[dovecot-cvs] dovecot/src/master Makefile.am,1.1.1.1,1.2 common.h,1.4,1.5 login-process.c,1.9,1.10 login-process.h,1.1.1.1,1.2 main.c,1.11,1.12 settings.c,1.15,1.16 settings.h,1.9,1.10
cras at procontrol.fi
cras at procontrol.fi
Sun Nov 17 11:42:10 EET 2002
Update of /home/cvs/dovecot/src/master
In directory danu:/tmp/cvs-serv21910/src/master
Modified Files:
Makefile.am common.h login-process.c login-process.h main.c
settings.c settings.h
Log Message:
Master process generates DH/RSA parameters now and stores them into file
which login processes read. Added setting for regeneration interval. Some
other SSL cleanups.
Also fixed default login process path to be ../run/dovecot/login/ like
example config file said, instead of just ../run/dovecot/ which it actually
was until now.
Index: Makefile.am
===================================================================
RCS file: /home/cvs/dovecot/src/master/Makefile.am,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -d -r1.1.1.1 -r1.2
--- Makefile.am 9 Aug 2002 09:15:55 -0000 1.1.1.1
+++ Makefile.am 17 Nov 2002 09:42:08 -0000 1.2
@@ -7,14 +7,16 @@
-DPKG_LIBDIR=\""$(pkglibdir)"\"
imap_master_LDADD = \
- ../lib/liblib.a
+ ../lib/liblib.a \
+ $(SSL_LIBS)
imap_master_SOURCES = \
auth-process.c \
imap-process.c \
login-process.c \
main.c \
- settings.c
+ settings.c \
+ ssl-init.c
noinst_HEADERS = \
auth-process.h \
Index: common.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/common.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- common.h 6 Nov 2002 14:20:50 -0000 1.4
+++ common.h 17 Nov 2002 09:42:08 -0000 1.5
@@ -13,6 +13,7 @@
PROCESS_TYPE_AUTH,
PROCESS_TYPE_LOGIN,
PROCESS_TYPE_IMAP,
+ PROCESS_TYPE_SSL_PARAM,
PROCESS_TYPE_MAX
};
Index: login-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/login-process.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- login-process.c 16 Nov 2002 05:57:20 -0000 1.9
+++ login-process.c 17 Nov 2002 09:42:08 -0000 1.10
@@ -312,6 +312,11 @@
set_ssl_key_file, NULL));
}
+ if (set_ssl_parameters_file != NULL) {
+ putenv((char *) t_strconcat("SSL_PARAM_FILE=",
+ set_ssl_parameters_file, NULL));
+ }
+
if (set_disable_plaintext_auth)
putenv("DISABLE_PLAINTEXT_AUTH=1");
@@ -331,6 +336,13 @@
i_fatal("execv(%s) failed: %m", argv[0]);
return -1;
+}
+
+void login_process_abormal_exit(pid_t pid __attr_unused__)
+{
+ /* don't start raising the process count if they're dying all
+ the time */
+ wanted_processes_count = 0;
}
static void login_hash_cleanup(void *key __attr_unused__, void *value,
Index: login-process.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/login-process.h,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -d -r1.1.1.1 -r1.2
--- login-process.h 9 Aug 2002 09:15:57 -0000 1.1.1.1
+++ login-process.h 17 Nov 2002 09:42:08 -0000 1.2
@@ -1,6 +1,7 @@
#ifndef __CHILD_LOGIN_H
#define __CHILD_LOGIN_H
+void login_process_abormal_exit(pid_t pid);
void login_processes_cleanup(void);
void login_processes_init(void);
Index: main.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/main.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- main.c 14 Nov 2002 12:53:03 -0000 1.11
+++ main.c 17 Nov 2002 09:42:08 -0000 1.12
@@ -7,6 +7,7 @@
#include "auth-process.h"
#include "login-process.h"
+#include "ssl-init.h"
#include <stdio.h>
#include <stdlib.h>
@@ -20,7 +21,8 @@
"unknown",
"auth",
"login",
- "imap"
+ "imap",
