Mercurial > dovecot > core-2.2
annotate src/login-common/login-proxy.h @ 14162:ba06ea38c722
imap/pop3/lmtp proxy: Implemented detection of proxy loops with TTL.
If proxying tries to continue after 5 forward connections, it fails. The
limit of 5 is hard coded currently.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 25 Feb 2012 06:54:52 +0200 |
parents | da36d22ab37a |
children | fbb1ecb9b888 |
rev | line source |
---|---|
6410
e4eb71ae8e96
Changed .h ifdef/defines to use <NAME>_H format.
Timo Sirainen <tss@iki.fi>
parents:
5048
diff
changeset
|
1 #ifndef LOGIN_PROXY_H |
e4eb71ae8e96
Changed .h ifdef/defines to use <NAME>_H format.
Timo Sirainen <tss@iki.fi>
parents:
5048
diff
changeset
|
2 #define LOGIN_PROXY_H |
2768
d344be0bb70f
Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 |
14162
ba06ea38c722
imap/pop3/lmtp proxy: Implemented detection of proxy loops with TTL.
Timo Sirainen <tss@iki.fi>
parents:
14157
diff
changeset
|
4 /* Max. number of embedded proxying connections until proxying fails. |
ba06ea38c722
imap/pop3/lmtp proxy: Implemented detection of proxy loops with TTL.
Timo Sirainen <tss@iki.fi>
parents:
14157
diff
changeset
|
5 This is intended to avoid an accidental configuration where two proxies |
ba06ea38c722
imap/pop3/lmtp proxy: Implemented detection of proxy loops with TTL.
Timo Sirainen <tss@iki.fi>
parents:
14157
diff
changeset
|
6 keep connecting to each others, both thinking the other one is supposed to |
ba06ea38c722
imap/pop3/lmtp proxy: Implemented detection of proxy loops with TTL.
Timo Sirainen <tss@iki.fi>
parents:
14157
diff
changeset
|
7 handle the user. This only works if both proxies support the Dovecot |
ba06ea38c722
imap/pop3/lmtp proxy: Implemented detection of proxy loops with TTL.
Timo Sirainen <tss@iki.fi>
parents:
14157
diff
changeset
|
8 TTL extension feature. */ |
ba06ea38c722
imap/pop3/lmtp proxy: Implemented detection of proxy loops with TTL.
Timo Sirainen <tss@iki.fi>
parents:
14157
diff
changeset
|
9 #define LOGIN_PROXY_TTL 5 |
ba06ea38c722
imap/pop3/lmtp proxy: Implemented detection of proxy loops with TTL.
Timo Sirainen <tss@iki.fi>
parents:
14157
diff
changeset
|
10 |
9756
e30495ae11de
*-login: Moved most of the common code to login-common.
Timo Sirainen <tss@iki.fi>
parents:
9165
diff
changeset
|
11 struct client; |
2773
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
12 struct login_proxy; |
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
13 |
9165
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
14 enum login_proxy_ssl_flags { |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
15 /* Use SSL/TLS enabled */ |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
16 PROXY_SSL_FLAG_YES = 0x01, |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
17 /* Don't do SSL handshake immediately after connected */ |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
18 PROXY_SSL_FLAG_STARTTLS = 0x02, |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
19 /* Don't require that the received certificate is valid */ |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
20 PROXY_SSL_FLAG_ANY_CERT = 0x04 |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
21 }; |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
22 |
9773
8e099a00f8a9
login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents:
9756
diff
changeset
|
23 struct login_proxy_settings { |
8e099a00f8a9
login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents:
9756
diff
changeset
|
24 const char *host; |
8e099a00f8a9
login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents:
9756
diff
changeset
|
25 unsigned int port; |
8e099a00f8a9
login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents:
9756
diff
changeset
|
26 unsigned int connect_timeout_msecs; |
11324
c872378a8de6
login proxy: If passdb returns proxy_refresh=<secs>, send username to proxy-notify fifo every n secs.
Timo Sirainen <tss@iki.fi>
parents:
10616
diff
changeset
|
27 /* send a notification about proxy connection to proxy-notify pipe |
c872378a8de6
login proxy: If passdb returns proxy_refresh=<secs>, send username to proxy-notify fifo every n secs.
Timo Sirainen <tss@iki.fi>
parents:
10616
diff
changeset
|
28 every n seconds */ |
c872378a8de6
login proxy: If passdb returns proxy_refresh=<secs>, send username to proxy-notify fifo every n secs.
