timo Sirainen <tss@iki.fi>
date Sun, 26 Jul 2009 22:40:02 -0400
parents 5a4fcfde3e91
children 528f904067d4
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
8590
b9faf4db2a9f Updated copyright notices to include year 2009.
Timo Sirainen <tss@iki.fi>
parents: 7109
diff changeset
1 /* Copyright (c) 2002-2009 Dovecot authors, see the included COPYING file */
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
2
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
3 #include "common.h"
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
4 #include "ioloop.h"
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
5 #include "env-util.h"
4407
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
6 #include "file-copy.h"
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
7 #include "log.h"
5843
f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses
Timo Sirainen <tss@iki.fi>
parents: 5693
diff changeset
8 #include "child-process.h"
622
235188ee7a05 Support for OpenSSL.
Timo Sirainen <tss@iki.fi>
parents: 618
diff changeset
9 #include "ssl-init.h"
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
10
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
11 #ifdef HAVE_SSL
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
12
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
13 #include <stdio.h>
684
e7ad373d4e77 missing include file
Timo Sirainen <tss@iki.fi>
parents: 622
diff changeset
14 #include <stdlib.h>
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
15 #include <unistd.h>
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
16 #include <fcntl.h>
5604
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
17 #include <utime.h>
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
18 #include <sys/stat.h>
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
19
5843
f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses
Timo Sirainen <tss@iki.fi>
parents: 5693
diff changeset
20 static struct child_process ssl_param_child_process =
8628
e85c7cb22ad7 If login process crashes, log the IP address that (maybe) caused it.
Timo Sirainen <tss@iki.fi>
parents: 8590
diff changeset
21 { MEMBER(type) PROCESS_TYPE_SSL_PARAM };
5843
f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses
Timo Sirainen <tss@iki.fi>
parents: 5693
diff changeset
22
903
fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the
Timo Sirainen <tss@iki.fi>
parents: 824
diff changeset
23 static struct timeout *to;
4407
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
24 static char *generating_path = NULL;
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
25
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
26 #define SSL_PARAMETERS_PERM_PATH PKG_STATEDIR"/"SSL_PARAMETERS_FILENAME
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
27
3901
0ae5f5b468b7 Put ssl-parameters file into login directory so it still can be accessed
Timo Sirainen <tss@iki.fi>
parents: 3898
diff changeset
28 static void start_generate_process(const char *fname)
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
29 {
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
30 const char *binpath = PKG_LIBEXECDIR"/ssl-build-param";
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
31 struct log_io *log;
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
32 pid_t pid;
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
33 int log_fd;
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
34
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
35 log_fd = log_create_pipe(&log, 10);
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
36 if (log_fd == -1)
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
37 pid = -1;
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
38 else {
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
39 pid = fork();
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
40 if (pid < 0)
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
41 i_error("fork() failed: %m");
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
42 }
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
43 if (pid == -1) {
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
44 (void)close(log_fd);
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
45 return;
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
46 }
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
47
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
48 log_set_prefix(log, "ssl-build-param: ");
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
49 if (pid != 0) {
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
50 /* parent */
4407
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
51 i_assert(generating_path == NULL);
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
52 generating_path = i_strdup(fname);
6542
402d14b5ef8b If child process logged a fatal failure, don't show "returned error 89"
Timo Sirainen <tss@iki.fi>
parents: 6429
diff changeset
53 log_set_pid(log, pid);
5843
f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses
Timo Sirainen <tss@iki.fi>
parents: 5693
diff changeset
54 child_process_add(pid, &ssl_param_child_process);
4440
be9c2d069995 Don't leak a file descriptor when regenerating ssl-parameters.dat
Timo Sirainen <tss@iki.fi>
parents: 4407
diff changeset
55 (void)close(log_fd);
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
56 return;
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
57 }
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
58
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
59 /* child. */
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
60 if (dup2(log_fd, 2) < 0)
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
61 i_fatal("dup2(stderr) failed: %m");
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
62
7109
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings
Timo Sirainen <tss@iki.fi>
parents: 7091
diff changeset
63 child_process_init_env();
4407
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
64 client_process_exec(t_strconcat(binpath, " "SSL_PARAMETERS_PERM_PATH,
7109
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings
Timo Sirainen <tss@iki.fi>
parents: 7091
diff changeset
65 NULL), "");
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