+ "ssl-param"
};
static IOLoop ioloop;
@@ -89,16 +91,20 @@
if (process_type == PROCESS_TYPE_IMAP)
imap_process_destroyed(pid);
+ if (process_type == PROCESS_TYPE_SSL_PARAM)
+ ssl_parameter_process_destroyed(pid);
/* write errors to syslog */
process_type_name = process_names[process_type];
if (WIFEXITED(status)) {
status = WEXITSTATUS(status);
if (status != 0) {
+ login_process_abormal_exit(pid);
i_error("child %d (%s) returned error %d",
(int)pid, process_type_name, status);
}
} else if (WIFSIGNALED(status)) {
+ login_process_abormal_exit(pid);
i_error("child %d (%s) killed with signal %d",
(int)pid, process_type_name, WTERMSIG(status));
}
@@ -182,6 +188,7 @@
pids = hash_create(default_pool, 128, NULL, NULL);
to_children = timeout_add(100, children_check_timeout, NULL);
+ ssl_init();
auth_processes_init();
login_processes_init();
}
@@ -193,6 +200,7 @@
login_processes_deinit();
auth_processes_deinit();
+ ssl_deinit();
timeout_remove(to_children);
Index: settings.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/settings.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- settings.c 16 Nov 2002 05:57:20 -0000 1.15
+++ settings.c 17 Nov 2002 09:42:08 -0000 1.16
@@ -32,6 +32,9 @@
{ "imaps_listen", SET_STR, &set_imaps_listen },
{ "ssl_cert_file", SET_STR, &set_ssl_cert_file },
{ "ssl_key_file", SET_STR, &set_ssl_key_file },
+ { "ssl_parameters_file",SET_STR, &set_ssl_parameters_file },
+ { "ssl_parameters_regenerate",
+ SET_INT, &set_ssl_parameters_regenerate },
{ "disable_plaintext_auth",
SET_BOOL,&set_disable_plaintext_auth },
@@ -82,12 +85,14 @@
char *set_ssl_cert_file = "/etc/ssl/certs/imapd.pem";
char *set_ssl_key_file = "/etc/ssl/private/imapd.pem";
+char *set_ssl_parameters_file = PKG_RUNDIR"/ssl-parameters.dat";
+unsigned int set_ssl_parameters_regenerate = 24;
int set_disable_plaintext_auth = FALSE;
/* login */
char *set_login_executable = PKG_LIBDIR "/imap-login";
char *set_login_user = "imapd";
-char *set_login_dir = PKG_RUNDIR;
+char *set_login_dir = PKG_RUNDIR"/login";
int set_login_chroot = TRUE;
int set_login_process_per_connection = TRUE;
@@ -174,7 +179,9 @@
set_imap_executable);
}
- /* since it's under /var/run by default, it may have been deleted */
+ /* since they're under /var/run by default, they may have been
+ deleted */
+ (void)mkdir(PKG_RUNDIR, 0700);
if (mkdir(set_login_dir, 0700) == 0)
(void)chown(set_login_dir, set_login_uid, set_login_gid);
if (access(set_login_dir, X_OK) < 0)
Index: settings.h
===================================================================
RCS file: /home/cvs/dovecot/src/master/settings.h,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- settings.h 16 Nov 2002 05:57:20 -0000 1.9
+++ settings.h 17 Nov 2002 09:42:08 -0000 1.10
@@ -13,6 +13,8 @@
extern char *set_ssl_cert_file;
extern char *set_ssl_key_file;
+extern char *set_ssl_parameters_file;
+extern unsigned int set_ssl_parameters_regenerate;
extern int set_disable_plaintext_auth;
/* login */
@@ -21,7 +23,8 @@
extern char *set_login_dir;
extern int set_login_chroot;
extern int set_login_process_per_connection;
-extern unsigned int set_login_processes_count, set_login_max_processes_count;
+extern unsigned int set_login_processes_count;
+extern unsigned int set_login_max_processes_count;
extern unsigned int set_max_logging_users;
extern uid_t set_login_uid;
More information about the dovecot-cvs
mailing list