auth: Pass local_name to auth-request

This allows using local_name in various places, such as passdb/userdb queries.
dovecot · Oct 20, 2016 · fe791e9 · fe791e9
1 parent c67082d
commit fe791e9
Show file tree

Hide file tree

Showing 10 changed files with 20 additions and 3 deletions.
diff --git a/src/auth/auth-request-var-expand.c b/src/auth/auth-request-var-expand.c
@@ -45,6 +45,7 @@ auth_request_var_expand_static_tab[AUTH_REQUEST_VAR_TAB_COUNT+1] = {
 	{ '\0', NULL, "auth_user" },
 	{ '\0', NULL, "auth_username" },
 	{ '\0', NULL, "auth_domain" },
+	{ '\0', NULL, "local_name" },
 	/* be sure to update AUTH_REQUEST_VAR_TAB_COUNT */
 	{ '\0', NULL, NULL }
 };
@@ -166,6 +167,10 @@ auth_request_get_var_expand_table_full(const struct auth_request *auth_request,
 	tab[32].value = strchr(auth_user, '@');
 	if (tab[32].value != NULL)
 		tab[32].value = escape_func(tab[32].value+1, auth_request);
+	if (auth_request->local_name != NULL)
+		tab[33].value = escape_func(auth_request->local_name, auth_request);
+	else
+		tab[33].value = "";
 	return ret_tab;
 }
 

diff --git a/src/auth/auth-request-var-expand.h b/src/auth/auth-request-var-expand.h
@@ -8,7 +8,7 @@ auth_request_escape_func_t(const char *string,
 #define AUTH_REQUEST_VAR_TAB_USER_IDX 0
 #define AUTH_REQUEST_VAR_TAB_USERNAME_IDX 1
 #define AUTH_REQUEST_VAR_TAB_DOMAIN_IDX 2
-#define AUTH_REQUEST_VAR_TAB_COUNT 33
+#define AUTH_REQUEST_VAR_TAB_COUNT 34
 extern const struct var_expand_table
 auth_request_var_expand_static_tab[AUTH_REQUEST_VAR_TAB_COUNT+1];
 

diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
@@ -319,6 +319,8 @@ void auth_request_export(struct auth_request *request, string_t *dest)
 		str_printfa(dest, "\treal_lport=%u", request->real_local_port);
 	if (request->real_remote_port != 0)
 		str_printfa(dest, "\treal_rport=%u", request->real_remote_port);
+	if (request->local_name != 0)
+		str_printfa(dest, "\tlocal_name=%s", request->local_name);
 	if (request->session_id != NULL)
 		str_printfa(dest, "\tsession=%s", request->session_id);
 	if (request->debug)
@@ -377,6 +379,8 @@ bool auth_request_import_info(struct auth_request *request,
 		(void)net_str2port(value, &request->real_local_port);
 	else if (strcmp(key, "real_rport") == 0)
 		(void)net_str2port(value, &request->real_remote_port);
+	else if (strcmp(key, "local_name") == 0)
+		request->local_name = p_strdup(request->pool, value);
 	else if (strcmp(key, "session") == 0)
 		request->session_id = p_strdup(request->pool, value);
 	else if (strcmp(key, "debug") == 0)

diff --git a/src/auth/auth-request.h b/src/auth/auth-request.h
@@ -74,7 +74,7 @@ struct auth_request {
 	time_t delay_until;
 	pid_t session_pid;
 
-	const char *service, *mech_name, *session_id;
+	const char *service, *mech_name, *session_id, *local_name;
 	struct ip_addr local_ip, remote_ip, real_local_ip, real_remote_ip;
 	in_port_t local_port, remote_port, real_local_port, real_remote_port;
 

diff --git a/src/lib-auth/auth-client-request.c b/src/lib-auth/auth-client-request.c
@@ -80,7 +80,9 @@ static void auth_server_send_new_request(struct auth_server_connection *conn,
 	if (info->real_remote_port != 0 &&
 	    info->real_remote_port != info->remote_port)
 		str_printfa(str, "\treal_rport=%u", info->real_remote_port);
-
+	if (info->local_name != NULL &&
+	    *info->local_name != '\0')
+		str_printfa(str, "\tlocal_name=%s", info->local_name);
 	if (info->initial_resp_base64 != NULL) {
 		str_append(str, "\tresp=");
 		str_append_tabescaped(str, info->initial_resp_base64);

diff --git a/src/lib-auth/auth-client.h b/src/lib-auth/auth-client.h
@@ -41,6 +41,7 @@ struct auth_request_info {
 	const char *service;
 	const char *session_id;
 	const char *cert_username;
+	const char *local_name;
 	enum auth_request_flags flags;
 
 	struct ip_addr local_ip, remote_ip, real_local_ip, real_remote_ip;

diff --git a/src/login-common/client-common.h b/src/login-common/client-common.h
@@ -117,6 +117,7 @@ struct client {
 	const struct login_settings *set;
 	const struct master_service_ssl_settings *ssl_set;
 	const char *session_id, *listener_name, *postlogin_socket_path;
+	const char *local_name;
 
 	int fd;
 	struct istream *input;

diff --git a/src/login-common/login-settings.c b/src/login-common/login-settings.c
@@ -120,6 +120,7 @@ login_set_var_expand_table(const struct master_service_settings_input *input)
 		{ 'r', NULL, "rip" },
 		{ 'p', NULL, "pid" },
 		{ 's', NULL, "service" },
+		{ '\0', NULL, "local_name" },
 		{ '\0', NULL, NULL }
 	};
 	struct var_expand_table *tab;
@@ -131,6 +132,7 @@ login_set_var_expand_table(const struct master_service_settings_input *input)
 	tab[1].value = net_ip2addr(&input->remote_ip);
 	tab[2].value = my_pid;
 	tab[3].value = input->service;
+	tab[4].value = input->local_name;
 	return tab;
 }
 

diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
@@ -360,6 +360,7 @@ void sasl_server_auth_begin(struct client *client,
 	info.local_ip = client->local_ip;
 	info.remote_ip = client->ip;
 	info.local_port = client->local_port;
+	info.local_name = client->local_name;
 	info.remote_port = client->remote_port;
 	info.real_local_ip = client->real_local_ip;
 	info.real_remote_ip = client->real_remote_ip;

diff --git a/src/login-common/ssl-proxy-openssl.c b/src/login-common/ssl-proxy-openssl.c
@@ -1149,6 +1149,7 @@ static void ssl_servername_callback(SSL *ssl, int *al ATTR_UNUSED,
 						  &client->ssl_set,
 						  &other_sets);
 	}
+	client->local_name = p_strdup(client->pool, host);
 	ctx = ssl_server_context_get(client->set, client->ssl_set);
 	SSL_set_SSL_CTX(ssl, ctx->ctx);
 }