Can someone have a look at this patch for Postfix >= 2.5? The patch
for Postfix 2.3 does not work because I had to add a "SASL mechanism
filter" feature.
Wietse
*** xsasl_dovecot_server.c.orig Sun Mar 16 19:09:04 2008
--- xsasl_dovecot_server.c Wed Feb 11 10:26:37 2009
***************
*** 65,70 ****
--- 65,71 ----
#include <vstring_vstream.h>
#include <name_mask.h>
#include <argv.h>
+ #include <myaddrinfo.h>
/* Global library. */
***************
*** 162,167 ****
--- 163,170 ----
unsigned int sec_props; /* Postfix mechanism filter */
char *mechanism_list; /* filtered mechanism list */
ARGV *mechanism_argv; /* ditto */
+ MAI_HOSTADDR_STR server_addr; /* local IP address */
+ MAI_HOSTADDR_STR client_addr; /* remote IP address */
} XSASL_DOVECOT_SERVER;
/*
***************
*** 379,391 ****
/* xsasl_dovecot_server_create - create server instance */
static XSASL_SERVER *xsasl_dovecot_server_create(XSASL_SERVER_IMPL *impl,
! VSTREAM *unused_stream,
const char *service,
const char *realm,
const char *sec_props)
{
const char *myname = "xsasl_dovecot_server_create";
XSASL_DOVECOT_SERVER *server;
if (msg_verbose)
msg_info("%s: SASL service=%s, realm=%s",
--- 382,397 ----
/* xsasl_dovecot_server_create - create server instance */
static XSASL_SERVER *xsasl_dovecot_server_create(XSASL_SERVER_IMPL *impl,
! VSTREAM *stream,
const char *service,
const char *realm,
const char *sec_props)
{
const char *myname = "xsasl_dovecot_server_create";
XSASL_DOVECOT_SERVER *server;
+ struct sockaddr_storage ss;
+ struct sockaddr *sa = (struct sockaddr *) & ss;
+ SOCKADDR_SIZE salen = sizeof(ss);
if (msg_verbose)
msg_info("%s: SASL service=%s, realm=%s",
***************
*** 413,418 ****
--- 419,435 ----
name_mask_opt(myname, xsasl_dovecot_conf_sec_props,
sec_props, NAME_MASK_ANY_CASE | NAME_MASK_FATAL);
+ /*
+ * XXX This is not the right place: it ignores client overrides with the
+ * XCLIENT command.
+ */
+ if (getpeername(vstream_fileno(stream), sa, &salen) < 0
+ || sockaddr_to_hostaddr(sa, salen, &server->client_addr, 0, 0) != 0)
+ server->client_addr.buf[0] = 0;
+ if (getsockname(vstream_fileno(stream), sa, &salen) < 0
+ || sockaddr_to_hostaddr(sa, salen, &server->server_addr, 0, 0) != 0)
+ server->server_addr.buf[0] = 0;
+
return (&server->xsasl);
}
***************
*** 605,613 ****
/* send the request */
server->last_request_id = ++server->impl->request_id_counter;
vstream_fprintf(server->impl->sasl_stream,
! "AUTH\t%u\t%s\tservice=%s\tnologin",
server->last_request_id, sasl_method,
! server->service);
if (init_response) {
/*
--- 622,631 ----
/* send the request */
server->last_request_id = ++server->impl->request_id_counter;
vstream_fprintf(server->impl->sasl_stream,
! "AUTH\t%u\t%s\tservice=%s\tlip=%s\trip=%s",
server->last_request_id, sasl_method,
! server->service, server->client_addr.buf,
! server->server_addr.buf);
if (init_response) {
/*
