From: Stephan Bosch Date: Thu, 7 Aug 2025 03:22:05 +0000 (+0200) Subject: global: Provide protocol, host and port SASL client settings where possible X-Git-Tag: 2.4.2~140 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8b4123cee10eff6e68a28ac98e304e489c8b0eb0;p=thirdparty%2Fdovecot%2Fcore.git global: Provide protocol, host and port SASL client settings where possible --- diff --git a/src/doveadm/doveadm-auth.c b/src/doveadm/doveadm-auth.c index 3c3992600e..5a92ada87b 100644 --- a/src/doveadm/doveadm-auth.c +++ b/src/doveadm/doveadm-auth.c @@ -340,6 +340,23 @@ static void cmd_auth_init_sasl_client(struct authtest_input *input) } sasl_set.password = input->password; + /* Translate to SASL/GSSAPI/Kerberos service name (IANA-registered) */ + if (strcasecmp(input->info.protocol, "POP3") == 0) + sasl_set.protocol = "pop"; + else if (strcasecmp(input->info.protocol, "Submission") == 0 || + strcasecmp(input->info.protocol, "LMTP") == 0) + sasl_set.protocol = "smtp"; + else + sasl_set.protocol = input->info.protocol; + + if (input->info.local_name != NULL) + sasl_set.host = input->info.local_name; + else if (input->info.local_ip.family != 0) + sasl_set.host = net_ip2addr(&input->info.local_ip); + else + sasl_set.host = "localhost"; + sasl_set.port = input->info.local_port; + input->sasl_client = dsasl_client_new(input->sasl_mech, &sasl_set); dsasl_client_enable_channel_binding( input->sasl_client, SSL_IOSTREAM_PROTOCOL_VERSION_TLS1_3, diff --git a/src/imap-login/imap-proxy.c b/src/imap-login/imap-proxy.c index b890162534..94fefb857f 100644 --- a/src/imap-login/imap-proxy.c +++ b/src/imap-login/imap-proxy.c @@ -154,6 +154,9 @@ static int proxy_write_login(struct imap_client *client, string_t *str) client->common.proxy_master_user : client->common.proxy_user; sasl_set.authzid = client->common.proxy_user; sasl_set.password = client->common.proxy_password; + sasl_set.protocol = "imap"; + sasl_set.host = login_proxy_get_host(client->common.login_proxy); + sasl_set.port = login_proxy_get_port(client->common.login_proxy); client->common.proxy_sasl_client = dsasl_client_new(client->common.proxy_mech, &sasl_set); mech_name = dsasl_client_mech_get_name(client->common.proxy_mech); diff --git a/src/lib-imap-client/imapc-connection.c b/src/lib-imap-client/imapc-connection.c index 590e4c5fac..05ec2136b2 100644 --- a/src/lib-imap-client/imapc-connection.c +++ b/src/lib-imap-client/imapc-connection.c @@ -1117,6 +1117,9 @@ static void imapc_connection_authenticate(struct imapc_connection *conn) sasl_set.authzid = set->imapc_user; } sasl_set.password = conn->client->password; + sasl_set.protocol = "imap"; + sasl_set.host = conn->client->set->imapc_host; + sasl_set.port = conn->client->set->imapc_port; if (sasl_mech == NULL) sasl_mech = &dsasl_client_mech_plain; diff --git a/src/lib-smtp/smtp-client-connection.c b/src/lib-smtp/smtp-client-connection.c index a354d33026..00c12b5f14 100644 --- a/src/lib-smtp/smtp-client-connection.c +++ b/src/lib-smtp/smtp-client-connection.c @@ -950,6 +950,9 @@ smtp_client_connection_authenticate(struct smtp_client_connection *conn) sasl_set.authzid = set->username; } sasl_set.password = set->password; + sasl_set.protocol = "smtp"; + sasl_set.host = conn->host; + sasl_set.port = conn->port; conn->sasl_client = dsasl_client_new(sasl_mech, &sasl_set); diff --git a/src/pop3-login/pop3-proxy.c b/src/pop3-login/pop3-proxy.c index 39e1c8d3f3..4d36a1103c 100644 --- a/src/pop3-login/pop3-proxy.c +++ b/src/pop3-login/pop3-proxy.c @@ -85,6 +85,9 @@ static int proxy_send_login(struct pop3_client *client, struct ostream *output) client->common.proxy_master_user : client->common.proxy_user; sasl_set.authzid = client->common.proxy_user; sasl_set.password = client->common.proxy_password; + sasl_set.protocol = "pop"; + sasl_set.host = login_proxy_get_host(client->common.login_proxy); + sasl_set.port = login_proxy_get_port(client->common.login_proxy); client->common.proxy_sasl_client = dsasl_client_new(client->common.proxy_mech, &sasl_set); mech_name = dsasl_client_mech_get_name(client->common.proxy_mech);