On Mon, 2012-11-05 at 23:40 +0200, Timo Sirainen wrote: > Anyway, looks like Dovecot can't link OpenSSL to imap/pop3 processes > without wasting a ton of memory. In v2.2 I already moved imapc/pop3c > backend code to plugins to avoid this. Looks like similar ugliness is > needed for other features/backends also that may end up using SSL code. > (We were wondering with Stephan what to do about his new HTTP library > code that added support for SSL. It would be nice to keep it in the core > libdovecot.so, but not if it links with SSL. So looks like we'll need > some kind of a http-ssl plugin that is loaded only when needed.)
Implemented it a bit easier way that also gets rid of imapc/pop3c plugins and simplifies other things: lib-ssl-iostream now loads OpenSSL dynamically: http://hg.dovecot.org/dovecot-2.2/rev/68d21f872fd7 This also provides a nice abstraction to OpenSSL, making it again possible to implement other backends like GnuTLS or NSS. (Except login process code doesn't use lib-ssl-iostream yet.)