dovecot-local-name.patch

   1 commit 8e104e2bce03c1cb410b1aff5100a0e1074c11ca
   2 Author: Aki Tuomi <aki.tuomi@dovecot.fi>
   3 Date:   Mon Oct 17 23:25:27 2016 +0300
   4
   5     lib: Add null_strcasecmp
   6
   7 diff --git a/src/lib/strfuncs.c b/src/lib/strfuncs.c
   8 index 602ceb4..df572ff 100644
   9 --- a/src/lib/strfuncs.c
  10 +++ b/src/lib/strfuncs.c
  11 @@ -434,6 +434,16 @@ int null_strcmp(const char *s1, const char *s2)
  12         return strcmp(s1, s2);
  13  }
  14
  15 +int null_strcasecmp(const char *s1, const char *s2)
  16 +{
  17 +        if (s1 == NULL)
  18 +                return s2 == NULL ? 0 : -1;
  19 +        if (s2 == NULL)
  20 +                return 1;
  21 +
  22 +        return strcasecmp(s1, s2);
  23 +}
  24 +
  25  int i_memcasecmp(const void *p1, const void *p2, size_t size)
  26  {
  27         const unsigned char *s1 = p1;
  28 diff --git a/src/lib/strfuncs.h b/src/lib/strfuncs.h
  29 index c84533b..65203f2 100644
  30 --- a/src/lib/strfuncs.h
  31 +++ b/src/lib/strfuncs.h
  32 @@ -60,6 +60,7 @@ const char *t_str_rtrim(const char *str, const char *chars);
  33  /*const char *t_str_trim(const char *str, const char *chars);*/
  34
  35  int null_strcmp(const char *s1, const char *s2) ATTR_PURE;
  36 +int null_strcasecmp(const char *s1, const char *s2) ATTR_PURE;
  37  int bsearch_strcmp(const char *key, const char *const *member) ATTR_PURE;
  38  int bsearch_strcasecmp(const char *key, const char *const *member) ATTR_PURE;
  39  int i_memcasecmp(const void *p1, const void *p2, size_t size) ATTR_PURE;
  40 From c19c44f87ef3fe40cae4be9a86ee9327a7370e46 Mon Sep 17 00:00:00 2001
  41 From: Aki Tuomi <aki.tuomi@dovecot.fi>
  42 Date: Sat, 15 Oct 2016 23:04:35 +0300
  43 Subject: [PATCH] config: Compare local_name case insensitive
  44
  45 DNS and certificate names should be compared
  46 case insensitive.
  47 ---
  48  src/config/config-filter.c | 4 ++--
  49  1 file changed, 2 insertions(+), 2 deletions(-)
  50
  51 diff --git a/src/config/config-filter.c b/src/config/config-filter.c
  52 index e8cc010..87a24da 100644
  53 --- a/src/config/config-filter.c
  54 +++ b/src/config/config-filter.c
  55 @@ -36,7 +36,7 @@ static bool config_filter_match_rest(const struct config_filter *mask,
  56         if (mask->local_name != NULL) {
  57                 if (filter->local_name == NULL)
  58                         return FALSE;
  59 -               if (strcmp(filter->local_name, mask->local_name) != 0)
  60 +               if (strcasecmp(filter->local_name, mask->local_name) != 0)
  61                         return FALSE;
  62         }
  63         /* FIXME: it's not comparing full masks */
  64 @@ -82,7 +82,7 @@ bool config_filters_equal(const struct config_filter *f1,
  65         if (!net_ip_compare(&f1->local_net, &f2->local_net))
  66                 return FALSE;
  67
  68 -       if (null_strcmp(f1->local_name, f2->local_name) != 0)
  69 +       if (null_strcasecmp(f1->local_name, f2->local_name) != 0)
  70                 return FALSE;
  71
  72         return TRUE;
  73 From fe791e96fdf796f7d8997ee0515b163dc5eddd72 Mon Sep 17 00:00:00 2001
  74 From: Aki Tuomi <aki.tuomi@dovecot.fi>
  75 Date: Tue, 18 Oct 2016 00:37:32 +0300
  76 Subject: [PATCH] auth: Pass local_name to auth-request
  77
  78 This allows using local_name in various places,
  79 such as passdb/userdb queries.
