login-common: Write client rawlogs in plaintext

diff --git a/src/login-common/client-common.c b/src/login-common/client-common.c
index bb5b948c7fc013c0bccd9f9792ed621c52c3a225..3fd8aec7e3445d9638301bbfe16afa4ec819e7ad 100644 (file)
--- a/src/login-common/client-common.c
+++ b/src/login-common/client-common.c
@@ -156,17 +156,44 @@ static void client_idle_disconnect_timeout(struct client *client)
        client_destroy(client, destroy_reason);
 }
 
+void client_rawlog_init(struct client *client)
+{
+       if (login_rawlog_dir == NULL)
+               return;
+
+       client->pre_rawlog_input = client->input;
+       client->pre_rawlog_output = client->output;
+       if (iostream_rawlog_create(login_rawlog_dir, &client->input,
+                                  &client->output) < 0) {
+               login_rawlog_dir = NULL;
+               return;
+       }
+       client->rawlog_input = client->input;
+       client->rawlog_output = client->output;
+}
+
+void client_rawlog_deinit(struct client *client)
+{
+       if (client->rawlog_input == NULL)
+               return;
+
+       i_assert(client->rawlog_input == client->input);
+       i_assert(client->rawlog_output == client->output);
+       i_stream_ref(client->pre_rawlog_input);
+       o_stream_ref(client->pre_rawlog_output);
+       i_stream_destroy(&client->rawlog_input);
+       o_stream_destroy(&client->rawlog_output);
+       client->input = client->pre_rawlog_input;
+       client->output = client->pre_rawlog_output;
+}
+
 static void client_open_streams(struct client *client)
 {
        client->input = i_stream_create_fd(client->fd, LOGIN_MAX_INBUF_SIZE);
        client->output = o_stream_create_fd(client->fd, LOGIN_MAX_OUTBUF_SIZE);
        o_stream_set_no_error_handling(client->output, TRUE);
 
-       if (login_rawlog_dir != NULL) {
-               if (iostream_rawlog_create(login_rawlog_dir, &client->input,
-                                          &client->output) < 0)
-                       login_rawlog_dir = NULL;
-       }
+       client_rawlog_init(client);
 }
 
 static const char *
@@ -753,6 +780,7 @@ int client_init_ssl(struct client *client)
 
        if (client->v.iostream_change_pre != NULL)
                client->v.iostream_change_pre(client);
+       client_rawlog_deinit(client);
        const struct ssl_iostream_server_autocreate_parameters parameters = {
                .event_parent = client->event,
                .application_protocols = login_binary->application_protocols,
@@ -762,6 +790,7 @@ int client_init_ssl(struct client *client)
                                                  &client->ssl_iostream, &error);
        if (client->v.iostream_change_post != NULL)
                client->v.iostream_change_post(client);
+       client_rawlog_init(client);
        if (ret < 0) {
                e_error(client->event,
                        "Failed to initialize SSL connection: %s", error);

diff --git a/src/login-common/client-common.h b/src/login-common/client-common.h
index 8f10bd77459892edd8eaab7c9ede0cd5c5990d23..d3a5f8722480a4d39ddfdccdc220a893b7bbbd6c 100644 (file)
--- a/src/login-common/client-common.h
+++ b/src/login-common/client-common.h
@@ -201,6 +201,9 @@ struct client {
        int fd;
        struct istream *input;
        struct ostream *output;
+       /* The rawlog streams don't hold any references */
+       struct istream *pre_rawlog_input, *rawlog_input;
+       struct ostream *pre_rawlog_output, *rawlog_output;
        /* If non-NULL, this is the multiplex ostream. It is usually the same
           as the output pointer, but some plugins may make them different.
           This isn't holding a reference, so it must not be unreferenced. */
@@ -354,6 +357,9 @@ void client_destroy_success(struct client *client, const char *reason);
 void client_ref(struct client *client);
 bool client_unref(struct client **client) ATTR_NOWARN_UNUSED_RESULT;
 
+void client_rawlog_init(struct client *client);
+void client_rawlog_deinit(struct client *client);
+
 int client_init_ssl(struct client *client);
 void client_cmd_starttls(struct client *client);
 

diff --git a/src/login-common/login-proxy.c b/src/login-common/login-proxy.c
index 5743ea83644072d44859090e9a2ef1d5826e504f..121748f183a5bcc0b394921e583d298e46e50754 100644 (file)
--- a/src/login-common/login-proxy.c
+++ b/src/login-common/login-proxy.c
@@ -958,11 +958,12 @@ void login_proxy_replace_client_iostream_pre(struct login_proxy *proxy)
        client->output = proxy->client_output;
 
        /* iostream_change_pre() may change iostreams */
-       if (client->v.iostream_change_pre != NULL) {
+       if (client->v.iostream_change_pre != NULL)
                client->v.iostream_change_pre(client);
-               proxy->client_input = client->input;
-               proxy->client_output = client->output;
-       }
+       client_rawlog_deinit(client);
+
+       proxy->client_input = client->input;
+       proxy->client_output = client->output;
 }
 
 void login_proxy_replace_client_iostream_post(struct login_proxy *proxy,
@@ -984,6 +985,7 @@ void login_proxy_replace_client_iostream_post(struct login_proxy *proxy,
 
        if (client->v.iostream_change_post != NULL)
                client->v.iostream_change_post(client);
+       client_rawlog_init(client);
 
        /* iostream_change_post() may have replaced the iostreams */
        proxy->client_input = client->input;