dovecot-2.2: auth: allow_nets=local matches now connections with...
dovecot at dovecot.org
dovecot at dovecot.org
Fri Oct 24 23:43:46 UTC 2014
details: http://hg.dovecot.org/dovecot-2.2/rev/d1aefed4589b
changeset: 18004:d1aefed4589b
user: Timo Sirainen <tss at iki.fi>
date: Sat Oct 25 02:39:00 2014 +0300
description:
auth: allow_nets=local matches now connections without any IP address
diffstat:
src/auth/auth-request.c | 23 +++++++++++++----------
1 files changed, 13 insertions(+), 10 deletions(-)
diffs (47 lines):
diff -r 37a3c6c001b7 -r d1aefed4589b src/auth/auth-request.c
--- a/src/auth/auth-request.c Sat Oct 25 02:13:36 2014 +0300
+++ b/src/auth/auth-request.c Sat Oct 25 02:39:00 2014 +0300
@@ -1279,30 +1279,33 @@
unsigned int bits;
bool found = FALSE;
- if (request->remote_ip.family == 0) {
- /* IP not known */
- auth_request_log_info(request, AUTH_SUBSYS_DB,
- "allow_nets check failed: Remote IP not known");
- request->failed = TRUE;
- return;
- }
-
for (net = t_strsplit_spaces(networks, ", "); *net != NULL; net++) {
auth_request_log_debug(request, AUTH_SUBSYS_DB,
"allow_nets: Matching for network %s", *net);
+ if (strcmp(*net, "local") == 0 && request->remote_ip.family == 0) {
+ found = TRUE;
+ break;
+ }
+
if (net_parse_range(*net, &net_ip, &bits) < 0) {
auth_request_log_info(request, AUTH_SUBSYS_DB,
"allow_nets: Invalid network '%s'", *net);
}
- if (net_is_in_network(&request->remote_ip, &net_ip, bits)) {
+ if (request->remote_ip.family != 0 &&
+ net_is_in_network(&request->remote_ip, &net_ip, bits)) {
found = TRUE;
break;
}
}
- if (!found) {
+ if (found)
+ ;
+ else if (request->remote_ip.family == 0) {
+ auth_request_log_info(request, AUTH_SUBSYS_DB,
+ "allow_nets check failed: Remote IP not known and 'local' missing");
+ } else if (!found) {
auth_request_log_info(request, AUTH_SUBSYS_DB,
"allow_nets check failed: IP not in allowed networks");
}
More information about the dovecot-cvs
mailing list