Mercurial > dovecot > core-2.2
changeset 17503:75d254897442
login proxy: If passdb returns "source_ip" extra field, use it for outgoing connections.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 16 Jun 2014 19:21:36 +0300 |
parents | 6abf982c268d |
children | b6733f4777f1 |
files | src/login-common/client-common-auth.c src/login-common/client-common.h src/login-common/login-proxy.c src/login-common/login-proxy.h |
diffstat | 4 files changed, 16 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/login-common/client-common-auth.c Mon Jun 16 18:01:58 2014 +0300 +++ b/src/login-common/client-common-auth.c Mon Jun 16 19:21:36 2014 +0300 @@ -95,6 +95,8 @@ reply_r->host = value; else if (strcmp(key, "hostip") == 0) reply_r->hostip = value; + else if (strcmp(key, "source_ip") == 0) + reply_r->source_ip = value; else if (strcmp(key, "port") == 0) reply_r->port = atoi(value); else if (strcmp(key, "destuser") == 0) @@ -336,6 +338,9 @@ if (reply->hostip != NULL && net_addr2ip(reply->hostip, &proxy_set.ip) < 0) proxy_set.ip.family = 0; + if (reply->source_ip != NULL && + net_addr2ip(reply->source_ip, &proxy_set.source_ip) < 0) + proxy_set.source_ip.family = 0; proxy_set.port = reply->port; proxy_set.connect_timeout_msecs = reply->proxy_timeout_msecs; if (proxy_set.connect_timeout_msecs == 0)
--- a/src/login-common/client-common.h Mon Jun 16 18:01:58 2014 +0300 +++ b/src/login-common/client-common.h Mon Jun 16 19:21:36 2014 +0300 @@ -55,7 +55,8 @@ struct client_auth_reply { const char *master_user, *reason; /* for proxying */ - const char *host, *hostip, *destuser, *password, *proxy_mech; + const char *host, *hostip, *source_ip; + const char *destuser, *password, *proxy_mech; unsigned int port; unsigned int proxy_timeout_msecs; unsigned int proxy_refresh_secs;
--- a/src/login-common/login-proxy.c Mon Jun 16 18:01:58 2014 +0300 +++ b/src/login-common/login-proxy.c Mon Jun 16 19:21:36 2014 +0300 @@ -39,7 +39,7 @@ struct timeout *to, *to_notify; struct login_proxy_record *state_rec; - struct ip_addr ip; + struct ip_addr ip, source_ip; char *host; unsigned int port; unsigned int connect_timeout_msecs; @@ -229,6 +229,9 @@ net_getsockname(proxy->server_fd, &local_ip, &local_port) == 0) { str_printfa(str, ", local=%s:%u", net_ip2addr(&local_ip), local_port); + } else if (proxy->source_ip.family != 0) { + str_printfa(str, ", local=%s", + net_ip2addr(&proxy->source_ip)); } str_append_c(str, ')'); @@ -285,7 +288,9 @@ return -1; } - proxy->server_fd = net_connect_ip(&proxy->ip, proxy->port, NULL); + proxy->server_fd = net_connect_ip(&proxy->ip, proxy->port, + proxy->source_ip.family == 0 ? NULL : + &proxy->source_ip); if (proxy->server_fd == -1) { proxy_log_connect_error(proxy); login_proxy_free(&proxy); @@ -328,6 +333,7 @@ proxy->server_fd = -1; proxy->created = ioloop_timeval; proxy->ip = set->ip; + proxy->source_ip = set->source_ip; proxy->host = i_strdup(set->host); proxy->port = set->port; proxy->connect_timeout_msecs = set->connect_timeout_msecs;
--- a/src/login-common/login-proxy.h Mon Jun 16 18:01:58 2014 +0300 +++ b/src/login-common/login-proxy.h Mon Jun 16 19:21:36 2014 +0300 @@ -24,7 +24,7 @@ struct login_proxy_settings { const char *host; - struct ip_addr ip; + struct ip_addr ip, source_ip; unsigned int port; unsigned int connect_timeout_msecs; /* send a notification about proxy connection to proxy-notify pipe