From: Timo Sirainen <tss@iki.fi>
Date: Wed, 14 Apr 2010 16:19:27 +0000 (+0300)
Subject: login: If proxy returns ssl=yes and no port, switch port to imaps/pop3s.
X-Git-Tag: 2.0.beta5~119
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2e2a1d720ed53490e8e5c5031e773d395bd5683d;p=thirdparty%2Fdovecot%2Fcore.git

login: If proxy returns ssl=yes and no port, switch port to imaps/pop3s.

--HG--
branch : HEAD
---

diff --git a/src/imap-login/client.c b/src/imap-login/client.c
index daaa21ba87..1f1ca31970 100644
--- a/src/imap-login/client.c
+++ b/src/imap-login/client.c
@@ -30,7 +30,7 @@
 
 const char *login_protocol = "imap";
 const char *login_process_name = "imap-login";
-unsigned int login_default_port = 143;
+unsigned int login_default_port = 143, login_default_ssl_port = 993;
 
 void login_process_preinit(void)
 {
diff --git a/src/login-common/client-common-auth.c b/src/login-common/client-common-auth.c
index 8c9d588037..918b750fa3 100644
--- a/src/login-common/client-common-auth.c
+++ b/src/login-common/client-common-auth.c
@@ -57,7 +57,6 @@ static void client_auth_parse_args(struct client *client,
 	const char *key, *value, *p;
 
 	memset(reply_r, 0, sizeof(*reply_r));
-	reply_r->port = login_default_port;
 
 	for (; *args != NULL; args++) {
 		p = strchr(*args, '=');
@@ -91,9 +90,11 @@ static void client_auth_parse_args(struct client *client,
 		else if (strcmp(key, "master") == 0)
 			reply_r->master_user = value;
 		else if (strcmp(key, "ssl") == 0) {
-			if (strcmp(value, "yes") == 0)
+			if (strcmp(value, "yes") == 0) {
 				reply_r->ssl_flags |= PROXY_SSL_FLAG_YES;
-			else if (strcmp(value, "any-cert") == 0) {
+				if (reply_r->port == 0)
+					reply_r->port = login_default_ssl_port;
+			} else if (strcmp(value, "any-cert") == 0) {
 				reply_r->ssl_flags |= PROXY_SSL_FLAG_YES |
 					PROXY_SSL_FLAG_ANY_CERT;
 			}
@@ -104,6 +105,8 @@ static void client_auth_parse_args(struct client *client,
 		} else if (client->set->auth_debug)
 			i_debug("Ignoring unknown passdb extra field: %s", key);
 	}
+	if (reply_r->port == 0)
+		reply_r->port = login_default_port;
 
 	if (reply_r->destuser == NULL)
 		reply_r->destuser = client->virtual_user;
diff --git a/src/login-common/login-common.h b/src/login-common/login-common.h
index adacbb5c0b..e2601fe5a2 100644
--- a/src/login-common/login-common.h
+++ b/src/login-common/login-common.h
@@ -13,7 +13,7 @@
 	"Plaintext authentication disallowed on non-secure (SSL/TLS) connections."
 
 extern const char *login_protocol, *login_process_name;
-extern unsigned int login_default_port;
+extern unsigned int login_default_port, login_default_ssl_port;
 
 extern struct auth_client *auth_client;
 extern struct master_auth *master_auth;
diff --git a/src/pop3-login/client.c b/src/pop3-login/client.c
index 11f554620c..025ff305de 100644
--- a/src/pop3-login/client.c
+++ b/src/pop3-login/client.c
@@ -24,7 +24,7 @@
 
 const char *login_protocol = "pop3";
 const char *login_process_name = "pop3-login";
-unsigned int login_default_port = 110;
+unsigned int login_default_port = 110, login_default_ssl_port = 995;
 
 void login_process_preinit(void)
 {