steffen: server/perl-kolab/Kolab-LDAP-Backend-slurpd slurpd.pm, 1.4, 1.5

cvs at intevation.de cvs at intevation.de
Thu Jun 17 04:49:16 CEST 2004


Author: steffen

Update of /kolabrepository/server/perl-kolab/Kolab-LDAP-Backend-slurpd
In directory doto:/tmp/cvs-serv18968/perl-kolab/Kolab-LDAP-Backend-slurpd

Modified Files:
	slurpd.pm 
Log Message:
smptd policy server honors "delegate" property, master/slave comm. is completely "SSL-ified" now

Index: slurpd.pm
===================================================================
RCS file: /kolabrepository/server/perl-kolab/Kolab-LDAP-Backend-slurpd/slurpd.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- slurpd.pm	11 Jun 2004 09:55:24 -0000	1.4
+++ slurpd.pm	17 Jun 2004 02:49:14 -0000	1.5
@@ -29,7 +29,8 @@
 use strict;
 use warnings;
 use IO::Select;
-use IO::Socket;
+use IO::Socket::INET;
+use IO::Socket::SSL qw(debug1);
 use Convert::ASN1 qw(:io);
 use Net::LDAP;
 use Net::LDAP::Constant qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
@@ -236,15 +237,31 @@
     my $port = $Kolab::config{'slurpd_port'};
   TRYCONNECT:
     Kolab::log('SD', "Opening listen server on port $port");
-    $server = IO::Socket::INET->new(
-        LocalPort   => $port,
-        Proto       => "tcp",
-        ReuseAddr   => 1,
-        Type        => SOCK_STREAM,
-	#LocalAddr   => "127.0.0.1",
-	LocalAddr   => "0.0.0.0",
-        Listen      => 10
-    );
+    if( $Kolab::config{'is_master'} eq 'true' ) {
+      # The master has to only listen to localhost
+      # without need for encryption
+      $server = IO::Socket::INET->new(
+          LocalPort   => $port,
+	  Proto       => "tcp",
+          ReuseAddr   => 1,
+          Type        => SOCK_STREAM,
+	  LocalAddr   => "127.0.0.1",
+          Listen      => 10
+       );
+    } else {
+      # Slaves use encrypted comm.
+      $server = IO::Socket::SSL->new(
+          LocalPort   => $port,
+	  Proto       => "tcp",
+          ReuseAddr   => 1,
+          Type        => SOCK_STREAM,
+	  LocalAddr   => "0.0.0.0",
+          Listen      => 10,
+	  SSL_key_file => $Kolab::config{'prefix'} . '/etc/kolab/key.pem',
+          SSL_cert_file => $Kolab::config{'prefix'} . '/etc/kolab/cert.pem',
+          SSL_verify_mode => 0
+      );
+  }
     if (!$server) {
         Kolab::log('SD', "Unable to open TCP listen server on port $port, Error = $@", KOLAB_ERROR);
 	sleep 1;





More information about the commits mailing list