[dovecot-cvs] dovecot/src/login-common sasl-server.c, 1.8,
1.9 ssl-proxy-openssl.c, 1.29, 1.30 ssl-proxy.c, 1.5,
1.6 ssl-proxy.h, 1.4, 1.5
cras at dovecot.org
cras at dovecot.org
Sat Oct 1 13:52:18 EEST 2005
- Previous message: [dovecot-cvs] dovecot/src/lib-auth auth-client.h, 1.9,
1.10 auth-server-request.c, 1.22, 1.23
- Next message: [dovecot-cvs] dovecot/src/auth auth-request.c, 1.29,
1.30 auth-request.h, 1.18, 1.19 auth.c, 1.17, 1.18 auth.h,
1.14, 1.15 passdb-blocking.c, 1.6, 1.7 passdb-bsdauth.c, 1.10,
1.11 passdb-passwd.c, 1.13, 1.14 passdb-shadow.c, 1.14, 1.15
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /var/lib/cvs/dovecot/src/login-common
In directory talvi:/tmp/cvs-serv23762/src/login-common
Modified Files:
sasl-server.c ssl-proxy-openssl.c ssl-proxy.c ssl-proxy.h
Log Message:
Added ssl_username_from_cert setting. Not actually tested yet..
Index: sasl-server.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/login-common/sasl-server.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- sasl-server.c 14 May 2005 20:32:06 -0000 1.8
+++ sasl-server.c 1 Oct 2005 10:52:15 -0000 1.9
@@ -134,6 +134,8 @@
memset(&info, 0, sizeof(info));
info.mech = mech->name;
info.service = service;
+ info.cert_username = client->proxy == NULL ? NULL :
+ ssl_proxy_get_peer_name(client->proxy);
info.flags = client_get_auth_flags(client);
info.local_ip = client->local_ip;
info.remote_ip = client->ip;
Index: ssl-proxy-openssl.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/login-common/ssl-proxy-openssl.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -d -r1.29 -r1.30
--- ssl-proxy-openssl.c 18 Sep 2005 15:57:13 -0000 1.29
+++ ssl-proxy-openssl.c 1 Oct 2005 10:52:15 -0000 1.30
@@ -379,6 +379,26 @@
return proxy->cert_received && !proxy->cert_broken;
}
+const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy)
+{
+ X509 *x509;
+ char buf[1024];
+ const char *name;
+
+ if (!ssl_proxy_has_valid_client_cert(proxy))
+ return NULL;
+
+ x509 = SSL_get_peer_certificate(proxy->ssl);
+ if (x509 == NULL)
+ return NULL; /* we should have had it.. */
+
+ X509_NAME_oneline(X509_get_subject_name(x509), buf, sizeof(buf));
+ name = t_strndup(buf, sizeof(buf));
+ X509_free(x509);
+
+ return *name == '\0' ? NULL : name;
+}
+
void ssl_proxy_free(struct ssl_proxy *proxy)
{
ssl_proxy_unref(proxy);
Index: ssl-proxy.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/login-common/ssl-proxy.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- ssl-proxy.c 1 Oct 2004 14:41:16 -0000 1.5
+++ ssl-proxy.c 1 Oct 2005 10:52:15 -0000 1.6
@@ -21,6 +21,11 @@
return FALSE;
}
+const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy __attr_unused__)
+{
+ return NULL;
+}
+
void ssl_proxy_free(struct ssl_proxy *proxy __attr_unused__) {}
void ssl_proxy_init(void) {}
Index: ssl-proxy.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/login-common/ssl-proxy.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- ssl-proxy.h 7 Aug 2005 11:41:40 -0000 1.4
+++ ssl-proxy.h 1 Oct 2005 10:52:15 -0000 1.5
@@ -11,6 +11,7 @@
the given fd must be simply forgotten. */
int ssl_proxy_new(int fd, struct ip_addr *ip, struct ssl_proxy **proxy_r);
int ssl_proxy_has_valid_client_cert(struct ssl_proxy *proxy);
+const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy);
void ssl_proxy_free(struct ssl_proxy *proxy);
void ssl_proxy_init(void);
- Previous message: [dovecot-cvs] dovecot/src/lib-auth auth-client.h, 1.9,
1.10 auth-server-request.c, 1.22, 1.23
- Next message: [dovecot-cvs] dovecot/src/auth auth-request.c, 1.29,
1.30 auth-request.h, 1.18, 1.19 auth.c, 1.17, 1.18 auth.h,
1.14, 1.15 passdb-blocking.c, 1.6, 1.7 passdb-bsdauth.c, 1.10,
1.11 passdb-passwd.c, 1.13, 1.14 passdb-shadow.c, 1.14, 1.15
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list