Mercurial > dovecot > core-2.2
changeset 21500:0e1b477141bc
fts-solr: Allow username/password for solr connction
Solr comes open to the world by default. For better
security, we protect our solr installs with a user
and password. This change allows dovecot to connect
to these instances.
Example usage in a fts.conf (permissions 0600)
fts_solr = url=http://nick:pass@127.0.0.1:8983/solr/dovecot/
author | J. Nick Koston <nick@cpanel.net> |
---|---|
date | Sun, 22 Jan 2017 17:24:02 -0600 |
parents | b3aa71d6fd25 |
children | 87637564667f |
files | src/plugins/fts-solr/solr-connection.c |
diffstat | 1 files changed, 17 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/plugins/fts-solr/solr-connection.c Wed Feb 08 23:01:32 2017 +0200 +++ b/src/plugins/fts-solr/solr-connection.c Sun Jan 22 17:24:02 2017 -0600 @@ -62,6 +62,8 @@ in_port_t http_port; char *http_base_url; char *http_failure; + char *http_user; + char *http_password; int request_status; @@ -107,7 +109,7 @@ struct http_url *http_url; const char *error; - if (http_url_parse(url, NULL, 0, pool_datastack_create(), + if (http_url_parse(url, NULL, HTTP_URL_ALLOW_USERINFO_PART, pool_datastack_create(), &http_url, &error) < 0) { *error_r = t_strdup_printf( "fts_solr: Failed to parse HTTP url: %s", error); @@ -119,6 +121,12 @@ conn->http_port = http_url->port; conn->http_base_url = i_strconcat(http_url->path, http_url->enc_query, NULL); conn->http_ssl = http_url->have_ssl; + if (http_url->user != NULL) { + conn->http_user = i_strdup(http_url->user); + /* allow empty password */ + conn->http_password = i_strdup(http_url->password != NULL ? http_url->password : ""); + } + conn->debug = debug; if (solr_http_client == NULL) { @@ -151,6 +159,8 @@ XML_ParserFree(conn->xml_parser); i_free(conn->http_host); i_free(conn->http_base_url); + i_free(conn->http_user); + i_free(conn->http_password); i_free(conn); } @@ -444,6 +454,9 @@ http_req = http_client_request(solr_http_client, "GET", conn->http_host, url, solr_connection_select_response, conn); + if (conn->http_user != NULL) { + http_client_request_set_auth_simple(http_req, conn->http_user, conn->http_password); + } http_client_request_set_port(http_req, conn->http_port); http_client_request_set_ssl(http_req, conn->http_ssl); http_client_request_submit(http_req); @@ -485,6 +498,9 @@ http_req = http_client_request(solr_http_client, "POST", conn->http_host, url, solr_connection_update_response, conn); + if (conn->http_user != NULL) { + http_client_request_set_auth_simple(http_req, conn->http_user, conn->http_password); + } http_client_request_set_port(http_req, conn->http_port); http_client_request_set_ssl(http_req, conn->http_ssl); http_client_request_add_header(http_req, "Content-Type", "text/xml");