dovecot-2.1: auth: Added auth_proxy_self setting to specify IPs ...
dovecot at dovecot.org
dovecot at dovecot.org
Sat Feb 25 05:42:37 EET 2012
details: http://hg.dovecot.org/dovecot-2.1/rev/d84a9950be67
changeset: 14193:d84a9950be67
user: Timo Sirainen <tss at iki.fi>
date: Sat Feb 25 05:42:05 2012 +0200
description:
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
diffstat:
src/auth/auth-request.c | 11 ++++++++++-
src/auth/auth-settings.c | 36 ++++++++++++++++++++++++++++++++++++
src/auth/auth-settings.h | 2 ++
src/config/settings-get.pl | 1 +
4 files changed, 49 insertions(+), 1 deletions(-)
diffs (118 lines):
diff -r 21c0ce019290 -r d84a9950be67 src/auth/auth-request.c
--- a/src/auth/auth-request.c Sat Feb 25 05:11:59 2012 +0200
+++ b/src/auth/auth-request.c Sat Feb 25 05:42:05 2012 +0200
@@ -1440,7 +1440,16 @@
auth_request_proxy_ip_is_self(struct auth_request *request,
const struct ip_addr *ip)
{
- return net_ip_compare(ip, &request->local_ip);
+ unsigned int i;
+
+ if (net_ip_compare(ip, &request->local_ip))
+ return TRUE;
+
+ for (i = 0; request->set->proxy_self_ips[i].family != 0; i++) {
+ if (net_ip_compare(ip, &request->set->proxy_self_ips[i]))
+ return TRUE;
+ }
+ return FALSE;
}
static void auth_request_proxy_finish_ip(struct auth_request *request)
diff -r 21c0ce019290 -r d84a9950be67 src/auth/auth-settings.c
--- a/src/auth/auth-settings.c Sat Feb 25 05:11:59 2012 +0200
+++ b/src/auth/auth-settings.c Sat Feb 25 05:42:05 2012 +0200
@@ -198,6 +198,7 @@
DEF(SET_STR, krb5_keytab),
DEF(SET_STR, gssapi_hostname),
DEF(SET_STR, winbind_helper_path),
+ DEF(SET_STR, proxy_self),
DEF(SET_TIME, failure_delay),
DEF(SET_UINT, first_valid_uid),
DEF(SET_UINT, last_valid_uid),
@@ -236,6 +237,7 @@
.krb5_keytab = "",
.gssapi_hostname = "",
.winbind_helper_path = "/usr/bin/ntlm_auth",
+ .proxy_self = "",
.failure_delay = 2,
.first_valid_uid = 500,
.last_valid_uid = 0,
@@ -271,6 +273,37 @@
};
/* <settings checks> */
+static bool
+auth_settings_set_self_ips(struct auth_settings *set, pool_t pool,
+ const char **error_r)
+{
+ const char *const *tmp;
+ ARRAY_DEFINE(ips_array, struct ip_addr);
+ struct ip_addr *ips;
+ unsigned int ips_count;
+ int ret;
+
+ if (*set->proxy_self == '\0') {
+ set->proxy_self_ips = p_new(pool, struct ip_addr, 1);
+ return TRUE;
+ }
+
+ p_array_init(&ips_array, pool, 4);
+ tmp = t_strsplit_spaces(set->proxy_self, " ");
+ for (; *tmp != NULL; tmp++) {
+ ret = net_gethostbyname(*tmp, &ips, &ips_count);
+ if (ret != 0) {
+ *error_r = t_strdup_printf("auth_proxy_self_ips: "
+ "gethostbyname(%s) failed: %s",
+ *tmp, net_gethosterror(ret));
+ }
+ array_append(&ips_array, ips, ips_count);
+ }
+ (void)array_append_space(&ips_array);
+ set->proxy_self_ips = array_idx(&ips_array, 0);
+ return TRUE;
+}
+
static bool auth_settings_check(void *_set, pool_t pool,
const char **error_r)
{
@@ -312,6 +345,9 @@
}
set->realms_arr =
(const char *const *)p_strsplit_spaces(pool, set->realms, " ");
+
+ if (!auth_settings_set_self_ips(set, pool, error_r))
+ return FALSE;
return TRUE;
}
diff -r 21c0ce019290 -r d84a9950be67 src/auth/auth-settings.h
--- a/src/auth/auth-settings.h Sat Feb 25 05:11:59 2012 +0200
+++ b/src/auth/auth-settings.h Sat Feb 25 05:42:05 2012 +0200
@@ -36,6 +36,7 @@
const char *krb5_keytab;
const char *gssapi_hostname;
const char *winbind_helper_path;
+ const char *proxy_self;
unsigned int failure_delay;
unsigned int first_valid_uid;
unsigned int last_valid_uid;
@@ -58,6 +59,7 @@
char username_chars_map[256];
char username_translation_map[256];
const char *const *realms_arr;
+ const struct ip_addr *proxy_self_ips;
};
extern const struct setting_parser_info auth_setting_parser_info;
diff -r 21c0ce019290 -r d84a9950be67 src/config/settings-get.pl
--- a/src/config/settings-get.pl Sat Feb 25 05:11:59 2012 +0200
+++ b/src/config/settings-get.pl Sat Feb 25 05:42:05 2012 +0200
@@ -8,6 +8,7 @@
print '#include "file-lock.h"'."\n";
print '#include "fsync-mode.h"'."\n";
print '#include "hash-format.h"'."\n";
+print '#include "network.h"'."\n";
print '#include "unichar.h"'."\n";
print '#include "settings-parser.h"'."\n";
print '#include "all-settings.h"'."\n";
More information about the dovecot-cvs
mailing list