On Sat, Nov 03, 2007 at 11:22:43PM +0200, Timo Sirainen wrote:
> On Sat, 2007-11-03 at 17:25 +0530, Abhijit Hoskeri wrote:
> I hadn't actually even thought this far. My main concern was that the
> DNS lookups are synchronous without a separate library.
>
> > * When you say auth-worker processes, do you mean I need to create a
> > separate helper program just to do DNS lookups?
>
> No, I mean some passdbs in Dovecot are already set with blocking=TRUE
> flag, in which case Dovecot uses separate "dovecot-auth -w" processes to
> handle them.
This is what I have come up with: (attached) proxy-host.diff
Also there at : http://deeproot.in/~abhijit/proxy-host.diff
It works for me, after a little testing. Hope I have done it at the
right place.
-Abhijit
diff -r ac0e7f713d70 src/auth/auth-request.c
--- a/src/auth/auth-request.c Mon Oct 29 22:59:49 2007 +0200
+++ b/src/auth/auth-request.c Tue Nov 06 17:21:36 2007 +0530
@@ -1040,8 +1040,17 @@ void auth_request_set_field(struct auth_
request->proxy = TRUE;
request->no_login = TRUE;
value = NULL;
- }
-
+ } else if (strcmp(name, "host") == 0) {
+ if ((value = resolve_proxy_host_maybe(value)) != NULL)
+ i_info("resolved host: %s", value);
+ else
+ value = NULL;
+
+ if (request->extra_fields == NULL)
+ request->extra_fields =
auth_stream_reply_init(request);
+ auth_stream_reply_add(request->extra_fields, name,
value);
+ }
+
if (request->extra_fields == NULL)
request->extra_fields = auth_stream_reply_init(request);
auth_stream_reply_add(request->extra_fields, name, value);
@@ -1058,6 +1067,38 @@ void auth_request_set_field(struct auth_
auth_stream_reply_add(request->extra_cache_fields, name, value);
}
}
+
+const char * resolve_proxy_host_maybe(const char * host) {
+ struct ip_addr * ip_list;
+ struct ip_addr ip;
+ unsigned int ret, ips_count;
+
+ if (net_addr2ip(host, &ip) < 0) {
+ i_info("resolve_maybe: %s is not a valid IP, must be a name",
+ host);
+
+ ret = net_gethostbyname(host, &ip_list, &ips_count);
+
+ if (ret != 0) {
+ i_fatal("resolve_maybe: Can't resolve address %s: %s",
+ host, net_gethosterror(ret));
+ return NULL;
+ }
+
+ if (ips_count < 1) {
+ i_fatal("resolve_maybe: No IPs for address: %s",
+ host);
+ return NULL;
+ }
+ }
+ else
+ return host;
+ /* return the first ip in the result. */
+ ip = ip_list[0];
+
+ return net_ip2addr(&ip);
+}
+
void auth_request_set_fields(struct auth_request *request,
const char *const *fields,
diff -r ac0e7f713d70 src/auth/auth-request.h
--- a/src/auth/auth-request.h Mon Oct 29 22:59:49 2007 +0200
+++ b/src/auth/auth-request.h Tue Nov 06 16:55:40 2007 +0530
@@ -178,4 +178,5 @@ void auth_request_userdb_callback(enum u
void auth_request_userdb_callback(enum userdb_result result,
struct auth_request *request);
+const char * resolve_proxy_host_maybe(const char * host);
#endif
