Mercurial > dovecot > core-2.2

changeset 17503:75d254897442

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
login proxy: If passdb returns "source_ip" extra field, use it for outgoing connections.
author Timo Sirainen <tss@iki.fi>
date Mon, 16 Jun 2014 19:21:36 +0300
parents 6abf982c268d
children b6733f4777f1
files src/login-common/client-common-auth.c src/login-common/client-common.h src/login-common/login-proxy.c src/login-common/login-proxy.h
diffstat 4 files changed, 16 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/src/login-common/client-common-auth.c	Mon Jun 16 18:01:58 2014 +0300
+++ b/src/login-common/client-common-auth.c	Mon Jun 16 19:21:36 2014 +0300
@@ -95,6 +95,8 @@
 			reply_r->host = value;
 		else if (strcmp(key, "hostip") == 0)
 			reply_r->hostip = value;
+		else if (strcmp(key, "source_ip") == 0)
+			reply_r->source_ip = value;
 		else if (strcmp(key, "port") == 0)
 			reply_r->port = atoi(value);
 		else if (strcmp(key, "destuser") == 0)
@@ -336,6 +338,9 @@
 	if (reply->hostip != NULL &&
 	    net_addr2ip(reply->hostip, &proxy_set.ip) < 0)
 		proxy_set.ip.family = 0;
+	if (reply->source_ip != NULL &&
+	    net_addr2ip(reply->source_ip, &proxy_set.source_ip) < 0)
+		proxy_set.source_ip.family = 0;
 	proxy_set.port = reply->port;
 	proxy_set.connect_timeout_msecs = reply->proxy_timeout_msecs;
 	if (proxy_set.connect_timeout_msecs == 0)
--- a/src/login-common/client-common.h	Mon Jun 16 18:01:58 2014 +0300
+++ b/src/login-common/client-common.h	Mon Jun 16 19:21:36 2014 +0300
@@ -55,7 +55,8 @@
 struct client_auth_reply {
 	const char *master_user, *reason;
 	/* for proxying */
-	const char *host, *hostip, *destuser, *password, *proxy_mech;
+	const char *host, *hostip, *source_ip;
+	const char *destuser, *password, *proxy_mech;
 	unsigned int port;
 	unsigned int proxy_timeout_msecs;
 	unsigned int proxy_refresh_secs;
--- a/src/login-common/login-proxy.c	Mon Jun 16 18:01:58 2014 +0300
+++ b/src/login-common/login-proxy.c	Mon Jun 16 19:21:36 2014 +0300
@@ -39,7 +39,7 @@
 	struct timeout *to, *to_notify;
 	struct login_proxy_record *state_rec;
 
-	struct ip_addr ip;
+	struct ip_addr ip, source_ip;
 	char *host;
 	unsigned int port;
 	unsigned int connect_timeout_msecs;
@@ -229,6 +229,9 @@
 	    net_getsockname(proxy->server_fd, &local_ip, &local_port) == 0) {
 		str_printfa(str, ", local=%s:%u",
 			    net_ip2addr(&local_ip), local_port);
+	} else if (proxy->source_ip.family != 0) {
+		str_printfa(str, ", local=%s",
+			    net_ip2addr(&proxy->source_ip));
 	}
 
 	str_append_c(str, ')');
@@ -285,7 +288,9 @@
 		return -1;
 	}
 
-	proxy->server_fd = net_connect_ip(&proxy->ip, proxy->port, NULL);
+	proxy->server_fd = net_connect_ip(&proxy->ip, proxy->port,
+					  proxy->source_ip.family == 0 ? NULL :
+					  &proxy->source_ip);
 	if (proxy->server_fd == -1) {
 		proxy_log_connect_error(proxy);
 		login_proxy_free(&proxy);
@@ -328,6 +333,7 @@
 	proxy->server_fd = -1;
 	proxy->created = ioloop_timeval;
 	proxy->ip = set->ip;
+	proxy->source_ip = set->source_ip;
 	proxy->host = i_strdup(set->host);
 	proxy->port = set->port;
 	proxy->connect_timeout_msecs = set->connect_timeout_msecs;
--- a/src/login-common/login-proxy.h	Mon Jun 16 18:01:58 2014 +0300
+++ b/src/login-common/login-proxy.h	Mon Jun 16 19:21:36 2014 +0300
@@ -24,7 +24,7 @@
 
 struct login_proxy_settings {
 	const char *host;
-	struct ip_addr ip;
+	struct ip_addr ip, source_ip;
 	unsigned int port;
 	unsigned int connect_timeout_msecs;
 	/* send a notification about proxy connection to proxy-notify pipe