dovecot-2.1: login: When renegotiating SSL handshake, don't rere...

dovecot at dovecot.org dovecot at dovecot.org
Tue Oct 25 21:35:00 EEST 2011


details:   http://hg.dovecot.org/dovecot-2.1/rev/c9ef7a0f9b44
changeset: 13643:c9ef7a0f9b44
user:      Timo Sirainen <tss at iki.fi>
date:      Tue Oct 25 21:44:38 2011 +0300
description:
login: When renegotiating SSL handshake, don't reread settings when TLS SNI is used.

diffstat:

 src/login-common/client-common.h     |   1 +
 src/login-common/ssl-proxy-openssl.c |  10 +++++++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diffs (31 lines):

diff -r 402cff03919a -r c9ef7a0f9b44 src/login-common/client-common.h
--- a/src/login-common/client-common.h	Tue Oct 25 21:41:28 2011 +0300
+++ b/src/login-common/client-common.h	Tue Oct 25 21:44:38 2011 +0300
@@ -118,6 +118,7 @@
 	unsigned int tls:1;
 	unsigned int secured:1;
 	unsigned int trusted:1;
+	unsigned int ssl_servername_settings_read:1;
 	unsigned int authenticating:1;
 	unsigned int auth_tried_disabled_plaintext:1;
 	unsigned int auth_tried_unsupported_mech:1;
diff -r 402cff03919a -r c9ef7a0f9b44 src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c	Tue Oct 25 21:41:28 2011 +0300
+++ b/src/login-common/ssl-proxy-openssl.c	Tue Oct 25 21:44:38 2011 +0300
@@ -1089,9 +1089,13 @@
 	host = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
 
 	client = proxy->client;
-	client->set = login_settings_read(client->pool,
-					  &client->local_ip, &client->ip, host,
-					  &other_sets);
+	if (!client->ssl_servername_settings_read) {
+		client->ssl_servername_settings_read = TRUE;
+		client->set = login_settings_read(client->pool,
+						  &client->local_ip,
+						  &client->ip, host,
+						  &other_sets);
+	}
 	ctx = ssl_server_context_get(client->set);
 	SSL_set_SSL_CTX(ssl, ctx->ctx);
 }


More information about the dovecot-cvs mailing list