← Back to branch summary

~ubuntu-branches/ubuntu/utopic/dovecot/utopic-proposed

« back to all changes in this revision

Viewing changes to src/login-common/main.c

  • Committer: Package Import Robot
  • Author(s): James Page
  • Date: 2014-01-08 09:35:49 UTC
  • mfrom: (4.1.35 sid)
  • Revision ID: package-import@ubuntu.com-20140108093549-i72o93pux8p0dlaf
Tags: 1:2.2.9-1ubuntu1
* Merge from Debian unstable, remaining changes:
  + Add mail-stack-delivery package:
    - Update d/rules
    - d/control: convert existing dovecot-postfix package to a dummy
      package and add new mail-stack-delivery package.
    - Update maintainer scripts.
    - Rename d/dovecot-postfix.* to debian/mail-stack-delivery.*
    - d/mail-stack-delivery.preinst: Move previously installed backups and
      config files to a new package namespace.
    - d/mail-stack-delivery.prerm: Added to handle downgrades.
  + Use Snakeoil SSL certificates by default:
    - d/control: Depend on ssl-cert.
    - d/dovecot-core.postinst: Relax grep for SSL_* a bit.
  + Add autopkgtest to debian/tests/*.
  + Add ufw integration:
    - d/dovecot-core.ufw.profile: new ufw profile.
    - d/rules: install profile in dovecot-core.
    - d/control: dovecot-core - suggest ufw.
  + d/dovecot-core.dirs: Added usr/share/doc/dovecot-core
  + Add apport hook:
    - d/rules, d/source_dovecot.py
  + Add upstart job:
    - d/rules, d/dovecot-core.dovecot.upstart, d/control,
      d/dovecot-core.dirs, dovecot-imapd.{postrm, postinst, prerm},
      d/dovecot-pop3d.{postinst, postrm, prerm}.
      d/mail-stack-deliver.postinst: Convert init script to upstart.
  + Use the autotools-dev dh addon to update config.guess/config.sub for
    arm64.
* Dropped changes, included in Debian:
  - Update Dovecot name to reflect distribution in login greeting.
  - Update Drac plugin for >= 2.0.0 support.
* d/control: Drop dovecot-postfix package as its no longer required.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/login-common/main.c
1
 
/* Copyright (c) 2002-2012 Dovecot authors, see the included COPYING file */
 
1
/* Copyright (c) 2002-2013 Dovecot authors, see the included COPYING file */
2
2
 
3
3
#include "login-common.h"
4
4
#include "ioloop.h"
13
13
#include "access-lookup.h"
14
14
#include "anvil-client.h"
15
15
#include "auth-client.h"
 
16
#include "dsasl-client.h"
 
17
#include "master-service-ssl-settings.h"
16
18
#include "ssl-proxy.h"
17
19
#include "login-proxy.h"
18
20
 
20
22
#include <unistd.h>
21
23
#include <syslog.h>
22
24
 
23
 
#define DEFAULT_LOGIN_SOCKET "login"
24
25
#define AUTH_CLIENT_IDLE_TIMEOUT_MSECS (1000*60)
25
26
 
26
27
struct login_access_lookup {
40
41
unsigned int initial_service_count;
41
42
 
42
43
const struct login_settings *global_login_settings;
 
44
const struct master_service_ssl_settings *global_ssl_settings;
43
45
void **global_other_settings;
44
46
 
45
47
static struct timeout *auth_client_to;
62
64
        } else if (clients_get_count() > 1 || client == NULL) {
63
65
                process_title_set(t_strdup_printf("[%u connections (%u TLS)]",
64
66
                        clients_get_count(), ssl_proxy_get_count()));
65
 
        } else if ((addr = net_ip2addr(&client->ip)) != NULL) {
66
 
                process_title_set(t_strdup_printf(client->tls ?
67
 
                                                  "[%s TLS]" : "[%s]", addr));
68
67
        } else {
69
 
                process_title_set(client->tls ? "[TLS]" : "");
 
68
                addr = net_ip2addr(&client->ip);
 
69
                if (addr[0] != '\0') {
 
70
                        process_title_set(t_strdup_printf(client->tls ?
 
