Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/pop3-login/pop3-proxy.c @ 9634:ebc5dc47eb59 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
imap/pop3-login: Don't crash if passdb returns proxy field without host.
author Timo Sirainen <tss@iki.fi>
date Mon, 06 Dec 2010 06:04:54 +0000
parents 00cd9aacd03c
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
9532
00cd9aacd03c Updated copyright notices to include year 2010.
Timo Sirainen <tss@iki.fi>
parents: 9314
diff changeset
1 /* Copyright (c) 2004-2010 Dovecot authors, see the included COPYING file */
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
2
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
3 #include "common.h"
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
4 #include "ioloop.h"
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
5 #include "istream.h"
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
6 #include "ostream.h"
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
7 #include "base64.h"
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
8 #include "safe-memset.h"
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
9 #include "str.h"
7117
769181a20483 Make sure all user input is sanitized before it's logged.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
10 #include "str-sanitize.h"
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
11 #include "client.h"
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
12 #include "pop3-proxy.h"
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
13
9307
dfbcb8ead5ef login proxy: Changed the message to show to clients when proxying fails.
Timo Sirainen <tss@iki.fi>
parents: 9306
diff changeset
14 #define PROXY_FAILURE_MSG "-ERR [IN-USE] " \
9314
68c1d3ab515d login proxy: Changed again the "unavailable" error message.
Timo Sirainen <tss@iki.fi>
parents: 9307
diff changeset
15 "Account is temporarily unavailable."
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
16
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
17 static void proxy_free_password(struct pop3_client *client)
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
18 {
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
19 if (client->proxy_password == NULL)
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
20 return;
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
21
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
22 safe_memset(client->proxy_password, 0, strlen(client->proxy_password));
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
23 i_free_and_null(client->proxy_password);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
24 }
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
25
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
26 static void proxy_failed(struct pop3_client *client, bool send_line)
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
27 {
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
28 if (send_line)
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
29 client_send_line(client, PROXY_FAILURE_MSG);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
30
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
31 login_proxy_free(&client->proxy);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
32 proxy_free_password(client);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
33 i_free_and_null(client->proxy_user);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
34 i_free_and_null(client->proxy_master_user);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
35
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
36 /* call this last - it may destroy the client */
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
37 client_auth_failed(client, TRUE);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
38 }
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
39
8546
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
40 static void get_plain_auth(struct pop3_client *client, string_t *dest)
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
41 {
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
42 string_t *str;
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
43
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
44 str = t_str_new(128);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
45 str_append(str, client->proxy_user);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
46 str_append_c(str, '\0');
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
47 str_append(str, client->proxy_master_user);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
48 str_append_c(str, '\0');
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
49 str_append(str, client->proxy_password);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
50 base64_encode(str_data(str), str_len(str), dest);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
51 }
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
52
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
53 static void proxy_send_login(struct pop3_client *client, struct ostream *output)
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
54 {
2785
fc4b1ec1b3ef Use USER/PASS instad for AUTH PLAIN. Also don't require "+OK" to have
Timo Sirainen <tss@iki.fi>
parents: 2783
diff changeset
55 string_t *str;
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
56
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
57 str = t_str_new(128);
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
58 if (client->proxy_master_user == NULL) {
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
59 /* send USER command */
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
60 str_append(str, "USER ");
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
61 str_append(str, client->proxy_user);
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
62 str_append(str, "\r\n");
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
63 } else {
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
64 /* master user login - use AUTH PLAIN. */
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
65 str_append(str, "AUTH PLAIN\r\n");
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
66 }
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
67 (void)o_stream_send(output, str_data(str), str_len(str));
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
68 client->proxy_state = POP3_PROXY_LOGIN1;
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
69 }
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
70
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
71 static int proxy_input_line(struct pop3_client *client, const char *line)
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
72 {
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
73 struct ostream *output;
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
74 enum login_proxy_ssl_flags ssl_flags;
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
75 string_t *str;
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
76
5138
20302f49eda3 Don't crash if the remote server disconnects before we're logged in.
Timo Sirainen <tss@iki.fi>
parents: 5046
diff changeset
77 i_assert(!client->destroyed);
20302f49eda3 Don't crash if the remote server disconnects before we're logged in.
