Re: destuser setting useless on LMTP proxy

2018-03-26 Thread Aki Tuomi 


On 26.03.2018 10:42, Jan-Pieter Cornet wrote:
> I tried setting the "destuser" setting on the LMTP director as
> follows, to preserve the original envelope rcpt:
>
> protocol lmtp {
>   auth_socket_path = director-userdb
>   passdb {
>     driver = ...
>     override_fields = destuser=%{orig_user}
>   }
> }
>
> The passdb driver would return the appropriate "user" for each alias.
> Suppose, for example, user1 has emails us...@domain.tld, but also
> ali...@domain.tld.
>
> Now, it turns out that setting the destuser *changes* the backend. It
> seems that when the passdb returns "destuser", that username is
> completely ignored and the hashing of the destuser determines the
> backend chosen.
>
> This is incorrect, the backend should be chosen based on the returned
> "user", and the "destuser" should only be used for the remote login
> (or rcpt, in case of LMTP).
>
> I'm using version 2.2.35. The problem seems to be in lmtp/commands.c,
> in client_proxy_rcpt_parse_fields, line 281-285 says:
>     } else if (strcmp(key, "user") == 0 ||
>    strcmp(key, "destuser") == 0) {
>     /* changing the username */
>     *address = value;
>     } ...
>
> So it looks as if "user" and "destuser" are treated equally in the
> LMTP proxy.
>

Hi!

Thanks for reporting this, we'll take a look

Aki

destuser setting useless on LMTP proxy

2018-03-26 Thread Jan-Pieter Cornet 

I tried setting the "destuser" setting on the LMTP director as follows, to 
preserve the original envelope rcpt:

protocol lmtp {
  auth_socket_path = director-userdb
  passdb {
driver = ...
override_fields = destuser=%{orig_user}
  }
}

The passdb driver would return the appropriate "user" for each alias. Suppose, 
for example, user1 has emails us...@domain.tld, but also ali...@domain.tld.

Now, it turns out that setting the destuser *changes* the backend. It seems that when the 
passdb returns "destuser", that username is completely ignored and the hashing 
of the destuser determines the backend chosen.

This is incorrect, the backend should be chosen based on the returned "user", and the 
"destuser" should only be used for the remote login (or rcpt, in case of LMTP).

I'm using version 2.2.35. The problem seems to be in lmtp/commands.c, in 
client_proxy_rcpt_parse_fields, line 281-285 says:
} else if (strcmp(key, "user") == 0 ||
   strcmp(key, "destuser") == 0) {
/* changing the username */
*address = value;
} ...

So it looks as if "user" and "destuser" are treated equally in the LMTP proxy.

--
Jan-Pieter Cornet 
Systeembeheer XS4ALL Internet bv
www.xs4all.nl



signature.asc
Description: OpenPGP digital signature