[Dovecot] Ignored proxy_maybe var and no local login when "host = Proxy FQDN"

Timo Sirainen tss at iki.fi
Sat Mar 26 01:35:22 EET 2011

On Fri, 2011-03-25 at 17:56 -0430, Olaf Reitmaier Veracierta wrote:

> The dovecot-ldap.conf of "proxy server A" is working when the "host"
> attribute is the FQDN of other server:
> pass_attrs = uid=user,userPassword={SSHA}password,\
>     =proxy_maybe=,maildrop=host,=port=143,=destuser=%u,=starttls=any-cert
> pass_filter = (&(objectClass=posixAccount)(uid=%u))
> The modifications appears here and reveals problems with the call to
> net_addr2ip(host, &ip) in auth_request_proxy_is_self:

Yeah. The main problem is that this loop detection code is in auth
process, which won't be doing any DNS lookups. I already once tried
moving it to login process code where it belongs to, but I failed back
then. Hmm. Maybe because request->original_username isn't available to
login processes. But I guess it could be set back.

Anyway, I think it's a bit too dangerous to go change this logic too
much for v2.0. For v2.1 I guess this could be fixed (and you could
easily backport that patch then).

More information about the dovecot mailing list