dovecot-2.2: auth: Removed destuser check from proxy_maybe's "se...
dovecot at dovecot.org
dovecot at dovecot.org
Mon Feb 27 11:48:25 EET 2012
details: http://hg.dovecot.org/dovecot-2.2/rev/93dc749e1668
changeset: 14224:93dc749e1668
user: Timo Sirainen <tss at iki.fi>
date: Mon Feb 27 11:48:18 2012 +0200
description:
auth: Removed destuser check from proxy_maybe's "self" check.
diffstat:
src/auth/auth-request.c | 15 ++++++++++-----
1 files changed, 10 insertions(+), 5 deletions(-)
diffs (37 lines):
diff -r ca0ef6efe583 -r 93dc749e1668 src/auth/auth-request.c
--- a/src/auth/auth-request.c Mon Feb 27 11:37:02 2012 +0200
+++ b/src/auth/auth-request.c Mon Feb 27 11:48:18 2012 +0200
@@ -1431,23 +1431,28 @@
static bool auth_request_proxy_is_self(struct auth_request *request)
{
- const char *const *tmp, *port = NULL, *destuser = NULL;
+ const char *const *tmp, *port = NULL;
if (!request->proxy_host_is_self)
return FALSE;
+ /* check if the port is the same */
tmp = auth_stream_split(request->extra_fields);
for (; *tmp != NULL; tmp++) {
if (strncmp(*tmp, "port=", 5) == 0)
port = *tmp + 5;
- else if (strncmp(*tmp, "destuser=", 9) == 0)
- destuser = *tmp + 9;
}
if (port != NULL && !str_uint_equals(port, request->local_port))
return FALSE;
- return destuser == NULL ||
- strcmp(destuser, request->original_username) == 0;
+ /* don't check destuser. in some systems destuser is intentionally
+ changed to proxied connections, but that shouldn't affect the
+ proxying decision.
+
+ it's unlikely any systems would actually want to proxy a connection
+ to itself only to change the username, since it can already be done
+ without proxying by changing the "user" field. */
+ return TRUE;
}
static bool
More information about the dovecot-cvs
mailing list