dovecot-2.0: script-login: Added version check to the protocol.
dovecot at dovecot.org
dovecot at dovecot.org
Wed Jun 2 20:45:06 EEST 2010
details: http://hg.dovecot.org/dovecot-2.0/rev/3ac8c5dd9c30
changeset: 11460:3ac8c5dd9c30
user: Timo Sirainen <tss at iki.fi>
date: Wed Jun 02 18:45:02 2010 +0100
description:
script-login: Added version check to the protocol.
diffstat:
src/lib-master/master-login.c | 3 ++-
src/util/script-login.c | 28 +++++++++++++++++++++++++---
2 files changed, 27 insertions(+), 4 deletions(-)
diffs (83 lines):
diff -r c86b90148906 -r 3ac8c5dd9c30 src/lib-master/master-login.c
--- a/src/lib-master/master-login.c Wed Jun 02 17:22:41 2010 +0100
+++ b/src/lib-master/master-login.c Wed Jun 02 18:45:02 2010 +0100
@@ -301,7 +301,8 @@
}
str = t_str_new(256);
- str_printfa(str, "%s\t%s", net_ip2addr(&client->auth_req.local_ip),
+ str_printfa(str, "VERSION\tscript-login\t1\t0\n"
+ "%s\t%s", net_ip2addr(&client->auth_req.local_ip),
net_ip2addr(&client->auth_req.remote_ip));
for (i = 0; auth_args[i] != NULL; i++) {
str_append_c(str, '\t');
diff -r c86b90148906 -r 3ac8c5dd9c30 src/util/script-login.c
--- a/src/util/script-login.c Wed Jun 02 17:22:41 2010 +0100
+++ b/src/util/script-login.c Wed Jun 02 18:45:02 2010 +0100
@@ -16,6 +16,8 @@
#include <stdlib.h>
#include <unistd.h>
+#define SCRIPT_LOGIN_PROTOCOL_VERSION_MAJOR 1
+#define SCRIPT_LOGIN_READ_TIMEOUT_SECS 10
#define ENV_USERDB_KEYS "USERDB_KEYS"
#define SCRIPT_COMM_FD 3
@@ -27,7 +29,7 @@
enum mail_storage_service_flags flags =
MAIL_STORAGE_SERVICE_FLAG_NO_PLUGINS;
string_t *instr, *keys;
- const char **args, *key, *value, *error;
+ const char **args, *key, *value, *error, *version_line, *data_line;
struct mail_storage_service_ctx *service_ctx;
struct mail_storage_service_input input;
struct mail_storage_service_user *user;
@@ -36,18 +38,38 @@
int fd = -1;
ssize_t ret;
+ alarm(SCRIPT_LOGIN_READ_TIMEOUT_SECS);
+
net_set_nonblock(conn->fd, FALSE);
instr = t_str_new(1024);
ret = fd_read(conn->fd, buf, sizeof(buf), &fd);
while (ret > 0) {
str_append_n(instr, buf, ret);
- if (buf[ret-1] == '\n') {
+ if (buf[ret-1] == '\n' &&
+ strchr(str_c(instr), '\n')[1] != '\0') {
str_truncate(instr, str_len(instr)-1);
break;
}
ret = read(conn->fd, buf, sizeof(buf));
}
+
+ version_line = str_c(instr);
+ data_line = strchr(version_line, '\n');
+ if (data_line != NULL)
+ version_line = t_strdup_until(version_line, data_line++);
+ else
+ version_line = NULL;
+
+ if (ret > 0 || version_line != NULL) {
+ if (version_line == NULL ||
+ !version_string_verify(version_line, "script-login",
+ SCRIPT_LOGIN_PROTOCOL_VERSION_MAJOR)) {
+ i_fatal("Client not compatible with this binary "
+ "(connecting to wrong socket?)");
+ }
+ }
+
if (ret <= 0) {
if (ret < 0)
i_fatal("read() failed: %m");
@@ -60,7 +82,7 @@
/* put everything to environment */
env_clean();
keys = t_str_new(256);
- args = t_strsplit(str_c(instr), "\t");
+ args = t_strsplit(data_line, "\t");
if (str_array_length(args) < 3)
i_fatal("Missing input fields");
More information about the dovecot-cvs
mailing list