dovecot-2.2: Added support for IMAP URLAUTH and URLAUTH=BINARY e...

dovecot at dovecot.org dovecot at dovecot.org
Sat Sep 15 23:57:26 EEST 2012 

details:   http://hg.dovecot.org/dovecot-2.2/rev/d419aac7ab31
changeset: 15066:d419aac7ab31
user:      Stephan Bosch <stephan at rename-it.nl>
date:      Sat Sep 15 23:57:08 2012 +0300
description:
Added support for IMAP URLAUTH and URLAUTH=BINARY extensions

Extends imap service with URLAUTH and URLAUTH=BINARY support:
  - Adds new commands URLFETCH, GENURLAUTH and RESETKEY.

Creates imap-urlauth service in src/imap-urlauth.

Functionality common to both the imap and imap-urlauth services is located
in src/lib-imap-urlauth.

TODO:
 - use mailbox GUIDs instead of names
 - doveadm command to delete stale urlauth entries?
 - add delay when attempting to access nonexistent user
 - create urlauth-worker queue, similar to how indexer-worker works
   (could we share code?..)

diffstat:

 .hgignore                                       |     3 +
 README                                          |     2 +
 configure.in                                    |     2 +
 src/Makefile.am                                 |     2 +
 src/imap-urlauth/Makefile.am                    |    82 +
 src/imap-urlauth/imap-urlauth-client.c          |   379 ++++++++
 src/imap-urlauth/imap-urlauth-client.h          |    48 +
 src/imap-urlauth/imap-urlauth-common.h          |    13 +
 src/imap-urlauth/imap-urlauth-login-settings.c  |    75 +
 src/imap-urlauth/imap-urlauth-login-settings.h  |     6 +
 src/imap-urlauth/imap-urlauth-login.c           |   192 ++++
 src/imap-urlauth/imap-urlauth-settings.c        |    95 ++
 src/imap-urlauth/imap-urlauth-settings.h        |    24 +
 src/imap-urlauth/imap-urlauth-worker-settings.c |    90 +
 src/imap-urlauth/imap-urlauth-worker-settings.h |    19 +
 src/imap-urlauth/imap-urlauth-worker.c          |  1036 +++++++++++++++++++++++
 src/imap-urlauth/imap-urlauth.c                 |   252 +++++
 src/imap/Makefile.am                            |     6 +
 src/imap/cmd-genurlauth.c                       |    52 +
 src/imap/cmd-resetkey.c                         |   105 ++
 src/imap/cmd-urlfetch.c                         |   387 ++++++++
 src/imap/imap-client.c                          |    52 +-
 src/imap/imap-client.h                          |    12 +-
 src/imap/imap-commands.c                        |     7 +-
 src/imap/imap-commands.h                        |     5 +
 src/imap/imap-settings.c                        |    10 +-
 src/imap/imap-settings.h                        |     5 +
 src/imap/main.c                                 |     6 +-
 src/lib-imap-urlauth/Makefile.am                |    28 +
 src/lib-imap-urlauth/imap-urlauth-backend.c     |   164 +++
 src/lib-imap-urlauth/imap-urlauth-backend.h     |    20 +
 src/lib-imap-urlauth/imap-urlauth-connection.c  |  1016 ++++++++++++++++++++++
 src/lib-imap-urlauth/imap-urlauth-connection.h  |    42 +
 src/lib-imap-urlauth/imap-urlauth-fetch.c       |   437 +++++++++
 src/lib-imap-urlauth/imap-urlauth-fetch.h       |    50 +
 src/lib-imap-urlauth/imap-urlauth-private.h     |    18 +
 src/lib-imap-urlauth/imap-urlauth.c             |   467 ++++++++++
 src/lib-imap-urlauth/imap-urlauth.h             |    49 +
 38 files changed, 5253 insertions(+), 5 deletions(-)

diffs (truncated from 5658 to 300 lines):

