dovecot-2.2: imap urlauth: Don't autofill imap_urlauth_host. Use...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.2/rev/8d8880296645
changeset: 15219:8d8880296645
user:      Timo Sirainen <tss at iki.fi>
date:      Sat Oct 13 01:36:13 2012 +0300
description:
imap urlauth: Don't autofill imap_urlauth_host. Use "*" value to mean "any host".

diffstat:

 src/imap-urlauth/imap-urlauth-worker.c |   7 +++++--
 src/imap/imap-client.c                 |   2 +-
 src/lib-imap-urlauth/imap-urlauth.c    |  13 ++++++++-----
 3 files changed, 14 insertions(+), 8 deletions(-)

diffs (72 lines):

diff -r 22c22d704422 -r 8d8880296645 src/imap-urlauth/imap-urlauth-worker.c
--- a/src/imap-urlauth/imap-urlauth-worker.c	Sat Oct 13 01:09:37 2012 +0300
+++ b/src/imap-urlauth/imap-urlauth-worker.c	Sat Oct 13 01:36:13 2012 +0300
@@ -634,8 +634,11 @@
 	}
 
 	/* initialize urlauth context */
-	if (set->imap_urlauth_dict == NULL || *set->imap_urlauth_dict == '\0') {
-		i_error("imap_urlauth_dict setting is not configured for user %s",
+	if (*set->imap_urlauth_host == '\0' ||
+	    *set->imap_urlauth_dict == '\0') {
+		i_error("%s setting is not configured for user %s",
+			*set->imap_urlauth_host == '\0' ?
+			"imap_urlauth_host" : "imap_urlauth_dict",
 			mail_user->username);
 		client_send_line(client, "NO");
 		client_abort(client, "Session aborted: URLAUTH not configured");
diff -r 22c22d704422 -r 8d8880296645 src/imap/imap-client.c
--- a/src/imap/imap-client.c	Sat Oct 13 01:09:37 2012 +0300
+++ b/src/imap/imap-client.c	Sat Oct 13 01:36:13 2012 +0300
@@ -129,7 +129,7 @@
 		str_append(client->capability_string, " NOTIFY");
 	}
 
-	if (set->imap_urlauth_dict != NULL && *set->imap_urlauth_dict != '\0') {
+	if (*set->imap_urlauth_host != '\0' && *set->imap_urlauth_dict != '\0') {
 		if (client_init_urlauth(client) == 0 &&
 		    !explicit_capability) {
 			/* Enable URLAUTH capability only when dict is
diff -r 22c22d704422 -r 8d8880296645 src/lib-imap-urlauth/imap-urlauth.c
--- a/src/lib-imap-urlauth/imap-urlauth.c	Sat Oct 13 01:09:37 2012 +0300
+++ b/src/lib-imap-urlauth/imap-urlauth.c	Sat Oct 13 01:36:13 2012 +0300
@@ -26,6 +26,8 @@
 #define IMAP_URLAUTH_NORMAL_TIMEOUT_MSECS     5*1000
 #define IMAP_URLAUTH_SPECIAL_TIMEOUT_MSECS    3*60*1000
 
+#define URL_HOST_ALLOW_ANY "*"
+
 int imap_urlauth_init(struct mail_user *user,
 		      const struct imap_urlauth_config *config,
 		      struct imap_urlauth_context **ctx_r)
@@ -34,16 +36,16 @@
 	struct imap_urlauth_context *uctx;
 	unsigned int timeout;
 
+	i_assert(*config->url_host != '\0');
+	i_assert(*config->dict_uri != '\0');
+
 	if (imap_urlauth_backend_create(user, config->dict_uri, &backend) < 0)
 		return -1;
 
 	uctx = i_new(struct imap_urlauth_context, 1);
 	uctx->user = user;
 	uctx->backend = backend;
-	if (config->url_host != NULL && *config->url_host != '\0')
-		uctx->url_host = i_strdup(config->url_host);
-	else
-		uctx->url_host = i_strdup(my_hostdomain());
+	uctx->url_host = i_strdup(config->url_host);
 	uctx->url_port = config->url_port;
 
 	if (config->access_anonymous)
@@ -210,7 +212,8 @@
 {
 	/* validate host */
 	/* FIXME: allow host ip/ip6 as well? */
-	if (strcmp(url->host_name, uctx->url_host) != 0) {
+	if (strcmp(uctx->url_host, URL_HOST_ALLOW_ANY) != 0 &&
+	    strcmp(url->host_name, uctx->url_host) != 0) {
 		*error_r = "Invalid URL: Inappropriate host name";
 		return FALSE;
 	}