[dovecot-cvs] dovecot/src/master auth-process.c,1.44,1.45 login-process.c,1.44,1.45 ssl-init-openssl.c,1.2,1.3

cras at procontrol.fi cras at procontrol.fi
Fri May 23 18:40:53 EEST 2003 

Update of /home/cvs/dovecot/src/master
In directory danu:/tmp/cvs-serv28910/master

Modified Files:
	auth-process.c login-process.c ssl-init-openssl.c 
Log Message:
Removed I/O priorities. They were pretty much useless and were just getting
in way.



Index: auth-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/auth-process.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -d -r1.44 -r1.45
--- auth-process.c	8 May 2003 04:28:30 -0000	1.44
+++ auth-process.c	23 May 2003 14:40:50 -0000	1.45
@@ -207,7 +207,7 @@
 					MAX_INBUF_SIZE, FALSE);
 	p->output = o_stream_create_file(fd, default_pool,
 					 sizeof(struct auth_master_request)*100,
-					 IO_PRIORITY_DEFAULT, FALSE);
+					 FALSE);
 	p->requests = hash_create(default_pool, default_pool, 0, NULL, NULL);
 
 	p->next = group->processes;

Index: login-process.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/login-process.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -d -r1.44 -r1.45
--- login-process.c	14 May 2003 18:32:42 -0000	1.44
+++ login-process.c	23 May 2003 14:40:50 -0000	1.45
@@ -312,7 +312,7 @@
 	p->io = io_add(fd, IO_READ, login_process_input, p);
 	p->output = o_stream_create_file(fd, default_pool,
 					 sizeof(struct master_login_reply)*10,
-					 IO_PRIORITY_DEFAULT, FALSE);
+					 FALSE);
 
 	PID_ADD_PROCESS_TYPE(pid, PROCESS_TYPE_LOGIN);
 	hash_insert(processes, POINTER_CAST(pid), p);

Index: ssl-init-openssl.c
===================================================================
RCS file: /home/cvs/dovecot/src/master/ssl-init-openssl.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- ssl-init-openssl.c	26 Nov 2002 18:06:10 -0000	1.2
+++ ssl-init-openssl.c	23 May 2003 14:40:50 -0000	1.3
@@ -3,11 +3,156 @@
 #include "common.h"
 #include "ssl-init.h"
 
+#if 0
 #ifdef HAVE_OPENSSL
 
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+static int rsa_bits[] = { 512, 1024, 0 };
+static int dh_bits[] = { 768, 1024, 0 };
+
+static const char *ssl_last_error(void)
+{
+	unsigned long err;
+	char *buf;
+	size_t err_size = 256;
+
+	err = ERR_get_error();
+	if (err == 0)
+		return strerror(errno);
+
+	buf = t_malloc(err_size);
+	buf[err_size-1] = '\0';
+	ERR_error_string_n(err, buf, err_size-1);
+	return buf;
+}
+
+static void write_datum(int fd, const char *fname, gnutls_datum *dbits)
+{
+	if (write_full(fd, &dbits->size, sizeof(dbits->size)) < 0)
+		i_fatal("write_full() failed for file %s: %m", fname);
+
+	if (write_full(fd, dbits->data, dbits->size) < 0)
+		i_fatal("write_full() failed for file %s: %m", fname);
+}
+
+static void generate_dh_parameters(int fd, const char *fname)
+{
+	gnutls_datum dbits, prime, generator;
+	int ret, bits, i;
+
+	dbits.size = sizeof(bits);
+	dbits.data = (unsigned char *) &bits;
+
+	for (i = 0; dh_bits[i] != 0; i++) {
+		bits = dh_bits[i];
+
+		ret = gnutls_dh_params_generate(&prime, &generator, bits);
+		if (ret < 0) {
+			i_fatal("gnutls_dh_params_generate(%d) failed: %s",
+				bits, gnutls_strerror(ret));
+		}
+
+		write_datum(fd, fname, &dbits);
+		write_datum(fd, fname, &prime);
+		write_datum(fd, fname, &generator);
+
+		free(prime.data);
+		free(generator.data);
+	}
+
+	bits = 0;
+	write_datum(fd, fname, &dbits);
+}
+
+static void generate_rsa_parameters(int fd, const char *fname)
+{
+	RSA *rsa;
+	int ret;
+
+	for (i = 0; rsa_bits[i] != 0; i++) {
+		rsa = RSA_generate_key(rsa_bits[i], RSA_F4, NULL, NULL);
+		if (rsa == NULL) {
+			i_fatal("RSA_generate_keys(%d bits) failed: %s",
+				rsa_bits[i], ssl_last_error());
+		}
+
+
+
+		RSA_free(rsa);
+	}
+
+        ret = gnutls_rsa_params_generate(&m, &e, &d, &p, &q, &u, 512);
+	if (ret < 0) {
+		i_fatal("gnutls_rsa_params_generate() faile: %s",
+			strerror(ret));
+	}
+
+	write_datum(fd, fname, &m);
+	write_datum(fd, fname, &e);
+	write_datum(fd, fname, &d);
+	write_datum(fd, fname, &p);
+	write_datum(fd, fname, &q);
+	write_datum(fd, fname, &u);
+}
+
+void _ssl_generate_parameters(int fd, const char *fname)
+{
+	SSL_CTX *ssl_ctx;
+
+	SSL_library_init();
+	SSL_load_error_strings();
+
+	if ((ssl_ctx = SSL_CTX_new(SSLv23_server_method())) == NULL)
+		i_fatal("SSL_CTX_new() failed");
+
+	generate_dh_parameters(fd, fname);
+	generate_rsa_parameters(fd, fname);
+
+	SSL_CTX_free(ssl_ctx);
+}
+
+struct ssl_key_cache {
+	RSA *key;
+	int keylength;
+};
+
+static RSA *ssl_gen_rsa_key(SSL *ssl __attr_unused__,
+			    int is_export __attr_unused__, int keylength)
+{
+	static buffer_t *key_cache = NULL;
+	const struct ssl_key_cache *cache;
+	struct ssl_key_cache tmp_cache;
+	size_t i, size;
+
+	if (key_cache == NULL)
+		key_cache = buffer_create_dynamic(system_pool, 64, (size_t)-1);
+
+	cache = buffer_get_data(key_cache, &size);
+	size /= sizeof(struct ssl_key_cache);
+
+	for (i = 0; i < size; i++) {
+		if (cache[i].keylength == keylength)
+			return cache[i].key;
+	}
+
+	tmp_cache.key = RSA_generate_key(keylength, RSA_F4, NULL, NULL);
+	if (tmp_cache.key == NULL) {
+		i_error("Can't create temporary RSA key with length %d: %s",
+			keylength, ssl_last_error());
+		return NULL;
+	}
+	tmp_cache.keylength = keylength;
+	buffer_append(key_cache, &tmp_cache, sizeof(tmp_cache));
+
+	return tmp_cache.key;
+}
+
+#endif
+#else
 void _ssl_generate_parameters(int fd __attr_unused__,
 			      const char *fname __attr_unused__)
 {
 }
-
 #endif

More information about the dovecot-cvs mailing list