Mercurial > dovecot > original-hg > dovecot-1.2
changeset 5857:123748453011 HEAD
Changed mail_max_user_connections to mail_max_userip_connections.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 02 Jul 2007 17:52:05 +0300 |
parents | 93c00bc7dfea |
children | 7a71ede9334b |
files | dovecot-example.conf src/master/mail-process.c src/master/master-settings-defs.c src/master/master-settings.c src/master/master-settings.h |
diffstat | 5 files changed, 29 insertions(+), 18 deletions(-) [+] |
line wrap: on
line diff
--- a/dovecot-example.conf Mon Jul 02 17:35:31 2007 +0300 +++ b/dovecot-example.conf Mon Jul 02 17:52:05 2007 +0300 @@ -334,13 +334,6 @@ # new users aren't allowed to log in. #max_mail_processes = 1024 -# Maximum number of connections allowed for a user. The limits are enforced -# separately for IMAP and POP3 connections, so you can move this setting -# inside protocol {} to have separate settings for them. NOTE: The user names -# are compared case-sensitively, so make sure your userdb returns usernames -# always using the same casing so users can't bypass this limit! -#mail_max_user_connections = 10 - # Set max. process size in megabytes. Most of the memory goes to mmap()ing # files, so it shouldn't harm much even if this limit is set pretty high. #mail_process_size = 256 @@ -530,6 +523,10 @@ # "Too long argument" or "IMAP command line too large" errors often. #imap_max_line_length = 65536 + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared compared case-sensitively. + #mail_max_userip_connections = 10 + # Support for dynamically loadable plugins. mail_plugins is a space separated # list of plugins to load. #mail_plugins = @@ -637,6 +634,10 @@ # %s - mailbox size in bytes (before deletion) #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + # Maximum number of IMAP connections allowed for a user from each IP address. + # NOTE: The username is compared compared case-sensitively. + #mail_max_userip_connections = 3 + # Support for dynamically loadable plugins. mail_plugins is a space separated # list of plugins to load. #mail_plugins =
--- a/src/master/mail-process.c Mon Jul 02 17:35:31 2007 +0300 +++ b/src/master/mail-process.c Mon Jul 02 17:52:05 2007 +0300 @@ -34,9 +34,10 @@ #define CHDIR_WARN_SECS 10 struct mail_process_group { - /* process.type / user identifies this process group */ + /* process.type + user + remote_ip identifies this process group */ struct child_process process; char *user; + struct ip_addr remote_ip; /* processes array acts also as refcount */ ARRAY_DEFINE(processes, pid_t); @@ -50,7 +51,8 @@ { const struct mail_process_group *group = p; - return str_hash(group->user) ^ group->process.type; + return str_hash(group->user) ^ group->process.type ^ + net_ip_hash(&group->remote_ip); } static int mail_process_group_cmp(const void *p1, const void *p2) @@ -61,28 +63,34 @@ ret = strcmp(group1->user, group2->user); if (ret == 0) ret = group1->process.type - group2->process.type; + if (ret == 0 && !net_ip_compare(&group1->remote_ip, &group2->remote_ip)) + ret = -1; return ret; } static struct mail_process_group * -mail_process_group_lookup(enum process_type type, const char *user) +mail_process_group_lookup(enum process_type type, const char *user, + const struct ip_addr *ip) { struct mail_process_group lookup_group; lookup_group.process.type = type; lookup_group.user = t_strdup_noconst(user); + lookup_group.remote_ip = *ip; return hash_lookup(mail_process_groups, &lookup_group); } static struct mail_process_group * -mail_process_group_create(enum process_type type, const char *user) +mail_process_group_create(enum process_type type, const char *user, + const struct ip_addr *ip) { struct mail_process_group *group; group = i_new(struct mail_process_group, 1); group->process.type = type; group->user = i_strdup(user); + group->remote_ip = *ip; i_array_init(&group->processes, 10); hash_insert(mail_process_groups, group, group); @@ -521,11 +529,12 @@ } /* check process limit for this user */ - process_group = mail_process_group_lookup(process_type, user); + process_group = mail_process_group_lookup(process_type, user, + remote_ip); process_count = process_group == NULL ? 0 : array_count(&process_group->processes); - if (process_count >= set->mail_max_user_connections && - set->mail_max_user_connections != 0) + if (process_count >= set->mail_max_userip_connections && + set->mail_max_userip_connections != 0) return MASTER_LOGIN_STATUS_MAX_CONNECTIONS; t_array_init(&extra_args, 16); @@ -638,7 +647,8 @@ log_set_prefix(log, str_c(str)); if (process_group == NULL) { process_group = mail_process_group_create(process_type, - user); + user, + remote_ip); } mail_process_group_add(process_group, pid); (void)close(log_fd);
--- a/src/master/master-settings-defs.c Mon Jul 02 17:35:31 2007 +0300 +++ b/src/master/master-settings-defs.c Mon Jul 02 17:52:05 2007 +0300 @@ -55,7 +55,7 @@ DEF_STR(valid_chroot_dirs), DEF_STR(mail_chroot), DEF_INT(max_mail_processes), - DEF_INT(mail_max_user_connections), + DEF_INT(mail_max_userip_connections), DEF_BOOL(verbose_proctitle), DEF_INT(first_valid_uid),
--- a/src/master/master-settings.c Mon Jul 02 17:35:31 2007 +0300 +++ b/src/master/master-settings.c Mon Jul 02 17:52:05 2007 +0300 @@ -206,7 +206,7 @@ MEMBER(valid_chroot_dirs) "", MEMBER(mail_chroot) "", MEMBER(max_mail_processes) 1024, - MEMBER(mail_max_user_connections) 10, + MEMBER(mail_max_userip_connections) 10, MEMBER(verbose_proctitle) FALSE, MEMBER(first_valid_uid) 500,
--- a/src/master/master-settings.h Mon Jul 02 17:35:31 2007 +0300 +++ b/src/master/master-settings.h Mon Jul 02 17:52:05 2007 +0300 @@ -61,7 +61,7 @@ const char *valid_chroot_dirs; const char *mail_chroot; unsigned int max_mail_processes; - unsigned int mail_max_user_connections; + unsigned int mail_max_userip_connections; bool verbose_proctitle; unsigned int first_valid_uid, last_valid_uid;