Timo Sirainen <tss@iki.fi>
parents: 5046
diff changeset
78
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
79 output = login_proxy_get_ostream(client->proxy);
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
80 switch (client->proxy_state) {
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
81 case POP3_PROXY_BANNER:
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
82 /* this is a banner */
2785
fc4b1ec1b3ef Use USER/PASS instad for AUTH PLAIN. Also don't require "+OK" to have
Timo Sirainen <tss@iki.fi>
parents: 2783
diff changeset
83 if (strncmp(line, "+OK", 3) != 0) {
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
84 client_syslog_err(&client->common, t_strdup_printf(
7117
769181a20483 Make sure all user input is sanitized before it's logged.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
85 "proxy: Remote returned invalid banner: %s",
769181a20483 Make sure all user input is sanitized before it's logged.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
86 str_sanitize(line, 160)));
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
87 proxy_failed(client, TRUE);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
88 return -1;
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
89 }
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
90
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
91 ssl_flags = login_proxy_get_ssl_flags(client->proxy);
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
92 if ((ssl_flags & PROXY_SSL_FLAG_STARTTLS) == 0) {
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
93 proxy_send_login(client, output);
8546
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
94 } else {
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
95 (void)o_stream_send_str(output, "STLS\r\n");
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
96 client->proxy_state = POP3_PROXY_STARTTLS;
8546
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
97 }
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
98 return 0;
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
99 case POP3_PROXY_STARTTLS:
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
100 if (strncmp(line, "+OK", 3) != 0) {
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
101 client_syslog_err(&client->common, t_strdup_printf(
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
102 "proxy: Remote STLS failed: %s",
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
103 str_sanitize(line, 160)));
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
104 proxy_failed(client, TRUE);
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
105 return -1;
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
106 }
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
107 if (login_proxy_starttls(client->proxy) < 0) {
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
108 proxy_failed(client, TRUE);
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
109 return -1;
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
110 }
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
111 /* i/ostreams changed. */
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
112 output = login_proxy_get_ostream(client->proxy);
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
113 proxy_send_login(client, output);
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
114 return 1;
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
115 case POP3_PROXY_LOGIN1:
8546
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
116 str = t_str_new(128);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
117 if (client->proxy_master_user == NULL) {
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
118 if (strncmp(line, "+OK", 3) != 0)
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
119 break;
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
120
8546
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
121 /* USER successful, send PASS */
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
122 str_append(str, "PASS ");
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
123 str_append(str, client->proxy_password);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
124 str_append(str, "\r\n");
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
125 } else {
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
126 if (*line != '+')
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
127 break;
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
128 /* AUTH successful, send the authentication data */
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
129 get_plain_auth(client, str);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
130 str_append(str, "\r\n");
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
131 }
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
132 (void)o_stream_send(output, str_data(str), str_len(str));
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
133 proxy_free_password(client);
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
134 client->proxy_state = POP3_PROXY_LOGIN2;
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
135 return 0;
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
136 case POP3_PROXY_LOGIN2:
2850
4e5b1a1494c5 Check that PASS replies with OK.
Timo Sirainen <tss@iki.fi>
parents: 2835
diff changeset
137 if (strncmp(line, "+OK", 3) != 0)
4e5b1a1494c5 Check that PASS replies with OK.
Timo Sirainen <tss@iki.fi>
parents: 2835
diff changeset
138 break;
4e5b1a1494c5 Check that PASS replies with OK.
Timo Sirainen <tss@iki.fi>
parents: 2835
diff changeset
139
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
140 /* Login successful. Send this line to client. */
7454
053ec63146cb Send the success reply in one write. Based on patch by Onno Molenkamp.
Timo Sirainen <tss@iki.fi>
parents: 7438
diff changeset
141 line = t_strconcat(line, "\r\n", NULL);
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
142 (void)o_stream_send_str(client->output, line);
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
143
8097
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
144 str = t_str_new(128);
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
145 str_printfa(str, "proxy(%s): started proxying to %s:%u",
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
146 client->common.virtual_user,
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
147 login_proxy_get_host(client->proxy),
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
148 login_proxy_get_port(client->proxy));
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
149 if (strcmp(client->common.virtual_user,
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
150 client->proxy_user) != 0) {
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
151 /* remote username is different, log it */
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
152 str_append_c(str, '/');
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
153 str_append(str, client->proxy_user);
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
154 }
8546
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
155 if (client->proxy_master_user != NULL) {
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
156 str_printfa(str, " (master %s)",
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
157 client->proxy_master_user);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
158 }
5046
f2cc68a3a198 Log the proxy destination host:port.
Timo Sirainen <tss@iki.fi>
parents: 4907
diff changeset
159
7927
2351a81ce699 If commands are pipelined after the login command, pass them to the
Timo Sirainen <tss@iki.fi>
parents: 7454
diff changeset
160 login_proxy_detach(client->proxy, client->common.input,
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
161 client->output);
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
162
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
163 client->proxy = NULL;
7927
2351a81ce699 If commands are pipelined after the login command, pass them to the
Timo Sirainen <tss@iki.fi>
parents: 7454
diff changeset
164 client->common.input = NULL;
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
165 client->output = NULL;
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
166 client->common.fd = -1;
8097
4d6cc7bb3426 Proxy: Log destuser in the "proxying" line if it's different from username.