66 i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", binpath);
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
67 }
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
68
5843
f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses
Timo Sirainen <tss@iki.fi>
parents: 5693
diff changeset
69 static void
6411
6a64e64fa3a3 Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents: 5846
diff changeset
70 ssl_parameter_process_destroyed(struct child_process *process ATTR_UNUSED,
6a64e64fa3a3 Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents: 5846
diff changeset
71 pid_t pid ATTR_UNUSED, bool abnormal_exit)
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
72 {
5601
b02af502bcd6 When running multiple Dovecot instances, only one of them needs to
Timo Sirainen <tss@iki.fi>
parents: 4440
diff changeset
73 if (!abnormal_exit) {
b02af502bcd6 When running multiple Dovecot instances, only one of them needs to
Timo Sirainen <tss@iki.fi>
parents: 4440
diff changeset
74 if (file_copy(SSL_PARAMETERS_PERM_PATH,
b02af502bcd6 When running multiple Dovecot instances, only one of them needs to
Timo Sirainen <tss@iki.fi>
parents: 4440
diff changeset
75 generating_path, TRUE) <= 0) {
b02af502bcd6 When running multiple Dovecot instances, only one of them needs to
Timo Sirainen <tss@iki.fi>
parents: 4440
diff changeset
76 i_error("file_copy(%s, %s) failed: %m",
b02af502bcd6 When running multiple Dovecot instances, only one of them needs to
Timo Sirainen <tss@iki.fi>
parents: 4440
diff changeset
77 SSL_PARAMETERS_PERM_PATH, generating_path);
b02af502bcd6 When running multiple Dovecot instances, only one of them needs to
Timo Sirainen <tss@iki.fi>
parents: 4440
diff changeset
78 }
4407
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
79 }
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
80 i_free_and_null(generating_path);
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
81 }
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
82
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
83 static bool check_parameters_file_set(struct settings *set)
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
84 {
3901
0ae5f5b468b7 Put ssl-parameters file into login directory so it still can be accessed
Timo Sirainen <tss@iki.fi>
parents: 3898
diff changeset
85 const char *path;
5604
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
86 struct stat st, st2;
824
02cda88b44e2 Make sure SSL parameters file has correct permissions before using it. Also
Timo Sirainen <tss@iki.fi>
parents: 805
diff changeset
87 time_t regen_time;
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
88
8632
5a4fcfde3e91 Renamed "ssl_disable" setting to "ssl". Added support for ssl=required.
Timo Sirainen <tss@iki.fi>
parents: 8628
diff changeset
89 if (strcmp(set->ssl, "no") == 0)
1610
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
90 return TRUE;
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
91
3901
0ae5f5b468b7 Put ssl-parameters file into login directory so it still can be accessed
Timo Sirainen <tss@iki.fi>
parents: 3898
diff changeset
92 path = t_strconcat(set->login_dir, "/"SSL_PARAMETERS_FILENAME, NULL);
5604
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
93 if (stat(path, &st) < 0) {
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
94 if (errno != ENOENT) {
5604
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
95 i_error("stat() failed for SSL parameters file %s: %m",
3901
0ae5f5b468b7 Put ssl-parameters file into login directory so it still can be accessed
Timo Sirainen <tss@iki.fi>
parents: 3898
diff changeset
96 path);
1610
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
97 return TRUE;
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
98 }
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
99
5604
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
100 st.st_mtime = 0;
3898
3bbd7ba3315e Add a note about DH parameters being generated for the first time.
Timo Sirainen <tss@iki.fi>
parents: 3894
diff changeset
101 } else if (st.st_size == 0) {
3893
1a036356a752 If SSL parameters file is empty, unlink it
Timo Sirainen <tss@iki.fi>
parents: 3888
diff changeset
102 /* broken, delete it (mostly for backwards compatibility) */
3898
3bbd7ba3315e Add a note about DH parameters being generated for the first time.
Timo Sirainen <tss@iki.fi>
parents: 3894
diff changeset
103 st.st_mtime = 0;
3901
0ae5f5b468b7 Put ssl-parameters file into login directory so it still can be accessed
Timo Sirainen <tss@iki.fi>
parents: 3898
diff changeset
104 (void)unlink(path);
3893
1a036356a752 If SSL parameters file is empty, unlink it
Timo Sirainen <tss@iki.fi>
parents: 3888
diff changeset
105 }
1a036356a752 If SSL parameters file is empty, unlink it
Timo Sirainen <tss@iki.fi>
parents: 3888
diff changeset
106
5604
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
107 if (stat(SSL_PARAMETERS_PERM_PATH, &st2) == 0 &&
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
108 st.st_mtime < st2.st_mtime) {
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
109 /* permanent parameters file has changed. use it. */
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
110 if (file_copy(SSL_PARAMETERS_PERM_PATH, path, TRUE) > 0) {
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
111 if (st.st_ino != st2.st_ino) {
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
112 /* preserve the mtime */
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
113 struct utimbuf ut;
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
114
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
115 ut.actime = ut.modtime = st2.st_mtime;
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
116 if (utime(path, &ut) < 0)
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
117 i_error("utime(%s) failed: %m", path);
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
118 }
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
119 if (stat(path, &st) < 0)
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
120 st.st_mtime = 0;
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
121 }
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
122 }
03284c5091cf If ssl-parameters.dat has been updated externally, copy it to our base_dir.