  80 ---
  81  src/auth/auth-request-var-expand.c   | 5 +++++
  82  src/auth/auth-request-var-expand.h   | 2 +-
  83  src/auth/auth-request.c              | 4 ++++
  84  src/auth/auth-request.h              | 2 +-
  85  src/lib-auth/auth-client-request.c   | 4 +++-
  86  src/lib-auth/auth-client.h           | 1 +
  87  src/login-common/client-common.h     | 1 +
  88  src/login-common/login-settings.c    | 2 ++
  89  src/login-common/sasl-server.c       | 1 +
  90  src/login-common/ssl-proxy-openssl.c | 1 +
  91  10 files changed, 20 insertions(+), 3 deletions(-)
  92
  93 diff --git a/src/auth/auth-request-var-expand.c b/src/auth/auth-request-var-expand.c
  94 index 312d393..4fd2dcb 100644
  95 --- a/src/auth/auth-request-var-expand.c
  96 +++ b/src/auth/auth-request-var-expand.c
  97 @@ -45,6 +45,7 @@ auth_request_var_expand_static_tab[AUTH_REQUEST_VAR_TAB_COUNT+1] = {
  98         { '\0', NULL, "auth_user" },
  99         { '\0', NULL, "auth_username" },
 100         { '\0', NULL, "auth_domain" },
 101 +       { '\0', NULL, "local_name" },
 102         /* be sure to update AUTH_REQUEST_VAR_TAB_COUNT */
 103         { '\0', NULL, NULL }
 104  };
 105 @@ -166,6 +167,10 @@ auth_request_get_var_expand_table_full(const struct auth_request *auth_request,
 106         tab[32].value = strchr(auth_user, '@');
 107         if (tab[32].value != NULL)
 108                 tab[32].value = escape_func(tab[32].value+1, auth_request);
 109 +       if (auth_request->local_name != NULL)
 110 +               tab[33].value = escape_func(auth_request->local_name, auth_request);
 111 +       else
 112 +               tab[33].value = "";
 113         return ret_tab;
 114  }
 115
 116 diff --git a/src/auth/auth-request-var-expand.h b/src/auth/auth-request-var-expand.h
 117 index a7cafdd..0d228da 100644
 118 --- a/src/auth/auth-request-var-expand.h
 119 +++ b/src/auth/auth-request-var-expand.h
 120 @@ -8,7 +8,7 @@ auth_request_escape_func_t(const char *string,
 121  #define AUTH_REQUEST_VAR_TAB_USER_IDX 0
 122  #define AUTH_REQUEST_VAR_TAB_USERNAME_IDX 1
 123  #define AUTH_REQUEST_VAR_TAB_DOMAIN_IDX 2
 124 -#define AUTH_REQUEST_VAR_TAB_COUNT 33
 125 +#define AUTH_REQUEST_VAR_TAB_COUNT 34
 126  extern const struct var_expand_table
 127  auth_request_var_expand_static_tab[AUTH_REQUEST_VAR_TAB_COUNT+1];
 128
 129 diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
 130 index 7a60c97..8b38f83 100644
 131 --- a/src/auth/auth-request.c
 132 +++ b/src/auth/auth-request.c
 133 @@ -319,6 +319,8 @@ void auth_request_export(struct auth_request *request, string_t *dest)
 134                 str_printfa(dest, "\treal_lport=%u", request->real_local_port);
 135         if (request->real_remote_port != 0)
 136                 str_printfa(dest, "\treal_rport=%u", request->real_remote_port);
 137 +       if (request->local_name != 0)
 138 +               str_printfa(dest, "\tlocal_name=%s", request->local_name);
 139         if (request->session_id != NULL)
 140                 str_printfa(dest, "\tsession=%s", request->session_id);
 141         if (request->debug)
 142 @@ -377,6 +379,8 @@ bool auth_request_import_info(struct auth_request *request,
 143                 (void)net_str2port(value, &request->real_local_port);
 144         else if (strcmp(key, "real_rport") == 0)
 145                 (void)net_str2port(value, &request->real_remote_port);
 146 +       else if (strcmp(key, "local_name") == 0)
 147 +               request->local_name = p_strdup(request->pool, value);
 148         else if (strcmp(key, "session") == 0)
 149                 request->session_id = p_strdup(request->pool, value);
 150         else if (strcmp(key, "debug") == 0)
 151 diff --git a/src/auth/auth-request.h b/src/auth/auth-request.h
 152 index 54772ee..63fb838 100644
 153 --- a/src/auth/auth-request.h
 154 +++ b/src/auth/auth-request.h
 155 @@ -74,7 +74,7 @@ struct auth_request {
 156         time_t delay_until;
 157         pid_t session_pid;
 158
 159 -       const char *service, *mech_name, *session_id;
 160 +       const char *service, *mech_name, *session_id, *local_name;
 161         struct ip_addr local_ip, remote_ip, real_local_ip, real_remote_ip;
