[Dovecot] Auth checking also the service

[Andrey Panin]

On 322, 11 18, 2006 at 12:56:41 +0100, Alessandro Astarita wrote:
> Alle 12:14, sabato 18 novembre 2006, Johannes Berg ha scritto:
> > I don't see why it wouldn't be possible but haven't looked at the code.
> >
> > I wonder why you even need to distinguish between these though. Are we
> > still in the days where encryption is a value-added service? :)
> 
> I have to distinguish pop3/pop3s and imap/imaps because I need mailboxes with 
> ssl access only. It's a way to force users to do secure connection. :-)

Please try attached patch. It adds %c variable which expands to "TLS" if connection is 
secure.
 
> -- 
> Alessandro 'Asterix' Astarita <aleast at capri.it>
> Capri Online S.r.l. http://www.caprionline.it/
> "Unix IS user friendly. It's just selective about who its friend are"
> 

-- 
Andrey Panin		| Linux and UNIX system administrator
pazke at donpac.ru		| PGP key: wwwkeys.pgp.net
-------------- next part --------------
diff -urdpNX /usr/share/dontdiff -x Makefile dovecot.vanilla/src/auth/auth-request.c dovecot/src/auth/auth-request.c
--- dovecot.vanilla/src/auth/auth-request.c	2006-11-18 18:57:06.329453408 +0300
+++ dovecot/src/auth/auth-request.c	2006-11-18 21:22:33.870665472 +0300
@@ -132,6 +132,10 @@ void auth_request_export(struct auth_req
 		str_append(str, "\trip=");
 		str_append(str, net_ip2addr(&request->remote_ip));
 	}
+
+	if (request->secured) {
+		str_append(str, "\tsecured");
+	}
 }
 
 bool auth_request_import(struct auth_request *request,
@@ -154,6 +158,8 @@ bool auth_request_import(struct auth_req
 		net_addr2ip(value, &request->local_ip);
 	else if (strcmp(key, "rip") == 0)
 		net_addr2ip(value, &request->remote_ip);
+	else if (strcmp(key, "secured") == 0)
+		request->secured = 1;
 	else
 		return FALSE;
 
@@ -948,6 +954,7 @@ auth_request_get_var_expand_table(const 
 		{ 'p', NULL },
 		{ 'w', NULL },
 		{ '!', NULL },
+		{ 'c', NULL },
 		{ '\0', NULL }
 	};
 	struct var_expand_table *tab;
@@ -977,6 +984,7 @@ auth_request_get_var_expand_table(const 
 	}
 	tab[9].value = auth_request->passdb == NULL ? "" :
 		dec2str(auth_request->passdb->id);
+	tab[10].value = auth_request->secured ? "TLS" : "";
 	return tab;
 }
 
diff -urdpNX /usr/share/dontdiff -x Makefile dovecot.vanilla/src/auth/auth-request.h dovecot/src/auth/auth-request.h
--- dovecot.vanilla/src/auth/auth-request.h	2006-11-18 18:57:06.330453256 +0300
+++ dovecot/src/auth/auth-request.h	2006-11-18 19:49:56.850460952 +0300
@@ -79,6 +79,7 @@ struct auth_request {
 	unsigned int no_password:1;
 	unsigned int skip_password_check:1;
 	unsigned int proxy:1;
+	unsigned int secured:1;
 	unsigned int cert_username:1;
 
 	/* ... mechanism specific data ... */
diff -urdpNX /usr/share/dontdiff -x Makefile dovecot.vanilla/src/auth/auth-worker-client.c dovecot/src/auth/auth-worker-client.c
--- dovecot.vanilla/src/auth/auth-worker-client.c	2006-11-18 18:57:06.337452192 +0300
+++ dovecot/src/auth/auth-worker-client.c	2006-11-18 21:02:26.344237392 +0300
@@ -58,11 +58,14 @@ worker_auth_request_new(struct auth_work
 		t_push();
 		for (tmp = t_strsplit(args, "\t"); *tmp != NULL; tmp++) {
 			value = strchr(*tmp, '=');
-			if (value == NULL)
-				continue;
 
-			key = t_strdup_until(*tmp, value);
-			value++;
+			if (value == NULL) {
+				key = *tmp;
+				value = "";
+			} else {
+				key = t_strdup_until(*tmp, value);
+				value++;
+			}
 
 			(void)auth_request_import(auth_request, key, value);
 		}