login-settings.c revision 1358e2c58ce29231485a5cfa454756d429ad3d2c
b9f30617c2c96d54acbc4f85ed17b939c4f28916Timo Sirainen/* Copyright (c) 2005-2009 Dovecot authors, see the included COPYING file */
d63b4241643b6014d49ff356f14e0f3ee43068a8Timo Sirainenstatic bool login_settings_check(void *_set, pool_t pool, const char **error_r);
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen { type, #name, offsetof(struct login_settings, name), NULL }
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainenstatic struct setting_define login_setting_defines[] = {
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainenstatic struct login_settings login_default_settings = {
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen MEMBER(login_log_format_elements) "user=<%u> method=%m rip=%r lip=%l %c",
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen MEMBER(ssl_cert_file) SSLDIR"/certs/dovecot.pem",
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen MEMBER(ssl_key_file) SSLDIR"/private/dovecot.pem",
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen MEMBER(ssl_parameters_file) "ssl-parameters.dat",
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainenstruct setting_parser_info login_setting_parser_info = {
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen MEMBER(struct_size) sizeof(struct login_settings),
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen/* <settings checks> */
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainenstatic int ssl_settings_check(void *_set ATTR_UNUSED, const char **error_r)
ce8a6f53ea3ce91b759a54b771e1779564de19a1Timo Sirainen *error_r = t_strdup_printf("SSL support not compiled in but ssl=%s",
1cbc0c6372d24168962698c5f4d3e15df8943ebfTimo Sirainen if (set->ssl_verify_client_cert && *set->ssl_ca_file == '\0') {
1cbc0c6372d24168962698c5f4d3e15df8943ebfTimo Sirainen *error_r = "ssl_verify_client_cert set, but ssl_ca_file not";
1cbc0c6372d24168962698c5f4d3e15df8943ebfTimo Sirainen *error_r = t_strdup_printf("ssl_cert_file: access(%s) failed: %m",
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen *error_r = t_strdup_printf("ssl_key_file: access(%s) failed: %m",
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen if (*set->ssl_ca_file != '\0' && access(set->ssl_ca_file, R_OK) < 0) {
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen *error_r = t_strdup_printf("ssl_ca_file: access(%s) failed: %m",
d63b4241643b6014d49ff356f14e0f3ee43068a8Timo Sirainenstatic bool login_settings_check(void *_set, pool_t pool ATTR_UNUSED,
d63b4241643b6014d49ff356f14e0f3ee43068a8Timo Sirainen const char **error_r)
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen t_strsplit(set->login_log_format_elements, " ");
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen if (set->ssl_require_client_cert || set->ssl_username_from_cert) {
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen /* if we require valid cert, make sure we also ask for it */
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen *error_r = "login_max_connections must be at least 1";
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen /* disabled */
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen } else if (strcmp(set->ssl, "required") == 0) {
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen *error_r = t_strdup_printf("Unknown ssl setting value: %s",
b215a8a123623782554a83f3025ef4e771bd8f01Timo Sirainen/* </settings checks> */
d176f84ce5ca2073f4dfbafb457b9c74f6bf0d76Timo Sirainenstruct login_settings *login_settings_read(struct master_service *service)
d176f84ce5ca2073f4dfbafb457b9c74f6bf0d76Timo Sirainen static const struct setting_parser_info *set_roots[] = {
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen if (master_service_settings_read(service, &input, &error) < 0)
d176f84ce5ca2073f4dfbafb457b9c74f6bf0d76Timo Sirainen i_fatal("Error reading configuration: %s", error);