dovecot-2.2: imap-urlauth: Fixes to handling anonymous user

dovecot at dovecot.org dovecot at dovecot.org
Sun Sep 16 16:02:59 EEST 2012 

details:   http://hg.dovecot.org/dovecot-2.2/rev/7e1f0146169f
changeset: 15076:7e1f0146169f
user:      Stephan Bosch <stephan at rename-it.nl>
date:      Sun Sep 16 16:02:15 2012 +0300
description:
imap-urlauth: Fixes to handling anonymous user

diffstat:

 src/imap-urlauth/imap-urlauth-worker.c      |   4 +++-
 src/imap/imap-client.c                      |   4 ++--
 src/lib-imap-urlauth/imap-urlauth-private.h |   2 ++
 src/lib-imap-urlauth/imap-urlauth.c         |  17 ++++++++++-------
 src/lib-imap-urlauth/imap-urlauth.h         |   1 +
 5 files changed, 18 insertions(+), 10 deletions(-)

diffs (131 lines):

diff -r 009d19d5f0f1 -r 7e1f0146169f src/imap-urlauth/imap-urlauth-worker.c
--- a/src/imap-urlauth/imap-urlauth-worker.c	Sun Sep 16 16:02:11 2012 +0300
+++ b/src/imap-urlauth/imap-urlauth-worker.c	Sun Sep 16 16:02:15 2012 +0300
@@ -73,9 +73,9 @@
 
 	unsigned int debug:1;
 	unsigned int finished:1;
+	unsigned int waiting_input:1;
 	unsigned int version_received:1;
 	unsigned int access_received:1;
-	unsigned int waiting_input:1;
 	unsigned int access_anonymous:1;
 };
 
@@ -639,6 +639,7 @@
 	config.url_host = set->imap_urlauth_host;
 	config.url_port = set->imap_urlauth_port;
 	config.access_user = client->access_user;
+	config.access_anonymous = client->access_anonymous;
 	config.access_applications =
 		(const void *)array_get(&client->access_apps, &count);
 		
@@ -873,6 +874,7 @@
 		client->access_user = i_strdup(*args);
 		client->access_anonymous = FALSE;
 	} else {
+		client->access_user = i_strdup("anonymous");
 		client->access_anonymous = TRUE;
 	}
 	i_set_failure_prefix(t_strdup_printf("imap-urlauth[%s](%s): ", my_pid,
diff -r 009d19d5f0f1 -r 7e1f0146169f src/imap/imap-client.c
--- a/src/imap/imap-client.c	Sun Sep 16 16:02:11 2012 +0300
+++ b/src/imap/imap-client.c	Sun Sep 16 16:02:15 2012 +0300
@@ -50,8 +50,8 @@
 	config.socket_path = t_strconcat(client->user->set->base_dir,
 					 "/"IMAP_URLAUTH_SOCKET_NAME, NULL);
 	config.session_id = client->session_id;
-	config.access_user = client->user->anonymous ? NULL :
-		client->user->username;
+	config.access_anonymous = client->user->anonymous;
+	config.access_user = client->user->username;
 
 	return imap_urlauth_init(client->user, &config, &client->urlauth_ctx);
 }
diff -r 009d19d5f0f1 -r 7e1f0146169f src/lib-imap-urlauth/imap-urlauth-private.h
--- a/src/lib-imap-urlauth/imap-urlauth-private.h	Sun Sep 16 16:02:11 2012 +0300
+++ b/src/lib-imap-urlauth/imap-urlauth-private.h	Sun Sep 16 16:02:15 2012 +0300
@@ -13,6 +13,8 @@
 
 	char *access_user;
 	const char **access_applications;
+
+	unsigned int access_anonymous:1;
 };
 
 #endif
diff -r 009d19d5f0f1 -r 7e1f0146169f src/lib-imap-urlauth/imap-urlauth.c
--- a/src/lib-imap-urlauth/imap-urlauth.c	Sun Sep 16 16:02:11 2012 +0300
+++ b/src/lib-imap-urlauth/imap-urlauth.c	Sun Sep 16 16:02:15 2012 +0300
@@ -45,8 +45,11 @@
 		uctx->url_host = i_strdup(my_hostdomain());
 	uctx->url_port = config->url_port;
 
-	if (config->access_user != NULL && *config->access_user != '\0')
+	if (config->access_anonymous)
+		uctx->access_user = i_strdup("anonymous");
+	else
 		uctx->access_user = i_strdup(config->access_user);
+	uctx->access_anonymous = config->access_anonymous;
 	if (config->access_applications != NULL &&
 	    *config->access_applications != NULL) {
 		uctx->access_applications =
@@ -160,9 +163,9 @@
 
 	if (strcasecmp(url->uauth_access_application, "user") == 0) {
 		/* user+<access_user> */
-		if (uctx->access_user == NULL ||
+		if (uctx->access_anonymous ||
 		    strcasecmp(url->uauth_access_user, uctx->access_user) != 0)  {
-			if (uctx->access_user == NULL) {
+			if (uctx->access_anonymous) {
 				*error_r = t_strdup_printf(
 					"No 'user+%s' access allowed for anonymous user",
 					url->uauth_access_user);
@@ -174,7 +177,7 @@
 		}
 	} else if (strcasecmp(url->uauth_access_application, "authuser") == 0) {
 		/* authuser */
-		if (uctx->access_user == NULL) {
+		if (uctx->access_anonymous) {
 			*error_r = "No 'authuser' access allowed for anonymous user";
 			return FALSE;
 		}
@@ -185,7 +188,7 @@
 		const char *userid = url->uauth_access_user == NULL ? "" :
 			t_strdup_printf("+%s", url->uauth_access_user);
 
-		if (uctx->access_user == NULL) {
+		if (uctx->access_anonymous) {
 			*error_r = t_strdup_printf(
 				"No '%s%s' access allowed for anonymous user",
 				url->uauth_access_application, userid);
@@ -269,7 +272,7 @@
 		*error_r = "Invalid URL: Missing user name";
 		return 0;
 	}
-	if (strcmp(url->userid, user->username) != 0) {
+	if (user->anonymous || strcmp(url->userid, user->username) != 0) {
 		*error_r = t_strdup_printf(
 			"Not permitted to generate URLAUTH for user %s",
 			url->userid);
@@ -373,7 +376,7 @@
 	}
 
 	/* validate target user */
-	if (strcmp(url->userid, user->username) != 0) {
+	if (user->anonymous || strcmp(url->userid, user->username) != 0) {
 		*error_r = t_strdup_printf("Not permitted to fetch URLAUTH for user %s",
 					   url->userid);
 		*error_code_r = MAIL_ERROR_PARAMS;
diff -r 009d19d5f0f1 -r 7e1f0146169f src/lib-imap-urlauth/imap-urlauth.h
--- a/src/lib-imap-urlauth/imap-urlauth.h	Sun Sep 16 16:02:11 2012 +0300
+++ b/src/lib-imap-urlauth/imap-urlauth.h	Sun Sep 16 16:02:15 2012 +0300
@@ -18,6 +18,7 @@
 
 	const char *access_user;
 	const char *const *access_applications;
+	bool access_anonymous;
 };
 
 int imap_urlauth_init(struct mail_user *user,

More information about the dovecot-cvs mailing list