dovecot-2.0: doveadm: Added doveadm_allowed_commands setting, wh...
dovecot at dovecot.org
dovecot at dovecot.org
Fri May 20 14:21:58 EEST 2011
details: http://hg.dovecot.org/dovecot-2.0/rev/c67ba5bf1ba9
changeset: 12817:c67ba5bf1ba9
user: Timo Sirainen <tss at iki.fi>
date: Fri May 20 14:21:51 2011 +0300
description:
doveadm: Added doveadm_allowed_commands setting, which is used by doveadm server.
diffstat:
src/doveadm/client-connection.c | 27 +++++++++++++++++++++++++++
src/doveadm/doveadm-settings.c | 2 ++
src/doveadm/doveadm-settings.h | 1 +
3 files changed, 30 insertions(+), 0 deletions(-)
diffs (74 lines):
diff -r c46b1ce45cd1 -r c67ba5bf1ba9 src/doveadm/client-connection.c
--- a/src/doveadm/client-connection.c Fri May 20 14:20:46 2011 +0300
+++ b/src/doveadm/client-connection.c Fri May 20 14:21:51 2011 +0300
@@ -111,6 +111,27 @@
return ret;
}
+static bool client_is_allowed_command(const struct doveadm_settings *set,
+ const char *cmd_name)
+{
+ bool ret = FALSE;
+
+ if (*set->doveadm_allowed_commands == '\0')
+ return TRUE;
+
+ T_BEGIN {
+ const char *const *cmds =
+ t_strsplit(set->doveadm_allowed_commands, ",");
+ for (; *cmds != NULL; cmds++) {
+ if (strcmp(*cmds, cmd_name) == 0) {
+ ret = TRUE;
+ break;
+ }
+ }
+ } T_END;
+ return ret;
+}
+
static bool client_handle_command(struct client_connection *conn, char **args)
{
struct mail_storage_service_input input;
@@ -152,6 +173,12 @@
}
}
+ if (!client_is_allowed_command(conn->set, cmd_name)) {
+ i_error("doveadm client isn't allowed to use command: %s",
+ cmd_name);
+ return FALSE;
+ }
+
o_stream_cork(conn->output);
ret = doveadm_mail_cmd_server(cmd_name, conn->set, &input, argc, args);
if (ret)
diff -r c46b1ce45cd1 -r c67ba5bf1ba9 src/doveadm/doveadm-settings.c
--- a/src/doveadm/doveadm-settings.c Fri May 20 14:20:46 2011 +0300
+++ b/src/doveadm/doveadm-settings.c Fri May 20 14:21:51 2011 +0300
@@ -59,6 +59,7 @@
DEF(SET_UINT, doveadm_worker_count),
DEF(SET_UINT, doveadm_proxy_port),
DEF(SET_STR, doveadm_password),
+ DEF(SET_STR, doveadm_allowed_commands),
{ SET_STRLIST, "plugin", offsetof(struct doveadm_settings, plugin_envs), NULL },
@@ -73,6 +74,7 @@
.doveadm_worker_count = 0,
.doveadm_proxy_port = 0,
.doveadm_password = "",
+ .doveadm_allowed_commands = "",
.plugin_envs = ARRAY_INIT
};
diff -r c46b1ce45cd1 -r c67ba5bf1ba9 src/doveadm/doveadm-settings.h
--- a/src/doveadm/doveadm-settings.h Fri May 20 14:20:46 2011 +0300
+++ b/src/doveadm/doveadm-settings.h Fri May 20 14:21:51 2011 +0300
@@ -9,6 +9,7 @@
unsigned int doveadm_worker_count;
unsigned int doveadm_proxy_port;
const char *doveadm_password;
+ const char *doveadm_allowed_commands;
ARRAY_DEFINE(plugin_envs, const char *);
};
More information about the dovecot-cvs
mailing list