diff -r 1b4ab06fa0e2 -r d419aac7ab31 .hgignore
--- a/.hgignore	Sat Sep 15 21:00:54 2012 +0300
+++ b/.hgignore	Sat Sep 15 23:57:08 2012 +0300
@@ -67,6 +67,9 @@
 src/doveadm/doveadm
 src/doveadm/doveadm-server
 src/imap-login/imap-login
+src/imap-urlauth/imap-urlauth
+src/imap-urlauth/imap-urlauth-login
+src/imap-urlauth/imap-urlauth-worker
 src/imap/imap
 src/indexer/indexer
 src/indexer/indexer-worker
diff -r 1b4ab06fa0e2 -r d419aac7ab31 README
--- a/README	Sat Sep 15 21:00:54 2012 +0300
+++ b/README	Sat Sep 15 23:57:08 2012 +0300
@@ -40,6 +40,7 @@
  3691       - IMAP4 UNSELECT command
  4314       - IMAP4 Access Control List (ACL) Extension
  4315       - IMAP UIDPLUS extension
+ 4467       - IMAP URLAUTH Extension
  4469       - IMAP CATENATE Extension
  4551       - IMAP Extension for Conditional STORE Operation
               or Quick Flag Changes Resynchronization
@@ -55,6 +56,7 @@
  5256       - IMAP SORT and THREAD Extensions
  5258       - IMAP4 - LIST Command Extensions 
  5267       - Contexts for IMAP4
+ 5524       - Extended URLFETCH for Binary and Converted Parts
  5530       - IMAP Response Codes
  5819       - IMAP4 Extension for Returning STATUS Information in Extended LIST
  5957       - Display-Based Address Sorting for the IMAP4 SORT Extension
diff -r 1b4ab06fa0e2 -r d419aac7ab31 configure.in
--- a/configure.in	Sat Sep 15 21:00:54 2012 +0300
+++ b/configure.in	Sat Sep 15 23:57:08 2012 +0300
@@ -2757,6 +2757,7 @@
 src/lib-imap/Makefile
 src/lib-imap-storage/Makefile
 src/lib-imap-client/Makefile
+src/lib-imap-urlauth/Makefile
 src/lib-index/Makefile
 src/lib-lda/Makefile
 src/lib-mail/Makefile
@@ -2796,6 +2797,7 @@
 src/ipc/Makefile
 src/imap/Makefile
 src/imap-login/Makefile
+src/imap-urlauth/Makefile
 src/login-common/Makefile
 src/master/Makefile
 src/pop3/Makefile
diff -r 1b4ab06fa0e2 -r d419aac7ab31 src/Makefile.am
--- a/src/Makefile.am	Sat Sep 15 21:00:54 2012 +0300
+++ b/src/Makefile.am	Sat Sep 15 23:57:08 2012 +0300
@@ -16,6 +16,7 @@
 SUBDIRS = \
 	$(LIBDOVECOT_SUBDIRS) \
 	lib-imap-client \
+	lib-imap-urlauth \
 	lib-compression \
 	lib-dovecot \
 	lib-index \
@@ -34,6 +35,7 @@
 	login-common \
 	imap-login \
 	imap \
+	imap-urlauth \
 	pop3-login \
 	pop3 \
 	lda \
diff -r 1b4ab06fa0e2 -r d419aac7ab31 src/imap-urlauth/Makefile.am
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/imap-urlauth/Makefile.am	Sat Sep 15 23:57:08 2012 +0300
@@ -0,0 +1,82 @@
+pkglibexecdir = $(libexecdir)/dovecot
+
+# Refer to comment in imap-urlauth.c for info on what these binaries are for.
+pkglibexec_PROGRAMS = imap-urlauth-login imap-urlauth imap-urlauth-worker
+
+# imap-urlauth-login
+
+imap_urlauth_login_CPPFLAGS = \
+	-I$(top_srcdir)/src/lib \
+	-I$(top_srcdir)/src/lib-settings \
+	-I$(top_srcdir)/src/lib-auth \
+	-I$(top_srcdir)/src/lib-master \
+	-I$(top_srcdir)/src/login-common
