From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Tue, 15 Oct 2019 10:32:23 +0000 (+0300)
Subject: doveadm-mail-server: Support proxy fields properly
X-Git-Tag: 2.3.9~99
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8048fa8e46c1c8cfc1f29837512cc7d49fafa4da;p=thirdparty%2Fdovecot%2Fcore.git

doveadm-mail-server: Support proxy fields properly
---

diff --git a/src/doveadm/doveadm-mail-server.c b/src/doveadm/doveadm-mail-server.c
index 3a640e8b18..10f372e3b1 100644
--- a/src/doveadm/doveadm-mail-server.c
+++ b/src/doveadm/doveadm-mail-server.c
@@ -179,6 +179,8 @@ static int
 doveadm_mail_server_user_get_host(struct doveadm_mail_cmd_context *ctx,
 				  const struct mail_storage_service_input *input,
 				  const char **user_r, const char **host_r,
+				  struct ip_addr *hostip_r, in_port_t *port_r,
+				  enum doveadm_proxy_ssl_flags *ssl_flags_r,
 				  const char **error_r)
 {
 	struct auth_master_connection *auth_conn;
@@ -238,10 +240,23 @@ doveadm_mail_server_user_get_host(struct doveadm_mail_cmd_context *ctx,
 			else if (str_begins(fields[i], "port=")) {
 				if (net_str2port(fields[i]+5, &proxy_port) < 0)
 					proxy_port = 0;
+	                } else if (str_begins(fields[i], "ssl=")) {
+	                        *ssl_flags_r |= PROXY_SSL_FLAG_YES;
+	                        if (strcmp(fields[i]+4, "any-cert") == 0)
+	                               *ssl_flags_r |= PROXY_SSL_FLAG_ANY_CERT;
+	                } else if (str_begins(fields[i], "starttls=")) {
+	                        *ssl_flags_r |= PROXY_SSL_FLAG_YES |
+	                                PROXY_SSL_FLAG_STARTTLS;
+	                        if (strcmp(fields[i]+9, "any-cert") == 0)
+	                                *ssl_flags_r |= PROXY_SSL_FLAG_ANY_CERT;
 			}
 		}
-		if (proxy_hostip != NULL)
-			proxy_host = proxy_hostip;
+		if (proxy_hostip != NULL &&
+		    net_addr2ip(proxy_hostip, hostip_r) < 0) {
+			*error_r = t_strdup_printf("%s Invalid hostip value '%s'",
+						   auth_socket_path, proxy_hostip);
+			ret = -1;
+		}
 		if (!proxying)
 			ret = 0;
 		else if (proxy_host == NULL) {
@@ -254,6 +269,7 @@ doveadm_mail_server_user_get_host(struct doveadm_mail_cmd_context *ctx,
 			}
 			ret = -1;
 		} else {
+			*port_r = proxy_port;
 			*host_r = t_strdup_printf("%s:%u", proxy_host, proxy_port);
 		}
 	}
@@ -268,13 +284,18 @@ int doveadm_mail_server_user(struct doveadm_mail_cmd_context *ctx,
 	struct doveadm_server *server;
 	struct server_connection *conn;
 	const char *user, *host;
+	struct ip_addr hostip;
+	enum doveadm_proxy_ssl_flags ssl_flags = 0;
 	char *username_dup;
 	int ret;
+	in_port_t port;
 
 	i_assert(cmd_ctx == ctx || cmd_ctx == NULL);
 	cmd_ctx = ctx;
 
-	ret = doveadm_mail_server_user_get_host(ctx, input, &user, &host, error_r);
+	i_zero(&hostip);
+	ret = doveadm_mail_server_user_get_host(ctx, input, &user, &host, &hostip,
+						&port, &ssl_flags, error_r);
 	if (ret < 0)
 		return ret;
 	if (ret == 0 &&
@@ -288,6 +309,9 @@ int doveadm_mail_server_user(struct doveadm_mail_cmd_context *ctx,
 	doveadm_print_unstick_headers();
 
 	server = doveadm_server_get(ctx, host);
+	server->ip = hostip;
+	server->ssl_flags = ssl_flags;
+	server->port = port;
 	conn = doveadm_server_find_unused_conn(server);
 	if (conn != NULL)
 		doveadm_mail_server_handle(conn, user);
diff --git a/src/doveadm/doveadm-server.h b/src/doveadm/doveadm-server.h
index 6bf80aaaa6..e111b4a859 100644
--- a/src/doveadm/doveadm-server.h
+++ b/src/doveadm/doveadm-server.h
@@ -14,10 +14,14 @@ enum doveadm_proxy_ssl_flags {
 };
 
 struct doveadm_server {
-	/* host:port */
+	/* hostname:port or socket name for logging */
 	const char *name;
-	/* host only */
+	/* hostname without port */
 	const char *hostname;
+	/* host ip to use */
+	struct ip_addr ip;
+	/* port to use */
+	in_port_t port;
 
 	/* ssl related settings */
 	enum doveadm_proxy_ssl_flags ssl_flags;
diff --git a/src/doveadm/server-connection.c b/src/doveadm/server-connection.c
index c0928b10d6..9b13a3d4aa 100644
--- a/src/doveadm/server-connection.c
+++ b/src/doveadm/server-connection.c
@@ -554,6 +554,7 @@ int server_connection_create(struct doveadm_server *server,
 			     struct server_connection **conn_r,
 			     const char **error_r)
 {
+	const char *target;
 	struct server_connection *conn;
 	pool_t pool;
 
@@ -561,7 +562,12 @@ int server_connection_create(struct doveadm_server *server,
 	conn = p_new(pool, struct server_connection, 1);
 	conn->pool = pool;
 	conn->server = server;
-	conn->fd = doveadm_connect_with_default_port(server->name,
+	if (server->ip.family != 0) {
+		(void)net_ipport2str(&server->ip, server->port, &target);
+	} else {
+		target = server->name;
+	}
+	conn->fd = doveadm_connect_with_default_port(target,
 						     doveadm_settings->doveadm_port);
 	net_set_nonblock(conn->fd, TRUE);
 	conn->input = i_stream_create_fd(conn->fd, MAX_INBUF_SIZE);