Timo Sirainen <tss@iki.fi>
parents:
10616
diff
changeset
|
29 unsigned int notify_refresh_secs; |
9773
8e099a00f8a9
login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents:
9756
diff
changeset
|
30 enum login_proxy_ssl_flags ssl_flags; |
8e099a00f8a9
login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents:
9756
diff
changeset
|
31 }; |
8e099a00f8a9
login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents:
9756
diff
changeset
|
32 |
2773
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
33 /* Called when new input comes from proxy. */ |
10612
6b3dc91ae0c5
login: Proxy code API cleanup.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
34 typedef void proxy_callback_t(struct client *client); |
2773
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
35 |
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
36 /* Create a proxy to given host. Returns NULL if failed. Given callback is |
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
37 called when new input is available from proxy. */ |
10612
6b3dc91ae0c5
login: Proxy code API cleanup.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
38 int login_proxy_new(struct client *client, |
6b3dc91ae0c5
login: Proxy code API cleanup.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
39 const struct login_proxy_settings *set, |
10616
23956a9b915b
login: Proxying supports now doing DNS lookups for host names.
Timo Sirainen <tss@iki.fi>
parents:
10612
diff
changeset
|
40 proxy_callback_t *callback); |
2773
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
41 /* Free the proxy. This should be called if authentication fails. */ |
8583
2ff2cac3578b
imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents:
7912
diff
changeset
|
42 void login_proxy_free(struct login_proxy **proxy); |
2773
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
43 |
6472
6afb29dc9273
If proxy points to the same host/port/user combination as we currently have,
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
44 /* Return TRUE if host/port/destuser combination points to same as current |
6afb29dc9273
If proxy points to the same host/port/user combination as we currently have,
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
45 connection. */ |
7912
81806d402514
Added more consts, ATTR_CONSTs and ATTR_PUREs.
Timo Sirainen <tss@iki.fi>
parents:
6472
diff
changeset
|
46 bool login_proxy_is_ourself(const struct client *client, const char *host, |
6472
6afb29dc9273
If proxy points to the same host/port/user combination as we currently have,
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
47 unsigned int port, const char *destuser); |
6afb29dc9273
If proxy points to the same host/port/user combination as we currently have,
Timo Sirainen <tss@iki.fi>
parents:
6410
diff
changeset
|
48 |
2773
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
49 /* Detach proxy from client. This is done after the authentication is |
e624a9ad6a30
More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents:
2768
diff
changeset
|
50 successful and all that is left is the dummy proxying. */ |
9929
d60fa42fbaac
*-login: Fixes to SSL/login proxy connection counting.
Timo Sirainen <tss@iki.fi>
parents:
9774
diff
changeset
|
51 void login_proxy_detach(struct login_proxy *proxy); |
2768
d344be0bb70f
Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
52 |
9165
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
53 /* STARTTLS command was issued. */ |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
54 int login_proxy_starttls(struct login_proxy *proxy); |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
55 |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
56 struct istream *login_proxy_get_istream(struct login_proxy *proxy); |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
57 struct ostream *login_proxy_get_ostream(struct login_proxy *proxy); |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
58 |
7912
81806d402514
Added more consts, ATTR_CONSTs and ATTR_PUREs.
Timo Sirainen <tss@iki.fi>
parents:
6472
diff
changeset
|
59 const char *login_proxy_get_host(const struct login_proxy *proxy) ATTR_PURE; |
81806d402514
Added more consts, ATTR_CONSTs and ATTR_PUREs.
Timo Sirainen <tss@iki.fi>
parents:
6472
diff
changeset
|
60 unsigned int login_proxy_get_port(const struct login_proxy *proxy) ATTR_PURE; |
9165
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
61 enum login_proxy_ssl_flags |
96678e83eab6
imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
62 login_proxy_get_ssl_flags(const struct login_proxy *proxy) ATTR_PURE; |
5048
5c0a5cf4626d
Forgot to commit for the "log proxy destination" change.
Timo Sirainen <tss@iki.fi>
parents:
4906
diff
changeset
|
63 |
10171
7f0ccd367351
Handle shutdown_clients globally for all services.
Timo Sirainen <tss@iki.fi>
parents:
9929
diff
changeset
|
64 void login_proxy_kill_idle(void); |
7f0ccd367351
Handle shutdown_clients globally for all services.
Timo Sirainen <tss@iki.fi>
parents:
9929
diff
changeset
|
65 |
11324
c872378a8de6
login proxy: If passdb returns proxy_refresh=<secs>, send username to proxy-notify fifo every n secs.
Timo Sirainen <tss@iki.fi>
parents:
10616
diff
changeset
|
66 void login_proxy_init(const char *proxy_notify_pipe_path); |
2768
d344be0bb70f
Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
67 void login_proxy_deinit(void); |
d344be0bb70f
Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
68 |
d344be0bb70f
Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
69 #endif |