dovecot-2.2: director: Remember backends' hostnames and send the...
dovecot at dovecot.org
dovecot at dovecot.org
Mon Oct 19 10:50:03 UTC 2015
details: http://hg.dovecot.org/dovecot-2.2/rev/7f718c840aff
changeset: 19310:7f718c840aff
user: Timo Sirainen <tss at iki.fi>
date: Mon Oct 19 13:49:54 2015 +0300
description:
director: Remember backends' hostnames and send them in login reply.
This allows login processes to verify the remote server's hostname in SSL
certificate.
diffstat:
src/director/director-connection.c | 11 ++++++++---
src/director/director-request.c | 5 +++--
src/director/director-request.h | 4 ++--
src/director/director.c | 6 +++++-
src/director/login-connection.c | 17 +++++++++++++----
src/director/mail-host.c | 27 ++++++++++++++++++++++-----
src/director/mail-host.h | 4 ++++
7 files changed, 57 insertions(+), 17 deletions(-)
diffs (211 lines):
diff -r 8e9cada0c8fc -r 7f718c840aff src/director/director-connection.c
--- a/src/director/director-connection.c Mon Oct 19 13:40:52 2015 +0300
+++ b/src/director/director-connection.c Mon Oct 19 13:49:54 2015 +0300
@@ -863,7 +863,7 @@
struct director_host *src_host = conn->host;
struct mail_host *host;
struct ip_addr ip;
- const char *tag = "";
+ const char *tag = "", *hostname = NULL;
unsigned int arg_count, vhost_count;
bool update, down = FALSE;
time_t last_updown_change = 0;
@@ -885,6 +885,8 @@
}
down = args[3][0] == 'D';
}
+ if (arg_count >= 5)
+ hostname = args[4];
if (conn->ignore_host_events) {
/* remote is sending hosts in a handshake, but it doesn't have
a completed ring and we do. */
@@ -894,7 +896,8 @@
host = mail_host_lookup(conn->dir->mail_hosts, &ip);
if (host == NULL) {
- host = mail_host_add_ip(conn->dir->mail_hosts, &ip, tag);
+ host = mail_host_add_hostname(conn->dir->mail_hosts,
+ hostname, &ip, tag);
update = TRUE;
} else {
update = host->vhost_count != vhost_count ||
@@ -1701,8 +1704,10 @@
str_append_tabescaped(str, host->tag);
}
if (send_updowns) {
- str_printfa(str, "\t%c%ld", host->down ? 'D' : 'U',
+ str_printfa(str, "\t%c%ld\t", host->down ? 'D' : 'U',
(long)host->last_updown_change);
+ if (host->hostname != NULL)
+ str_append_tabescaped(str, host->hostname);
}
str_append_c(str, '\n');
}
diff -r 8e9cada0c8fc -r 7f718c840aff src/director/director-request.c
--- a/src/director/director-request.c Mon Oct 19 13:40:52 2015 +0300
+++ b/src/director/director-request.c Mon Oct 19 13:49:54 2015 +0300
@@ -111,7 +111,7 @@
array_delete(&dir->pending_requests, 0, 1);
T_BEGIN {
- request->callback(NULL, errormsg, request->context);
+ request->callback(NULL, NULL, errormsg, request->context);
} T_END;
director_request_free(request);
}
@@ -316,7 +316,8 @@
i_assert(!user->weak);
director_update_user(dir, dir->self_host, user);
T_BEGIN {
- request->callback(&user->host->ip, NULL, request->context);
+ request->callback(&user->host->ip, user->host->hostname,
+ NULL, request->context);
} T_END;
director_request_free(request);
return TRUE;
diff -r 8e9cada0c8fc -r 7f718c840aff src/director/director-request.h
--- a/src/director/director-request.h Mon Oct 19 13:40:52 2015 +0300
+++ b/src/director/director-request.h Mon Oct 19 13:49:54 2015 +0300
@@ -5,8 +5,8 @@
struct director_request;
typedef void
-director_request_callback(const struct ip_addr *ip, const char *errormsg,
- void *context);
+director_request_callback(const struct ip_addr *ip, const char *hostname,
+ const char *errormsg, void *context);
void director_request(struct director *dir, const char *username,
const char *tag,
diff -r 8e9cada0c8fc -r 7f718c840aff src/director/director.c
--- a/src/director/director.c Mon Oct 19 13:40:52 2015 +0300
+++ b/src/director/director.c Mon Oct 19 13:49:54 2015 +0300
@@ -546,8 +546,12 @@
return;
}
if (dir->ring_min_version >= DIRECTOR_VERSION_UPDOWN) {
