From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Sun, 4 Jul 2021 22:37:46 +0000 (+0200)
Subject: submission-login: submission-proxy - Optionally send XCLIENT LOGIN to backend and... 
X-Git-Tag: 2.3.17~261
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c096b7fd7761024888ad4a8e7d057231a94e1a7b;p=thirdparty%2Fdovecot%2Fcore.git

submission-login: submission-proxy - Optionally send XCLIENT LOGIN to backend and skip authentication.

This behavior is enabled by returning proxy_noauth from passdb.
---

diff --git a/src/submission-login/submission-proxy.c b/src/submission-login/submission-proxy.c
index 53280c7844..778b814637 100644
--- a/src/submission-login/submission-proxy.c
+++ b/src/submission-login/submission-proxy.c
@@ -153,6 +153,19 @@ proxy_send_xclient(struct submission_client *client, struct ostream *output)
 		}
 		proxy_send_xclient_more(client, output, str, "PROTO", proto);
 	}
+	if (client->common.proxy_noauth &&
+	    str_array_icase_find(client->proxy_xclient, "LOGIN")) {
+		if (proxy_data.login != NULL) {
+			proxy_send_xclient_more(client, output, str, "LOGIN",
+						proxy_data.login);
+		} else if (client->common.virtual_user != NULL) {
+			proxy_send_xclient_more(client, output, str, "LOGIN",
+						client->common.virtual_user);
+		} else {
+			proxy_send_xclient_more(client, output, str, "LOGIN",
+						"[UNAVAILABLE]");
+		}
+	}
 	if (str_array_icase_find(client->proxy_xclient, "TTL")) {
 		proxy_send_xclient_more(
 			client, output, str, "TTL",
@@ -247,6 +260,7 @@ static int
 proxy_handle_ehlo_reply(struct submission_client *client,
 			struct ostream *output)
 {
+	struct smtp_server_cmd_ctx *cmd = client->pending_auth;
 	int ret;
 
 	switch (client->proxy_state) {
@@ -276,6 +290,18 @@ proxy_handle_ehlo_reply(struct submission_client *client,
 		i_unreached();
 	}
 
+	if (client->common.proxy_noauth) {
+		smtp_server_connection_input_lock(cmd->conn);
+
+		smtp_server_command_add_hook(
+			cmd->cmd, SMTP_SERVER_COMMAND_HOOK_DESTROY,
+			submission_proxy_success_reply_sent, client);
+		client->pending_auth = NULL;
+
+		smtp_server_reply(cmd, 235, "2.7.0", "Logged in.");
+		return 1;
+	}
+
 	return proxy_send_login(client, output);
 }