+
+imap_urlauth_login_LDADD = \
+	$(LIBDOVECOT_LOGIN) \
+	$(LIBDOVECOT) \
+	$(SSL_LIBS)
+imap_urlauth_login_DEPENDENCIES = \
+	$(LIBDOVECOT_LOGIN) \
+	$(LIBDOVECOT_DEPS)
+
+imap_urlauth_login_SOURCES = \
+	imap-urlauth-login.c \
+	imap-urlauth-login-settings.c
+
+# imap-urlauth
+
+imap_urlauth_CPPFLAGS = \
+	-I$(top_srcdir)/src/lib \
+	-I$(top_srcdir)/src/lib-settings \
+	-I$(top_srcdir)/src/lib-auth \
+	-I$(top_srcdir)/src/lib-master \
+	-I$(top_srcdir)/src/lib-dict \
+	-DPKG_RUNDIR=\""$(rundir)"\"
+
+imap_urlauth_LDFLAGS = -export-dynamic
+
+imap_urlauth_LDADD = $(LIBDOVECOT) $(MODULE_LIBS)
+imap_urlauth_DEPENDENCIES = $(LIBDOVECOT_DEPS)
+
+imap_urlauth_SOURCES = \
+	imap-urlauth.c \
+	imap-urlauth-client.c \
+	imap-urlauth-settings.c
+
+# imap-urlauth-worker
+
+imap_urlauth_worker_CPPFLAGS = \
+	-I$(top_srcdir)/src/lib \
+	-I$(top_srcdir)/src/lib-auth \
+	-I$(top_srcdir)/src/lib-settings \
+	-I$(top_srcdir)/src/lib-master \
+	-I$(top_srcdir)/src/lib-dict \
+	-I$(top_srcdir)/src/imap \
+	-I$(top_srcdir)/src/lib-imap \
+	-I$(top_srcdir)/src/lib-imap-storage \
+	-I$(top_srcdir)/src/lib-imap-urlauth \
+	-I$(top_srcdir)/src/lib-mail \
+	-I$(top_srcdir)/src/lib-storage \
+	-I$(top_srcdir)/src/login-common
+
+imap_urlauth_worker_LDFLAGS = -export-dynamic
+
+urlauth_libs = \
+	$(LIBDOVECOT_STORAGE) \
+	$(top_builddir)/src/lib-imap-urlauth/libimap-urlauth.la
+
+imap_urlauth_worker_LDADD = $(urlauth_libs) $(LIBDOVECOT) $(MODULE_LIBS)
+imap_urlauth_worker_DEPENDENCIES = $(urlauth_libs) $(LIBDOVECOT_DEPS)
+
+imap_urlauth_worker_SOURCES = \
+	imap-urlauth-worker.c \
+	imap-urlauth-worker-settings.c
+
+noinst_HEADERS = \
+	imap-urlauth-client.h \
+	imap-urlauth-common.h \
+	imap-urlauth-settings.h \
+	imap-urlauth-login-settings.h \
+	imap-urlauth-worker-settings.h
+
diff -r 1b4ab06fa0e2 -r d419aac7ab31 src/imap-urlauth/imap-urlauth-client.c
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/imap-urlauth/imap-urlauth-client.c	Sat Sep 15 23:57:08 2012 +0300
@@ -0,0 +1,379 @@
+/* Copyright (c) 2012 Dovecot authors, see the included COPYING file */
+
+#include "imap-urlauth-common.h"
+#include "array.h"
+#include "ioloop.h"
+#include "network.h"
+#include "fdpass.h"
+#include "istream.h"
+#include "ostream.h"
+#include "str.h"
+#include "strescape.h"
+#include "eacces-error.h"
+#include "llist.h"
+#include "hostpid.h"
+#include "execv-const.h"
+#include "env-util.h"
+#include "var-expand.h"
+#include "restrict-access.h"
+#include "master-service.h"
+#include "master-interface.h"
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/wait.h>
+
+#define IMAP_URLAUTH_PROTOCOL_MAJOR_VERSION 1
+#define IMAP_URLAUTH_PROTOCOL_MINOR_VERSION 0
+
+#define IMAP_URLAUTH_WORKER_SOCKET "imap-urlauth-worker"
+
+/* max. length of input lines (URLs) */
+#define MAX_INBUF_SIZE 2048
+
