From: Timo Sirainen <tss@iki.fi>
Date: Tue, 17 Nov 2015 15:26:56 +0000 (+0200)
Subject: *-login: Added postlogin_socket=path passdb extra field.
X-Git-Tag: 2.2.20.rc1~68
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8ce3071e80b9973230048ecadfcb073fb82cc69f;p=thirdparty%2Fdovecot%2Fcore.git

*-login: Added postlogin_socket=path passdb extra field.
By default e.g. "imap" or "pop3" is the post-login socket, but this can
override it. This could be used for example for per-user debugging (e.g.
setting executable to be run via strace or valgrind).
---

diff --git a/src/login-common/client-common-auth.c b/src/login-common/client-common-auth.c
index 90941c56d0..94ae28f1ea 100644
--- a/src/login-common/client-common-auth.c
+++ b/src/login-common/client-common-auth.c
@@ -133,8 +133,9 @@ static void client_auth_parse_args(struct client *client,
 				PROXY_SSL_FLAG_STARTTLS;
 			if (strcmp(value, "any-cert") == 0)
 				reply_r->ssl_flags |= PROXY_SSL_FLAG_ANY_CERT;
-		} else if (strcmp(key, "user") == 0) {
-			/* already handled in login-common */
+		} else if (strcmp(key, "user") == 0 ||
+			   strcmp(key, "postlogin_socket") == 0) {
+			/* already handled in sasl-server.c */
 		} else if (client->set->auth_debug)
 			i_debug("Ignoring unknown passdb extra field: %s", key);
 	}
diff --git a/src/login-common/client-common.h b/src/login-common/client-common.h
index c4c85503e9..769b33a5cd 100644
--- a/src/login-common/client-common.h
+++ b/src/login-common/client-common.h
@@ -113,7 +113,7 @@ struct client {
 	struct ssl_proxy *ssl_proxy;
 	const struct login_settings *set;
 	const struct master_service_ssl_settings *ssl_set;
-	const char *session_id, *listener_name;
+	const char *session_id, *listener_name, *postlogin_socket_path;
 
 	int fd;
 	struct istream *input;
diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
index 3a6e0d25d7..6b7d695930 100644
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -155,6 +155,7 @@ static void master_send_request(struct anvil_request *anvil_request)
 
 	memset(&params, 0, sizeof(params));
 	params.client_fd = client->fd;
+	params.socket_path = client->postlogin_socket_path;
 	params.request = req;
 	params.data = buf->data;
 	master_auth_request_full(master_auth, &params, master_auth_callback,
@@ -246,6 +247,7 @@ authenticate_callback(struct auth_client_request *request,
 		client->auth_request = NULL;
 		client->auth_successes++;
 		client->auth_passdb_args = p_strarray_dup(client->pool, args);
+		client->postlogin_socket_path = NULL;
 
 		nologin = FALSE;
 		for (i = 0; args[i] != NULL; i++) {
@@ -261,6 +263,9 @@ authenticate_callback(struct auth_client_request *request,
 				i_free(client->virtual_auth_user);
 				client->virtual_auth_user =
 					i_strdup(args[i] + 10);
+			} else if (strncmp(args[i], "postlogin_socket=", 17) == 0) {
+				client->postlogin_socket_path =
+					p_strdup(client->pool, args[i] + 17);
 			} else if (strcmp(args[i], "nologin") == 0 ||
 				   strcmp(args[i], "proxy") == 0) {
 				/* user can't login */