dovecot-2.0: config: Log a warning if global ssl=no, but some se...

Fri Apr 8 16:41:28 EEST 2011

details:   http://hg.dovecot.org/dovecot-2.0/rev/18e87d50a10a
changeset: 12723:18e87d50a10a
user:      Timo Sirainen <tss at iki.fi>
date:      Fri Apr 08 16:41:26 2011 +0300
description:
config: Log a warning if global ssl=no, but some section has ssl=yes/required.
Actually supporting per-protocol (or even worse, per-ip) SSL would be too
much trouble.

diffstat:

 src/config/config-parser.c |  33 +++++++++++++++++++++++++++++++++
 1 files changed, 33 insertions(+), 0 deletions(-)

diffs (65 lines):

diff -r ab12bc9fcc21 -r 18e87d50a10a src/config/config-parser.c

--- a/src/config/config-parser.c	Fri Apr 08 16:06:20 2011 +0300
+++ b/src/config/config-parser.c	Fri Apr 08 16:41:26 2011 +0300
@@ -320,6 +320,25 @@
 	return 0;
 }
 
+static const char *
+get_str_setting(struct config_filter_parser *parser, const char *key)
+{
+	struct config_module_parser *module_parser;
+	const char *const *set_value;
+	enum setting_type set_type;
+
+	module_parser = parser->parsers;
+	for (; module_parser->parser != NULL; module_parser++) {
+		set_value = settings_parse_get_value(module_parser->parser,
+						     key, &set_type);
+		if (set_value != NULL) {
+			i_assert(set_type == SET_STR || set_type == SET_ENUM);
+			return *set_value;
+		}
+	}
+	i_unreached();
+}
+
 static int
 config_all_parsers_check(struct config_parser_context *ctx,
 			 struct config_filter_context *new_filter,
@@ -329,7 +348,10 @@
 	struct config_module_parser *tmp_parsers;
 	struct master_service_settings_output output;
 	unsigned int i, count;
+	const char *ssl_set;
+	bool global_no_ssl;
 	pool_t tmp_pool;
+	bool ssl_warned = FALSE;
 	int ret = 0;
 
 	if (ctx->cur_section->prev != NULL) {
@@ -344,6 +366,9 @@
 	parsers = array_get(&ctx->all_parsers, &count);
 	i_assert(count > 0 && parsers[count-1] == NULL);
 	count--;
+
+	global_no_ssl = strcmp(get_str_setting(parsers[0], "ssl"), "no") == 0;
+
 	for (i = 0; i < count && ret == 0; i++) {
 		if (config_filter_parsers_get(new_filter, tmp_pool, "",
 					      &parsers[i]->filter,
@@ -353,6 +378,14 @@
 			break;
 		}
 
+		ssl_set = get_str_setting(parsers[i], "ssl");
+		if (strcmp(ssl_set, "no") != 0 && global_no_ssl &&
+		    !ssl_warned) {
+			i_warning("SSL is disabled because global ssl=no, "
+				  "ignoring ssl=%s for subsection", ssl_set);
+			ssl_warned = TRUE;
+		}
+
 		ret = config_filter_parser_check(ctx, tmp_parsers, error_r);
 		config_filter_parsers_free(tmp_parsers);
 		p_clear(tmp_pool);