 162         in_port_t local_port, remote_port, real_local_port, real_remote_port;
 163
 164 diff --git a/src/lib-auth/auth-client-request.c b/src/lib-auth/auth-client-request.c
 165 index fde65bf..968dc98 100644
 166 --- a/src/lib-auth/auth-client-request.c
 167 +++ b/src/lib-auth/auth-client-request.c
 168 @@ -80,7 +80,9 @@ static void auth_server_send_new_request(struct auth_server_connection *conn,
 169         if (info->real_remote_port != 0 &&
 170             info->real_remote_port != info->remote_port)
 171                 str_printfa(str, "\treal_rport=%u", info->real_remote_port);
 172 -
 173 +       if (info->local_name != NULL &&
 174 +           *info->local_name != '\0')
 175 +               str_printfa(str, "\tlocal_name=%s", info->local_name);
 176         if (info->initial_resp_base64 != NULL) {
 177                 str_append(str, "\tresp=");
 178                 str_append_tabescaped(str, info->initial_resp_base64);
 179 diff --git a/src/lib-auth/auth-client.h b/src/lib-auth/auth-client.h
 180 index 59cf3d4..45b346b 100644
 181 --- a/src/lib-auth/auth-client.h
 182 +++ b/src/lib-auth/auth-client.h
 183 @@ -41,6 +41,7 @@ struct auth_request_info {
 184         const char *service;
 185         const char *session_id;
 186         const char *cert_username;
 187 +       const char *local_name;
 188         enum auth_request_flags flags;
 189
 190         struct ip_addr local_ip, remote_ip, real_local_ip, real_remote_ip;
 191 diff --git a/src/login-common/client-common.h b/src/login-common/client-common.h
 192 index 715c22f..864af1c 100644
 193 --- a/src/login-common/client-common.h
 194 +++ b/src/login-common/client-common.h
 195 @@ -117,6 +117,7 @@ struct client {
 196         const struct login_settings *set;
 197         const struct master_service_ssl_settings *ssl_set;
 198         const char *session_id, *listener_name, *postlogin_socket_path;
 199 +       const char *local_name;
 200
 201         int fd;
 202         struct istream *input;
 203 diff --git a/src/login-common/login-settings.c b/src/login-common/login-settings.c
 204 index 05be020..ace5dae 100644
 205 --- a/src/login-common/login-settings.c
 206 +++ b/src/login-common/login-settings.c
 207 @@ -120,6 +120,7 @@ login_set_var_expand_table(const struct master_service_settings_input *input)
 208                 { 'r', NULL, "rip" },
 209                 { 'p', NULL, "pid" },
 210                 { 's', NULL, "service" },
 211 +               { '\0', NULL, "local_name" },
 212                 { '\0', NULL, NULL }
 213         };
 214         struct var_expand_table *tab;
 215 @@ -131,6 +132,7 @@ login_set_var_expand_table(const struct master_service_settings_input *input)
 216         tab[1].value = net_ip2addr(&input->remote_ip);
 217         tab[2].value = my_pid;
 218         tab[3].value = input->service;
 219 +       tab[4].value = input->local_name;
 220         return tab;
 221  }
 222
 223 diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
 224 index 5d6d29c..097b83d 100644
 225 --- a/src/login-common/sasl-server.c
 226 +++ b/src/login-common/sasl-server.c
 227 @@ -360,6 +360,7 @@ void sasl_server_auth_begin(struct client *client,
 228         info.local_ip = client->local_ip;
 229         info.remote_ip = client->ip;
 230         info.local_port = client->local_port;
 231 +       info.local_name = client->local_name;
 232         info.remote_port = client->remote_port;
 233         info.real_local_ip = client->real_local_ip;
 234         info.real_remote_ip = client->real_remote_ip;
 235 diff --git a/src/login-common/ssl-proxy-openssl.c b/src/login-common/ssl-proxy-openssl.c
 236 index 0f17fad..a17ce66 100644
 237 --- a/src/login-common/ssl-proxy-openssl.c
 238 +++ b/src/login-common/ssl-proxy-openssl.c
 239 @@ -1149,6 +1149,7 @@ static void ssl_servername_callback(SSL *ssl, int *al ATTR_UNUSED,
 240                                                   &client->ssl_set,
 241                                                   &other_sets);
 242         }
 243 +       client->local_name = p_strdup(client->pool, host);
 244         ctx = ssl_server_context_get(client->set, client->ssl_set);
 245         SSL_set_SSL_CTX(ssl, ctx->ctx);
 246  }