From: Timo Sirainen Date: Fri, 21 Nov 2008 12:35:46 +0000 (+0200) Subject: deliver: Allow userdb to change the username. X-Git-Tag: 1.2.alpha4~31 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=52d058e5234181fca90048d5904a151a1ccc8a6b;p=thirdparty%2Fdovecot%2Fcore.git deliver: Allow userdb to change the username. --HG-- branch : HEAD --- diff --git a/src/deliver/auth-client.c b/src/deliver/auth-client.c index 18ea8e9c69..eec24d46e7 100644 --- a/src/deliver/auth-client.c +++ b/src/deliver/auth-client.c @@ -125,7 +125,7 @@ static int set_env(struct auth_user_reply *reply, } int auth_client_lookup_and_restrict(const char *auth_socket, - const char *user, uid_t euid, pool_t pool, + const char **user, uid_t euid, pool_t pool, ARRAY_TYPE(const_string) *extra_fields_r) { struct auth_master_connection *conn; @@ -134,12 +134,13 @@ int auth_client_lookup_and_restrict(const char *auth_socket, int ret = EX_TEMPFAIL; conn = auth_master_init(auth_socket, debug); - switch (auth_master_user_lookup(conn, user, "deliver", pool, &reply)) { + switch (auth_master_user_lookup(conn, *user, "deliver", pool, &reply)) { case 0: ret = EX_NOUSER; break; case 1: - if (set_env(&reply, user, euid) == 0) { + if (set_env(&reply, *user, euid) == 0) { + *user = p_strdup(pool, reply.user); restrict_access_by_env(TRUE); ret = EX_OK; } diff --git a/src/deliver/auth-client.h b/src/deliver/auth-client.h index e48043c77b..2cc3cb0118 100644 --- a/src/deliver/auth-client.h +++ b/src/deliver/auth-client.h @@ -2,7 +2,7 @@ #define AUTH_CLIENT_H int auth_client_lookup_and_restrict(const char *auth_socket, - const char *user, uid_t euid, pool_t pool, + const char **user, uid_t euid, pool_t pool, ARRAY_TYPE(const_string) *extra_fields_r); #endif diff --git a/src/deliver/deliver.c b/src/deliver/deliver.c index 85ea0db135..42a900e9f8 100644 --- a/src/deliver/deliver.c +++ b/src/deliver/deliver.c @@ -814,7 +814,7 @@ int main(int argc, char *argv[]) const char *config_path = DEFAULT_CONFIG_FILE; const char *mailbox = "INBOX"; const char *auth_socket; - const char *home, *destaddr, *user, *value, *errstr, *path; + const char *home, *destaddr, *user, *value, *errstr, *path, *orig_user; ARRAY_TYPE(const_string) extra_fields = ARRAY_INIT; struct mail_user *mail_user, *raw_mail_user; struct mail_namespace *raw_ns; @@ -980,21 +980,30 @@ int main(int argc, char *argv[]) } userdb_pool = pool_alloconly_create("userdb lookup replys", 512); + orig_user = user; ret = auth_client_lookup_and_restrict(auth_socket, - user, process_euid, + &user, process_euid, userdb_pool, &extra_fields); if (ret != 0) return ret; + + if (strcmp(user, orig_user) != 0) { + /* auth lookup changed the user. */ + if (getenv("DEBUG") != NULL) + i_info("userdb changed username to %s", user); + i_set_failure_prefix(t_strdup_printf("deliver(%s): ", + user)); + } } - if (destaddr == NULL) - destaddr = user; expand_envs(user); if (userdb_pool != NULL) { putenv_extra_fields(&extra_fields); pool_unref(&userdb_pool); } + if (destaddr == NULL) + destaddr = user; /* Fix namespaces with empty locations */ for (i = 1;; i++) { diff --git a/src/lib-auth/auth-master.c b/src/lib-auth/auth-master.c index 02e5de3d24..9cc7bb3ce3 100644 --- a/src/lib-auth/auth-master.c +++ b/src/lib-auth/auth-master.c @@ -97,7 +97,8 @@ static void auth_parse_input(struct auth_master_connection *conn, reply->gid = (gid_t)-1; p_array_init(&reply->extra_fields, conn->pool, 64); - for (; *args != NULL; args++) { + reply->user = p_strdup(conn->pool, *args); + for (args++; *args != NULL; args++) { if (conn->debug) i_info("auth input: %s", *args); diff --git a/src/lib-auth/auth-master.h b/src/lib-auth/auth-master.h index 7f1cce7745..4198fa27fd 100644 --- a/src/lib-auth/auth-master.h +++ b/src/lib-auth/auth-master.h @@ -6,7 +6,7 @@ struct auth_user_reply { uid_t uid; gid_t gid; - const char *home, *chroot; + const char *user, *home, *chroot; ARRAY_TYPE(const_string) extra_fields; };