dovecot-2.1: login: When renegotiating SSL handshake, don't rere...
dovecot at dovecot.org
dovecot at dovecot.org
Tue Oct 25 21:35:00 EEST 2011
details: http://hg.dovecot.org/dovecot-2.1/rev/c9ef7a0f9b44
changeset: 13643:c9ef7a0f9b44
user: Timo Sirainen <tss at iki.fi>
date: Tue Oct 25 21:44:38 2011 +0300
description:
login: When renegotiating SSL handshake, don't reread settings when TLS SNI is used.
diffstat:
src/login-common/client-common.h | 1 +
src/login-common/ssl-proxy-openssl.c | 10 +++++++---
2 files changed, 8 insertions(+), 3 deletions(-)
diffs (31 lines):
diff -r 402cff03919a -r c9ef7a0f9b44 src/login-common/client-common.h
--- a/src/login-common/client-common.h Tue Oct 25 21:41:28 2011 +0300
+++ b/src/login-common/client-common.h Tue Oct 25 21:44:38 2011 +0300
@@ -118,6 +118,7 @@
unsigned int tls:1;
unsigned int secured:1;
unsigned int trusted:1;
+ unsigned int ssl_servername_settings_read:1;
unsigned int authenticating:1;
unsigned int auth_tried_disabled_plaintext:1;
unsigned int auth_tried_unsupported_mech:1;
diff -r 402cff03919a -r c9ef7a0f9b44 src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c Tue Oct 25 21:41:28 2011 +0300
+++ b/src/login-common/ssl-proxy-openssl.c Tue Oct 25 21:44:38 2011 +0300
@@ -1089,9 +1089,13 @@
host = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
client = proxy->client;
- client->set = login_settings_read(client->pool,
- &client->local_ip, &client->ip, host,
- &other_sets);
+ if (!client->ssl_servername_settings_read) {
+ client->ssl_servername_settings_read = TRUE;
+ client->set = login_settings_read(client->pool,
+ &client->local_ip,
+ &client->ip, host,
+ &other_sets);
+ }
ctx = ssl_server_context_get(client->set);
SSL_set_SSL_CTX(ssl, ctx->ctx);
}
More information about the dovecot-cvs
mailing list