71
                                "[%s TLS]" : "[%s]", addr));
 
72
                } else {
 
73
                        process_title_set(client->tls ? "[TLS]" : "");
 
74
                }
70
75
        }
71
76
}
72
77
 
105
110
        struct ssl_proxy *proxy;
106
111
        struct ip_addr local_ip;
107
112
        const struct login_settings *set;
 
113
        const struct master_service_ssl_settings *ssl_set;
108
114
        unsigned int local_port;
109
115
        pool_t pool;
110
116
        int fd_ssl;
117
123
 
118
124
        pool = pool_alloconly_create("login client", 8*1024);
119
125
        set = login_settings_read(pool, &local_ip,
120
 
                                  &conn->remote_ip, NULL, &other_sets);
 
126
                                  &conn->remote_ip, NULL, &ssl_set, &other_sets);
121
127
 
122
128
        if (!ssl_connections && !conn->ssl) {
123
 
                client = client_create(conn->fd, FALSE, pool, set, other_sets,
 
129
                client = client_create(conn->fd, FALSE, pool,
 
130
                                       set, ssl_set, other_sets,
124
131
                                       &local_ip, &conn->remote_ip);
125
132
        } else {
126
 
                fd_ssl = ssl_proxy_alloc(conn->fd, &conn->remote_ip, pool, set,
127
 
                                         &proxy);
 
133
                fd_ssl = ssl_proxy_alloc(conn->fd, &conn->remote_ip, pool,
 
134
                                         set, ssl_set, &proxy);
128
135
                if (fd_ssl == -1) {
129
136
                        net_disconnect(conn->fd);
130
137
                        pool_unref(&pool);
132
139
                        return;
133
140
                }
134
141
 
135
 
                client = client_create(fd_ssl, TRUE, pool, set, other_sets,
 
142
                client = client_create(fd_ssl, TRUE, pool,
 
143
                                       set, ssl_set, other_sets,
136
144
                                       &local_ip, &conn->remote_ip);
137
145
                client->ssl_proxy = proxy;
138
146
                ssl_proxy_set_client(proxy, client);
139
147
                ssl_proxy_start(proxy);
140
148
        }
141
149
 
142
 
        client->remote_port = conn->remote_port;
143
 
        client->local_port = local_port;
 
150
        client->real_remote_port = client->remote_port = conn->remote_port;
 
151
        client->real_local_port = client->local_port = local_port;
144
152
 
145
153
        if (auth_client_to != NULL)
146
154
                timeout_remove(&auth_client_to);
277
285
        /* Initialize SSL proxy so it can read certificate and private
278
286
           key file. */
279
287
        ssl_proxy_init();
 
288
        dsasl_clients_init();
280
289
 
281
290
        /* set the number of fds we want to use. it may get increased or
282
291
           decreased. leave a couple of extra fds for auth sockets and such.
294
303
        restrict_fd_limit(max_fds);
295
304
        io_loop_set_max_fd_count(current_ioloop, max_fds);
296
305
 
297
 
        i_assert(strcmp(global_login_settings->ssl, "no") == 0 ||
 
306
        i_assert(strcmp(global_ssl_settings->ssl, "no") == 0 ||
298
307
                 ssl_initialized);
299
308
 
300
309
        if (global_login_settings->mail_max_userip_connections > 0) {
352
361
                anvil_client_deinit(&anvil);
353
362
        if (auth_client_to != NULL)
354
363
                timeout_remove(&auth_client_to);
 
364
        dsasl_clients_deinit();
355
365
        login_settings_deinit();
356
366
}
357
367
 
360
370
{
361
371
        enum master_service_flags service_flags =
362
372
                MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN |
363
 
                MASTER_SERVICE_FLAG_TRACK_LOGIN_STATE;
 
373
                MASTER_SERVICE_FLAG_TRACK_LOGIN_STATE |
 
374
                MASTER_SERVICE_FLAG_USE_SSL_SETTINGS |
 
375
                MASTER_SERVICE_FLAG_NO_SSL_INIT;
364
376
        pool_t set_pool;
365
377
        bool allow_core_dumps = FALSE;
366
 
        const char *login_socket = DEFAULT_LOGIN_SOCKET;
 
378
        const char *login_socket;
367
379
        int c;
368
380
 
369
381
        login_binary = binary;
 
382
        login_socket = binary->default_login_socket != NULL ?
 
383
                binary->default_login_socket : LOGIN_DEFAULT_SOCKET;
370
384
 
371
385
        master_service = master_service_init(login_binary->process_name,
372
386
                                             service_flags, &argc, &argv,
397
411
        set_pool = pool_alloconly_create("global login settings", 4096);
398
412
        global_login_settings =
399
413
                login_settings_read(set_pool, NULL, NULL, NULL,
 
414
                                    &global_ssl_settings,
400
415
                                    &global_other_settings);
401
416
 
402
417
        main_preinit(allow_core_dumps);