[prev in list] [next in list] [prev in thread] [next in thread]
List: squirrelmail-cvs
Subject: [SM-CVS] SF.net SVN: squirrelmail:[14096] trunk/imap_proxy
From: pdontthink () users ! sourceforge ! net
Date: 2011-04-17 21:16:51
Message-ID: E1QBZKt-0005dD-Hz () sfp-svn-4 ! v30 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Revision: 14096
http://squirrelmail.svn.sourceforge.net/squirrelmail/?rev=14096&view=rev
Author: pdontthink
Date: 2011-04-17 21:16:51 +0000 (Sun, 17 Apr 2011)
Log Message:
-----------
When NO or BAD response is returned from the server against a LOGIN or AUTHENTICATE \
request, we now log the full server response and pass it back to the client (useful \
if client is watching for RFC 5530 response codes). See: \
http://thread.gmane.org/gmane.mail.squirrelmail.imapproxy/4
Modified Paths:
--------------
trunk/imap_proxy/ChangeLog
trunk/imap_proxy/include/imapproxy.h
trunk/imap_proxy/src/imapcommon.c
trunk/imap_proxy/src/request.c
Modified: trunk/imap_proxy/ChangeLog
===================================================================
--- trunk/imap_proxy/ChangeLog 2011-04-02 19:30:44 UTC (rev 14095)
+++ trunk/imap_proxy/ChangeLog 2011-04-17 21:16:51 UTC (rev 14096)
@@ -1,3 +1,10 @@
+2011-04-17 Paul Lesniewski <paul@squirrelmail.org>
+ * When NO or BAD response is returned from the server against
+ a LOGIN or AUTHENTICATE request, we now log the full server
+ response and pass it back to the client (useful if client
+ is watching for RFC 5530 response codes). See:
+ http://thread.gmane.org/gmane.mail.squirrelmail.imapproxy/4
+
2011-03-11 Paul Lesniewski <paul@squirrelmail.org>
* Fixed server connection synchronization issue that occurred when
clients closed their connection immediately after logging in and
Modified: trunk/imap_proxy/include/imapproxy.h
===================================================================
--- trunk/imap_proxy/include/imapproxy.h 2011-04-02 19:30:44 UTC (rev 14095)
+++ trunk/imap_proxy/include/imapproxy.h 2011-04-17 21:16:51 UTC (rev 14096)
@@ -356,7 +356,7 @@
extern void HandleRequest( int );
extern char *memtok( char *, char *, char ** );
extern int imparse_isatom( const char * );
-extern ICD_Struct *Get_Server_conn( char *, char *, const char *, const char *, \
unsigned char ); +extern ICD_Struct *Get_Server_conn( char *, char *, const char *, \
const char *, unsigned char, char * ); extern void ICC_Logout( ICC_Struct * );
extern void ICC_Recycle( unsigned int );
extern void ICC_Recycle_Loop( void );
Modified: trunk/imap_proxy/src/imapcommon.c
===================================================================
--- trunk/imap_proxy/src/imapcommon.c 2011-04-02 19:30:44 UTC (rev 14095)
+++ trunk/imap_proxy/src/imapcommon.c 2011-04-17 21:16:51 UTC (rev 14096)
@@ -502,6 +502,11 @@
* ptr to client port string (for logging only)
* unsigned char - flag to indicate that the client sent the
* password as a string literal.
+ * ptr to string that will be filled with the server's
+ * full response (minus tag) to a
+ * login/authentication request when available.
+ * NOTE: string must be allocated space at least
+ * as big as an ITD's ReadBuf (BUFSIZE)
*
* Returns: ICD * on success
* NULL on failure
@@ -516,7 +521,8 @@
char *Password,
const char *ClientAddr,
const char *portstr,
- unsigned char LiteralPasswd )
+ unsigned char LiteralPasswd,
+ char *fullResponse )
{
char *fn = "Get_Server_conn()";
unsigned int HashIndex;
@@ -991,16 +997,38 @@
goto fail;
}
+ // In order to give the full server response (minus the tag)
+ // back to the caller, we want to re-construct the ReadBuf
+ // starting at the location currently pointed to by tokenptr.
+ // Thus, we put back the last space that memtok() had replaced
+ // with a null characater (at location pointed to by last).
+ //
+ *last = ' ';
+
+ // Then we re-adjust endptr to point to the CR at the end of
+ // the line and set to NULL (a few lines below) so we can use
+ // the rest of the response information as a normal string
+ //
+ endptr = memchr( last + 1, '\r', endptr - (last + 1) );
+
+ // No CR is unexpected; does this indicate malformed response?
