Sending the local TCP port with Dovecot SASL

Sun, 15 Jan 2012 21:24:23 -0800 

Hello Postfix developpers,

When Postfix sends a SASL authentication request to Dovecot,
it includes the local IP address and remote IP address of the TCP
connection. Dovecot also supports receiving the local and remote TCP
ports (and other things besides) but Postfix doesn't send them.

I have a use case where Postfix is listining on hundreds of different
TCP ports, and Dovecot needs to know on which SMTP server the connection
was received in order to authenticate the user.

It isn't difficult to add the local TCP port number to the Dovecot
SASL request. May I suggest that this be added?

-Phil

diff --git a/src/xsasl/xsasl_dovecot_server.c b/src/xsasl/xsasl_dovecot_server.c
index 6c75dc9..03e1b38 100644
--- a/src/xsasl/xsasl_dovecot_server.c
+++ b/src/xsasl/xsasl_dovecot_server.c
@@ -165,7 +165,8 @@ typedef struct {
     char   *mechanism_list;		/* filtered mechanism list */
     ARGV   *mechanism_argv;		/* ditto */
     char   *client_addr;		/* remote IP address */
-    char   *server_addr;		/* remote IP address */
+    char   *server_addr;		/* local IP address */
+    char   *server_port;		/* local TCP port */
 } XSASL_DOVECOT_SERVER;
 
  /*
@@ -403,6 +404,7 @@ static XSASL_SERVER *xsasl_dovecot_server_create(XSASL_SERVER_IMPL *impl,
     struct sockaddr *sa = (struct sockaddr *) & ss;
     SOCKADDR_SIZE salen;
     MAI_HOSTADDR_STR server_addr;
+    MAI_SERVPORT_STR server_port;
 
     if (msg_verbose)
 	msg_info("%s: SASL service=%s, realm=%s",
@@ -442,9 +444,12 @@ static XSASL_SERVER *xsasl_dovecot_server_create(XSASL_SERVER_IMPL *impl,
     } else {
 	salen = sizeof(ss);
 	if (getsockname(vstream_fileno(args->stream), sa, &salen) < 0
-	    || sockaddr_to_hostaddr(sa, salen, &server_addr, 0, 0) != 0)
+	    || sockaddr_to_hostaddr(sa, salen, &server_addr, &server_port, 0) != 0) {
 	    server_addr.buf[0] = 0;
+	    server_port.buf[0] = 0;
+	}
 	server->server_addr = mystrdup(server_addr.buf);
+	server->server_port = mystrdup(server_port.buf);
     }
 
     return (&server->xsasl);
@@ -643,9 +648,9 @@ int     xsasl_dovecot_server_first(XSASL_SERVER *xp, const char *sasl_method,
 	server->last_request_id = ++server->impl->request_id_counter;
 	/* XXX Encapsulate for logging. */
 	vstream_fprintf(server->impl->sasl_stream,
-			"AUTH\t%u\t%s\tservice=%s\tnologin\tlip=%s\trip=%s",
+			"AUTH\t%u\t%s\tservice=%s\tnologin\tlip=%s\tlport=%s\trip=%s",
 			server->last_request_id, sasl_method,
-			server->service, server->server_addr,
+			server->service, server->server_addr, server->server_port,
 			server->client_addr);
 	if (server->tls_flag)
 	    /* XXX Encapsulate for logging. */

Reply via email to