From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Sat, 16 Jan 2016 19:31:55 +0000 (+0200)
Subject: imapc: Added support for PROXYAUTH command by setting imapc_features = proxyauth
X-Git-Tag: 2.2.22.rc1~341
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bd06c77a12bb02871b25dceb749fa955f4a272ff;p=thirdparty%2Fdovecot%2Fcore.git

imapc: Added support for PROXYAUTH command by setting imapc_features = proxyauth

This can be useful when talking to Sun/Oracle IMAP server, which wants you
to use LOGIN+PROXYAUTH to perform master user logins, instead of supporting
the standard SASL PLAIN authentication.
---

diff --git a/src/lib-imap-client/imapc-client.c b/src/lib-imap-client/imapc-client.c
index 638790b2ca..fda363eb8a 100644
--- a/src/lib-imap-client/imapc-client.c
+++ b/src/lib-imap-client/imapc-client.c
@@ -57,6 +57,7 @@ imapc_client_init(const struct imapc_client_settings *set)
 	client->set.username = p_strdup(pool, set->username);
 	client->set.password = p_strdup(pool, set->password);
 	client->set.sasl_mechanisms = p_strdup(pool, set->sasl_mechanisms);
+	client->set.use_proxyauth = set->use_proxyauth;
 	client->set.dns_client_socket_path =
 		p_strdup(pool, set->dns_client_socket_path);
 	client->set.temp_path_prefix =
diff --git a/src/lib-imap-client/imapc-client.h b/src/lib-imap-client/imapc-client.h
index 9a0775cbd2..1b3010cba5 100644
--- a/src/lib-imap-client/imapc-client.h
+++ b/src/lib-imap-client/imapc-client.h
@@ -73,6 +73,7 @@ struct imapc_client_settings {
 	/* Space-separated list of SASL mechanisms to try (in the specified
 	   order). The default is to use only LOGIN command or SASL PLAIN. */
 	const char *sasl_mechanisms;
+	bool use_proxyauth; /* Use Sun/Oracle PROXYAUTH command */
 	unsigned int max_idle_time;
 
 	const char *dns_client_socket_path;
diff --git a/src/lib-imap-client/imapc-connection.c b/src/lib-imap-client/imapc-connection.c
index 97fb5d26a6..4368c3e64f 100644
--- a/src/lib-imap-client/imapc-connection.c
+++ b/src/lib-imap-client/imapc-connection.c
@@ -753,6 +753,25 @@ static void imapc_connection_login_cb(const struct imapc_command_reply *reply,
 	imapc_connection_auth_finish(conn, reply);
 }
 
+static void
+imapc_connection_proxyauth_login_cb(const struct imapc_command_reply *reply,
+				    void *context)
+{
+	struct imapc_connection *conn = context;
+	const struct imapc_client_settings *set = &conn->client->set;
+	struct imapc_command *cmd;
+
+	if (reply->state == IMAPC_COMMAND_STATE_OK) {
+		cmd = imapc_connection_cmd(conn, imapc_connection_login_cb,
+					   conn);
+		imapc_command_set_flags(cmd, IMAPC_COMMAND_FLAG_PRELOGIN);
+		imapc_command_sendf(cmd, "PROXYAUTH %s", set->username);
+		imapc_command_send_more(conn);
+	} else {
+		imapc_connection_auth_finish(conn, reply);
+	}
+}
+
 static void
 imapc_connection_authenticate_cb(const struct imapc_command_reply *reply,
 				 void *context)
@@ -861,6 +880,15 @@ static void imapc_connection_authenticate(struct imapc_connection *conn)
 		}
 	}
 
+	if (set->use_proxyauth && set->master_user != NULL) {
+		/* We can use LOGIN command */
+		cmd = imapc_connection_cmd(conn, imapc_connection_proxyauth_login_cb,
+					   conn);
+		imapc_command_set_flags(cmd, IMAPC_COMMAND_FLAG_PRELOGIN);
+		imapc_command_sendf(cmd, "LOGIN %s %s",
+				    set->master_user, set->password);
+		return;
+	}
 	if (sasl_mech == NULL &&
 	    ((set->master_user == NULL &&
 	      !need_literal(set->username) && !need_literal(set->password)) ||
diff --git a/src/lib-storage/index/imapc/imapc-settings.c b/src/lib-storage/index/imapc/imapc-settings.c
index b47af9313e..9bf13660f9 100644
--- a/src/lib-storage/index/imapc/imapc-settings.c
+++ b/src/lib-storage/index/imapc/imapc-settings.c
@@ -88,6 +88,7 @@ static const struct imapc_feature_list imapc_feature_list[] = {
 	{ "search", IMAPC_FEATURE_SEARCH },
 	{ "zimbra-workarounds", IMAPC_FEATURE_ZIMBRA_WORKAROUNDS },
 	{ "no-examine", IMAPC_FEATURE_NO_EXAMINE },
+	{ "proxyauth", IMAPC_FEATURE_PROXYAUTH },
 	{ NULL, 0 }
 };
 
diff --git a/src/lib-storage/index/imapc/imapc-settings.h b/src/lib-storage/index/imapc/imapc-settings.h
index 34b107716b..048ac989aa 100644
--- a/src/lib-storage/index/imapc/imapc-settings.h
+++ b/src/lib-storage/index/imapc/imapc-settings.h
@@ -11,7 +11,8 @@ enum imapc_features {
 	IMAPC_FEATURE_GMAIL_MIGRATION		= 0x08,
 	IMAPC_FEATURE_SEARCH			= 0x10,
 	IMAPC_FEATURE_ZIMBRA_WORKAROUNDS	= 0x20,
-	IMAPC_FEATURE_NO_EXAMINE		= 0x40
+	IMAPC_FEATURE_NO_EXAMINE		= 0x40,
+	IMAPC_FEATURE_PROXYAUTH			= 0x80
 };
 /* </settings checks> */
 
diff --git a/src/lib-storage/index/imapc/imapc-storage.c b/src/lib-storage/index/imapc/imapc-storage.c
index 0670c260cb..217d2fbe2f 100644
--- a/src/lib-storage/index/imapc/imapc-storage.c
+++ b/src/lib-storage/index/imapc/imapc-storage.c
@@ -265,6 +265,7 @@ int imapc_storage_client_create(struct mail_namespace *ns,
 		return -1;
 	}
 	set.sasl_mechanisms = imapc_set->imapc_sasl_mechanisms;
+	set.use_proxyauth = (imapc_set->parsed_features & IMAPC_FEATURE_PROXYAUTH) != 0;
 	set.max_idle_time = imapc_set->imapc_max_idle_time;
 	set.dns_client_socket_path = *ns->user->set->base_dir == '\0' ? "" :
 		t_strconcat(ns->user->set->base_dir, "/",