- str_printfa(str, "\t%c%ld", host->down ? 'D' : 'U',
+ str_printfa(str, "\t%c%ld\t", host->down ? 'D' : 'U',
(long)host->last_updown_change);
+ /* add any further version checks here - these directors ignore
+ any extra unknown arguments */
+ if (host->hostname != NULL)
+ str_append_tabescaped(str, host->hostname);
}
str_append_c(str, '\n');
director_update_send(dir, src, str_c(str));
diff -r 8e9cada0c8fc -r 7f718c840aff src/director/login-connection.c
--- a/src/director/login-connection.c Mon Oct 19 13:40:52 2015 +0300
+++ b/src/director/login-connection.c Mon Oct 19 13:49:54 2015 +0300
@@ -3,6 +3,7 @@
#include "lib.h"
#include "ioloop.h"
#include "net.h"
+#include "str.h"
#include "istream.h"
#include "ostream.h"
#include "llist.h"
@@ -124,8 +125,8 @@
}
static void
-login_host_callback(const struct ip_addr *ip, const char *errormsg,
- void *context)
+login_host_callback(const struct ip_addr *ip, const char *hostname,
+ const char *errormsg, void *context)
{
struct login_host_request *request = context;
struct director *dir = request->conn->dir;
@@ -148,9 +149,17 @@
login_host_request_is_self(request, ip)) {
line = request->line;
} else {
+ string_t *str = t_str_new(64);
+
secs = dir->set->director_user_expire / 2;
- line = t_strdup_printf("%s\thost=%s\tproxy_refresh=%u",
- request->line, net_ip2addr(ip), secs);
+ str_printfa(str, "%s\tproxy_refresh=%u\t", request->line, secs);
+ if (hostname == NULL)
+ str_printfa(str, "host=%s", net_ip2addr(ip));
+ else {
+ str_printfa(str, "host=%s\thostip=%s",
+ hostname, net_ip2addr(ip));
+ }
+ line = str_c(str);
}
login_connection_send_line(request->conn, line);
diff -r 8e9cada0c8fc -r 7f718c840aff src/director/mail-host.c
--- a/src/director/mail-host.c Mon Oct 19 13:40:52 2015 +0300
+++ b/src/director/mail-host.c Mon Oct 19 13:49:54 2015 +0300
@@ -153,19 +153,35 @@
return host;
}
+struct mail_host *
+mail_host_add_hostname(struct mail_host_list *list, const char *hostname,
+ const struct ip_addr *ip, const char *tag)
+{
+ struct mail_host *host;
+
+ host = mail_host_add_ip(list, ip, tag);
+ host->hostname = i_strdup(hostname);
+ return host;
+}
+
static int
-mail_host_add(struct mail_host_list *list, const char *host, const char *tag)
+mail_host_add(struct mail_host_list *list, const char *hostname, const char *tag)
{
- struct ip_addr *ips;
+ struct ip_addr *ips, ip;
unsigned int i, ips_count;
- if (net_gethostbyname(host, &ips, &ips_count) < 0) {
- i_error("Unknown mail host: %s", host);
+ if (net_addr2ip(hostname, &ip) == 0) {
+ (void)mail_host_add_ip(list, &ip, tag);
+ return 0;
+ }
+
+ if (net_gethostbyname(hostname, &ips, &ips_count) < 0) {
+ i_error("Unknown mail host: %s", hostname);
return -1;
}
for (i = 0; i < ips_count; i++)
- (void)mail_host_add_ip(list, &ips[i], tag);
+ (void)mail_host_add_hostname(list, hostname, &ips[i], tag);
return 0;
}
@@ -309,6 +325,7 @@
static void mail_host_free(struct mail_host *host)
{
i_free(host->tag);
+ i_free(host->hostname);
i_free(host);
}
diff -r 8e9cada0c8fc -r 7f718c840aff src/director/mail-host.h
--- a/src/director/mail-host.h Mon Oct 19 13:40:52 2015 +0300
+++ b/src/director/mail-host.h Mon Oct 19 13:49:54 2015 +0300
@@ -14,6 +14,7 @@
time_t last_updown_change;
struct ip_addr ip;
+ char *hostname;
char *tag;
/* host was recently changed and ring hasn't synced yet since */
@@ -25,6 +26,9 @@
mail_host_add_ip(struct mail_host_list *list, const struct ip_addr *ip,
const char *tag);
struct mail_host *
+mail_host_add_hostname(struct mail_host_list *list, const char *hostname,
+ const struct ip_addr *ip, const char *tag);
+struct mail_host *
mail_host_lookup(struct mail_host_list *list, const struct ip_addr *ip);
struct mail_host *
mail_host_get_by_hash(struct mail_host_list *list, unsigned int hash,
More information about the dovecot-cvs
mailing list