Timo Sirainen <tss@iki.fi>
parents: 7927
diff changeset
167 client_destroy_success(client, str_c(str));
8775
98e1115cd8f0 pop3-login: Don't crash after successful login.
Timo Sirainen <tss@iki.fi>
parents: 8590
diff changeset
168 return 1;
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
169 }
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
170
8926
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
171 /* Login failed. Pass through the error message to client.
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
172
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
173 If the backend server isn't Dovecot, the error message may
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
174 be different from Dovecot's "user doesn't exist" error. This
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
175 would allow an attacker to find out what users exist in the
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
176 system.
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
177
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
178 The optimal way to handle this would be to replace the
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
179 backend's "password failed" error message with Dovecot's
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
180 AUTH_FAILED_MSG, but this would require a new setting and
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
181 the sysadmin to actually bother setting it properly.
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
182
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
183 So for now we'll just forward the error message. This
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
184 shouldn't be a real problem since of course everyone will
415089905616 imap-login: Use [resp-codes] to figure out when to replace remote's auth failed message with ours.
Timo Sirainen <tss@iki.fi>
parents: 8775
diff changeset
185 be using only Dovecot as their backend :) */
7216
56f8ac7a3a77 If proxy fails to log in to the backend server, forward the error message
Timo Sirainen <tss@iki.fi>
parents: 7117
diff changeset
186 if (strncmp(line, "-ERR ", 5) != 0)
56f8ac7a3a77 If proxy fails to log in to the backend server, forward the error message
Timo Sirainen <tss@iki.fi>
parents: 7117
diff changeset
187 client_send_line(client, "-ERR "AUTH_FAILED_MSG);
56f8ac7a3a77 If proxy fails to log in to the backend server, forward the error message
Timo Sirainen <tss@iki.fi>
parents: 7117
diff changeset
188 else
56f8ac7a3a77 If proxy fails to log in to the backend server, forward the error message
Timo Sirainen <tss@iki.fi>
parents: 7117
diff changeset
189 client_send_line(client, line);
2785
fc4b1ec1b3ef Use USER/PASS instad for AUTH PLAIN. Also don't require "+OK" to have
Timo Sirainen <tss@iki.fi>
parents: 2783
diff changeset
190
8123
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
191 if (verbose_auth) {
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
192 str = t_str_new(128);
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
193 str_printfa(str, "proxy(%s): Login failed to %s:%u",
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
194 client->common.virtual_user,
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
195 login_proxy_get_host(client->proxy),
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
196 login_proxy_get_port(client->proxy));
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
197 if (strcmp(client->common.virtual_user,
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
198 client->proxy_user) != 0) {
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
199 /* remote username is different, log it */
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
200 str_append_c(str, '/');
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
201 str_append(str, client->proxy_user);
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
202 }
8546
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
203 if (client->proxy_master_user != NULL) {
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
204 str_printfa(str, " (master %s)",
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
205 client->proxy_master_user);
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
206 }
8123
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
207 str_append(str, ": ");
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
208 if (strncmp(line, "-ERR ", 5) == 0)
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
209 str_append(str, line + 5);
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
210 else
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
211 str_append(str, line);
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
212 i_info("%s", str_c(str));
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
213 }
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
214 proxy_failed(client, FALSE);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
215 return -1;
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
216 }
8123
26b67708b365 imap/pop3-proxy: If auth_verbose=yes, log proxy login failures.
Timo Sirainen <tss@iki.fi>
parents: 8097
diff changeset
217
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
218 static void proxy_input(struct pop3_client *client)
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
219 {
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
220 struct istream *input;
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
221 const char *line;
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
222
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
223 if (client->proxy == NULL) {
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
224 /* we're just freeing the proxy */
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
225 return;
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
226 }
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
227
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
228 input = login_proxy_get_istream(client->proxy);
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
229 if (input == NULL) {
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
230 if (client->destroyed) {
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
231 /* we came here from client_destroy() */
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
232 return;
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
233 }
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
234
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
235 /* failed for some reason, probably server disconnected */
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
236 proxy_failed(client, TRUE);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
237 return;
2835
39c315e7697d Keep proxy_user stored until proxy is destroyed.