+/* Disconnect client after idling this many milliseconds */
+#define CLIENT_IDLE_TIMEOUT_MSECS (10*60*1000)
+
+#define USER_EXECUTABLE "imap-urlauth-worker"
+
+#define IS_STANDALONE() \
+        (getenv(MASTER_IS_PARENT_ENV) == NULL)
+
+struct client *imap_urlauth_clients;
+unsigned int imap_urlauth_client_count;
+
+static int client_worker_connect(struct client *client);
+static void client_worker_disconnect(struct client *client);
+static void client_worker_input(struct client *client);
+
+int client_create(const char *username, int fd_in, int fd_out,
+		  const struct imap_urlauth_settings *set,
+		  struct client **client_r)
+{
+	struct client *client;
+	const char *app;
+
+	/* always use nonblocking I/O */
+	net_set_nonblock(fd_in, TRUE);
+	net_set_nonblock(fd_out, TRUE);
+
+	client = i_new(struct client, 1);
+	client->fd_in = fd_in;
+	client->fd_out = fd_out;
+	client->fd_ctrl = -1;
+	client->set = set;
+
+	if (client_worker_connect(client) < 0) {
+		i_free(client);
+		return -1;
+	}
+
+	/* determine user's special privileges */
+	i_array_init(&client->access_apps, 4);
+	if (username != NULL) {
+		if (set->imap_urlauth_submit_user != NULL &&
+		    strcmp(set->imap_urlauth_submit_user, username) == 0) {
+			if (set->mail_debug)
+				i_debug("User %s has URLAUTH submit access", username);
+			app = "submit+";
+			array_append(&client->access_apps, &app, 1);
+		}
+		if (set->imap_urlauth_stream_user != NULL &&
+		    strcmp(set->imap_urlauth_stream_user, username) == 0) {
+			if (set->mail_debug)
+				i_debug("User %s has URLAUTH stream access", username);
+			app = "stream";
+			array_append(&client->access_apps, &app, 1);
+		}
+	}
+
+	if (username != NULL)
+		client->username = i_strdup(username);
+
+	client->output = o_stream_create_fd(fd_out, (size_t)-1, FALSE);
+
+	imap_urlauth_client_count++;
+	DLLIST_PREPEND(&imap_urlauth_clients, client);
+
+	imap_urlauth_refresh_proctitle();
+	*client_r = client;
+	return 0;
+}
+
+void client_send_line(struct client *client, const char *fmt, ...)
+{
+	va_list va;
+	ssize_t ret;
+
+	if (client->output->closed)
+		return;
+
+	va_start(va, fmt);
+
+	T_BEGIN {
+		string_t *str;
+
+		str = t_str_new(256);
+		str_vprintfa(str, fmt, va);
+		str_append(str, "\n");
+
+		ret = o_stream_send(client->output,
+				    str_data(str), str_len(str));
+		i_assert(ret < 0 || (size_t)ret == str_len(str));
+	} T_END;
+
+	va_end(va);
+}
+
+static int client_worker_connect(struct client *client)
+{
+	static const char handshake[] = "VERSION\timap-urlauth-worker\t1\t0\n";
+	const char *socket_path;
+	ssize_t ret;
+	unsigned char data;
+
+	socket_path = t_strconcat(client->set->base_dir,
+				  "/"IMAP_URLAUTH_WORKER_SOCKET, NULL);
+
+	if (client->set->mail_debug)
+		i_debug("Connecting to worker socket %s", socket_path);
+

More information about the dovecot-cvs mailing list