Mercurial > dovecot > core-2.2

changeset 21500:0e1b477141bc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fts-solr: Allow username/password for solr connction Solr comes open to the world by default. For better security, we protect our solr installs with a user and password. This change allows dovecot to connect to these instances. Example usage in a fts.conf (permissions 0600) fts_solr = url=http://nick:pass@127.0.0.1:8983/solr/dovecot/
author J. Nick Koston <nick@cpanel.net>
date Sun, 22 Jan 2017 17:24:02 -0600
parents b3aa71d6fd25
children 87637564667f
files src/plugins/fts-solr/solr-connection.c
diffstat 1 files changed, 17 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/plugins/fts-solr/solr-connection.c	Wed Feb 08 23:01:32 2017 +0200
+++ b/src/plugins/fts-solr/solr-connection.c	Sun Jan 22 17:24:02 2017 -0600
@@ -62,6 +62,8 @@
 	in_port_t http_port;
 	char *http_base_url;
 	char *http_failure;
+	char *http_user;
+	char *http_password;
 
 	int request_status;
 
@@ -107,7 +109,7 @@
 	struct http_url *http_url;
 	const char *error;
 
-	if (http_url_parse(url, NULL, 0, pool_datastack_create(),
+	if (http_url_parse(url, NULL, HTTP_URL_ALLOW_USERINFO_PART, pool_datastack_create(),
 			   &http_url, &error) < 0) {
 		*error_r = t_strdup_printf(
 			"fts_solr: Failed to parse HTTP url: %s", error);
@@ -119,6 +121,12 @@
 	conn->http_port = http_url->port;
 	conn->http_base_url = i_strconcat(http_url->path, http_url->enc_query, NULL);
 	conn->http_ssl = http_url->have_ssl;
+	if (http_url->user != NULL) {
+		conn->http_user = i_strdup(http_url->user);
+		/* allow empty password */
+		conn->http_password = i_strdup(http_url->password != NULL ? http_url->password : "");
+	}
+
 	conn->debug = debug;
 
 	if (solr_http_client == NULL) {
@@ -151,6 +159,8 @@
 	XML_ParserFree(conn->xml_parser);
 	i_free(conn->http_host);
 	i_free(conn->http_base_url);
+	i_free(conn->http_user);
+	i_free(conn->http_password);
 	i_free(conn);
 }
 
@@ -444,6 +454,9 @@
 	http_req = http_client_request(solr_http_client, "GET",
 				       conn->http_host, url,
 				       solr_connection_select_response, conn);
+	if (conn->http_user != NULL) {
+		http_client_request_set_auth_simple(http_req, conn->http_user, conn->http_password);
+	}
 	http_client_request_set_port(http_req, conn->http_port);
 	http_client_request_set_ssl(http_req, conn->http_ssl);
 	http_client_request_submit(http_req);
@@ -485,6 +498,9 @@
 	http_req = http_client_request(solr_http_client, "POST",
 				       conn->http_host, url,
 				       solr_connection_update_response, conn);
+	if (conn->http_user != NULL) {
+		http_client_request_set_auth_simple(http_req, conn->http_user, conn->http_password);
+	}
 	http_client_request_set_port(http_req, conn->http_port);
 	http_client_request_set_ssl(http_req, conn->http_ssl);
 	http_client_request_add_header(http_req, "Content-Type", "text/xml");