Timo Sirainen <tss@iki.fi>
parents: 5601
diff changeset
123
3888
650701d41cdf Generate DH parameters and use them. Changed default regeneration time to 1
Timo Sirainen <tss@iki.fi>
parents: 3879
diff changeset
124 /* make sure it's new enough, it's not 0 sized, and the permissions
650701d41cdf Generate DH parameters and use them. Changed default regeneration time to 1
Timo Sirainen <tss@iki.fi>
parents: 3879
diff changeset
125 are correct */
3894
f777ef3a79ca If ssl_parameters_regenerate=0, don't regenerate it if it's otherwise ok.
Timo Sirainen <tss@iki.fi>
parents: 3893
diff changeset
126 regen_time = set->ssl_parameters_regenerate == 0 ? ioloop_time :
3933
aebf37667655 Fix for SSL parameters getting regenerated constantly
Timo Sirainen <tss@iki.fi>
parents: 3917
diff changeset
127 (st.st_mtime + (time_t)(set->ssl_parameters_regenerate*3600));
3888
650701d41cdf Generate DH parameters and use them. Changed default regeneration time to 1
Timo Sirainen <tss@iki.fi>
parents: 3879
diff changeset
128 if (regen_time < ioloop_time || st.st_size == 0 ||
3940
1357dd2c5b02 Ignore gid of ssl-parameters.dat. It may not be what we expect, and since we
Timo Sirainen <tss@iki.fi>
parents: 3937
diff changeset
129 st.st_uid != master_uid) {
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
130 if (st.st_mtime == 0) {
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
131 i_info("Generating Diffie-Hellman parameters "
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
132 "for the first time. This may take "
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
133 "a while..");
3898
3bbd7ba3315e Add a note about DH parameters being generated for the first time.
Timo Sirainen <tss@iki.fi>
parents: 3894
diff changeset
134 }
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
135 start_generate_process(path);
1610
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
136 return FALSE;
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
137 }
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
138
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
139 return TRUE;
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
140 }
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
141
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
142 void ssl_check_parameters_file(void)
1610
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
143 {
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
144 struct server_settings *server;
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
145
4407
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
146 if (generating_path != NULL)
1610
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
147 return;
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
148
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
149 for (server = settings_root; server != NULL; server = server->next) {
3917
ae292bd41926 Added --build-ssl-parameters option to build them.
Timo Sirainen <tss@iki.fi>
parents: 3903
diff changeset
150 if (server->defaults != NULL &&
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
151 !check_parameters_file_set(server->defaults))
1610
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
152 break;
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat
Timo Sirainen <tss@iki.fi>
parents: 1055
diff changeset
153 }
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
154 }
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
155
6411
6a64e64fa3a3 Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents: 5846
diff changeset
156 static void check_parameters_file_timeout(void *context ATTR_UNUSED)
3917
ae292bd41926 Added --build-ssl-parameters option to build them.
Timo Sirainen <tss@iki.fi>
parents: 3903
diff changeset
157 {
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
158 ssl_check_parameters_file();
3917
ae292bd41926 Added --build-ssl-parameters option to build them.
Timo Sirainen <tss@iki.fi>
parents: 3903
diff changeset
159 }
ae292bd41926 Added --build-ssl-parameters option to build them.
Timo Sirainen <tss@iki.fi>
parents: 3903
diff changeset
160
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
161 void ssl_init(void)
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
162 {
4407
2e4857a2b858 Added --with-statedir configure option which defaults to
Timo Sirainen <tss@iki.fi>
parents: 3989
diff changeset
163 generating_path = NULL;
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
164
5843
f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses
Timo Sirainen <tss@iki.fi>
parents: 5693
diff changeset
165 child_process_set_destroy_callback(PROCESS_TYPE_SSL_PARAM,
f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses
Timo Sirainen <tss@iki.fi>
parents: 5693
diff changeset
166 ssl_parameter_process_destroyed);
f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses
Timo Sirainen <tss@iki.fi>
parents: 5693
diff changeset
167
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
168 /* check every 10 mins */
3917
ae292bd41926 Added --build-ssl-parameters option to build them.
Timo Sirainen <tss@iki.fi>
parents: 3903
diff changeset
169 to = timeout_add(600 * 1000, check_parameters_file_timeout, NULL);
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
170
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
171 ssl_check_parameters_file();
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
172 }
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
173
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
174 void ssl_deinit(void)
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
175 {
3879
928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents: 3863
diff changeset
176 timeout_remove(&to);
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
177 }
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
178
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
179 #else
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
180
6411
6a64e64fa3a3 Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents: 5846
diff changeset
181 void ssl_parameter_process_destroyed(bool abnormal_exit ATTR_UNUSED) {}
3989
e93e39326ae1 Added ssl-build-param binary to build the ssl-parameters.dat. This way
Timo Sirainen <tss@iki.fi>
parents: 3940
diff changeset
182 void ssl_check_parameters_file(void) {}
622
235188ee7a05 Support for OpenSSL.
Timo Sirainen <tss@iki.fi>
parents: 618
diff changeset
183 void ssl_init(void) {}
235188ee7a05 Support for OpenSSL.
Timo Sirainen <tss@iki.fi>
parents: 618
diff changeset
184 void ssl_deinit(void) {}
618
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
185
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
186 #endif