Timo Sirainen <tss@iki.fi>
parents: 2786
diff changeset
238 }
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
239
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
240 i_assert(!client->destroyed);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
241
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
242 switch (i_stream_read(input)) {
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
243 case -2:
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
244 client_syslog_err(&client->common,
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
245 "proxy: Remote input buffer full");
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
246 proxy_failed(client, TRUE);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
247 return;
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
248 case -1:
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
249 client_syslog_err(&client->common,
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
250 "proxy: Remote disconnected");
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
251 proxy_failed(client, TRUE);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
252 return;
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
253 }
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
254
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
255 while ((line = i_stream_next_line(input)) != NULL) {
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
256 if (proxy_input_line(client, line) != 0)
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
257 break;
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
258 }
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
259 }
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
260
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
261 int pop3_proxy_new(struct pop3_client *client, const char *host,
8546
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
262 unsigned int port, const char *user, const char *master_user,
9306
e3ccd235a7e5 login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents: 8985
diff changeset
263 const char *password, enum login_proxy_ssl_flags ssl_flags,
e3ccd235a7e5 login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents: 8985
diff changeset
264 unsigned int connect_timeout_msecs)
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
265 {
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
266 i_assert(user != NULL);
4770
88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH
Timo Sirainen <tss@iki.fi>
parents: 4669
diff changeset
267 i_assert(!client->destroyed);
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
268
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
269 if (password == NULL) {
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
270 client_syslog_err(&client->common, "proxy: password not given");
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
271 client_send_line(client, PROXY_FAILURE_MSG);
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
272 return -1;
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
273 }
9634
ebc5dc47eb59 imap/pop3-login: Don't crash if passdb returns proxy field without host.
Timo Sirainen <tss@iki.fi>
parents: 9532
diff changeset
274 if (host == NULL || *host == '\0') {
ebc5dc47eb59 imap/pop3-login: Don't crash if passdb returns proxy field without host.
Timo Sirainen <tss@iki.fi>
parents: 9532
diff changeset
275 client_syslog_err(&client->common, "proxy: host not given");
ebc5dc47eb59 imap/pop3-login: Don't crash if passdb returns proxy field without host.
Timo Sirainen <tss@iki.fi>
parents: 9532
diff changeset
276 client_send_line(client, PROXY_FAILURE_MSG);
ebc5dc47eb59 imap/pop3-login: Don't crash if passdb returns proxy field without host.
Timo Sirainen <tss@iki.fi>
parents: 9532
diff changeset
277 return -1;
ebc5dc47eb59 imap/pop3-login: Don't crash if passdb returns proxy field without host.
Timo Sirainen <tss@iki.fi>
parents: 9532
diff changeset
278 }
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
279
4560
507088c0d511 Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents: 3879
diff changeset
280 i_assert(client->refcount > 1);
507088c0d511 Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents: 3879
diff changeset
281 connection_queue_add(1);
507088c0d511 Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents: 3879
diff changeset
282
4770
88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH
Timo Sirainen <tss@iki.fi>
parents: 4669
diff changeset
283 if (client->destroyed) {
88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH
Timo Sirainen <tss@iki.fi>
parents: 4669
diff changeset
284 /* connection_queue_add() decided that we were the oldest
88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH
Timo Sirainen <tss@iki.fi>
parents: 4669
diff changeset
285 connection and killed us. */
88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH
Timo Sirainen <tss@iki.fi>
parents: 4669
diff changeset
286 return -1;
88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH
Timo Sirainen <tss@iki.fi>
parents: 4669
diff changeset
287 }
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
288 if (login_proxy_is_ourself(&client->common, host, port, user)) {
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
289 client_syslog_err(&client->common, "Proxying loops to itself");
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
290 client_send_line(client, PROXY_FAILURE_MSG);
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
291 return -1;
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
292 }
4770
88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH
Timo Sirainen <tss@iki.fi>
parents: 4669
diff changeset
293
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
294 client->proxy = login_proxy_new(&client->common, host, port, ssl_flags,
9306
e3ccd235a7e5 login proxy: Added client_proxy passdb extra field to specify proxy's connect timeout.
Timo Sirainen <tss@iki.fi>
parents: 8985
diff changeset
295 connect_timeout_msecs,
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
296 proxy_input, client);
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
297 if (client->proxy == NULL) {
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
298 client_send_line(client, PROXY_FAILURE_MSG);
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
299 return -1;
8583
2ff2cac3578b imap/pop3-login: Cleaned up proxying code. Don't disconnect client on proxy failures.
Timo Sirainen <tss@iki.fi>
parents: 8546
diff changeset
300 }
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
301
8985
f43bebab3dac imap/pop3 proxy: Support SSL/TLS connections to remote servers.
Timo Sirainen <tss@iki.fi>
parents: 8926
diff changeset
302 client->proxy_state = POP3_PROXY_BANNER;
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
303 client->proxy_user = i_strdup(user);
8546
50f49805b13b imap/pop3 proxy: Support master user logins.
Timo Sirainen <tss@iki.fi>
parents: 8123
diff changeset
304 client->proxy_master_user = i_strdup(master_user);
2773
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
305 client->proxy_password = i_strdup(password);
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
306
e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just
Timo Sirainen <tss@iki.fi>
parents: 2768
diff changeset
307 /* disable input until authentication is finished */
3879
928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents: 3082
diff changeset
308 if (client->io != NULL)
928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents: 3082
diff changeset
309 io_remove(&client->io);
2768
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
310 return 0;
d344be0bb70f Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
311 }