+ // Probably. Anyway, we'll just give up on finding any other
+ // info from the server.
+ //
+ if ( !endptr )
+ endptr = last;
+
+ *endptr = '\0';
+
+ // Put the response text into the fullResponse parameter for the caller
+ //
+ strcpy( fullResponse, tokenptr );
+
if ( memcmp( (const void *)tokenptr, "OK", 2 ) )
{
- /*
- * If the server sent back a "NO" or "BAD", we can look at the actual
- * server logs to figure out why. We don't have to break our ass here
- * putting the string back together just for the sake of logging.
- */
syslog( LOG_INFO,
- "LOGIN: '%s' (%s:%s) failed: non-OK server response to LOGIN command",
- Username, ClientAddr, portstr );
+ "LOGIN: '%s' (%s:%s) failed: non-OK server response to LOGIN command: %s",
+ Username, ClientAddr, portstr, fullResponse );
goto fail;
}
Modified: trunk/imap_proxy/src/request.c
===================================================================
--- trunk/imap_proxy/src/request.c 2011-04-02 19:30:44 UTC (rev 14095)
+++ trunk/imap_proxy/src/request.c 2011-04-17 21:16:51 UTC (rev 14096)
@@ -696,6 +696,7 @@
ICD_Struct *conn;
int rc;
ITD_Struct Server;
+ char fullServerResponse[BUFSIZE] = "\0";
int BytesRead;
struct sockaddr_storage cli_addr;
int sockaddrlen;
@@ -831,7 +832,7 @@
* he needs to login. This is just in case there are any special
* characters in the password that we decoded.
*/
- conn = Get_Server_conn( Username, Password, hostaddr, portstr, LITERAL_PASSWORD \
); + conn = Get_Server_conn( Username, Password, hostaddr, portstr, \
LITERAL_PASSWORD, fullServerResponse );
/*
* all the code from here to the end is basically identical to that
@@ -842,7 +843,19 @@
if ( conn == NULL )
{
- snprintf( SendBuf, BufLen, "%s NO AUTHENTICATE failed\r\n", Tag );
+ // When we get a NO or BAD, we'll relay the original/full
+ // server response to the client in case it contains anything
+ // useful (such as RFC 5530 response codes). We'll use our
+ // own generic NO response otherwise (RFC 3501 doesn't allow
+ // other responses)
+ //
+ if ( !memcmp( (const void *)fullServerResponse, "NO", 2 )
+ || !memcmp( (const void *)fullServerResponse, "BAD", 3 ) )
+ {
+ snprintf( SendBuf, BufLen, "%s %s\r\n", Tag, fullServerResponse );
+ }
+ else
+ snprintf( SendBuf, BufLen, "%s NO AUTHENTICATE failed\r\n", Tag );
if ( IMAP_Write( Client->conn, SendBuf, strlen(SendBuf) ) == -1 )
{
@@ -868,7 +881,13 @@
}
}
- snprintf( SendBuf, BufLen, "%s OK User authenticated\r\n", Tag );
+// TODO: under what circumstances do we want to pass through the server's full OK \
response? (usually a CAPABILITY string) + //if ( !memcmp( (const void \
*)fullServerResponse, "OK", 2 ) ) + if (0)
+ snprintf( SendBuf, BufLen, "%s %s\r\n", Tag, fullServerResponse );
+ else
+ snprintf( SendBuf, BufLen, "%s OK User authenticated\r\n", Tag );
+
if ( IMAP_Write( Client->conn, SendBuf, strlen( SendBuf ) ) == -1 )
{
IMAPCount->InUseServerConnections--;
@@ -952,6 +971,7 @@
ITD_Struct Server;
int rc;
ICD_Struct *conn;
+ char fullServerResponse[BUFSIZE] = "\0";
struct sockaddr_storage cli_addr;
int sockaddrlen;
char hostaddr[INET6_ADDRSTRLEN], portstr[NI_MAXSERV];
@@ -977,7 +997,7 @@
return( -1 );
}
- conn = Get_Server_conn( Username, Password, hostaddr, portstr, LiteralLogin );
+ conn = Get_Server_conn( Username, Password, hostaddr, portstr, LiteralLogin, \
fullServerResponse );
/*
* wipe out the passwd so we don't have it sitting in memory somewhere.
@@ -990,8 +1010,20 @@
/*
* All logging is done in Get_Server_conn, so don't bother to
* log anything here.
+ *
+ * When we get a NO or BAD, we'll relay the original/full
+ * server response to the client in case it contains anything
+ * useful (such as RFC 5530 response codes). We'll use our
+ * own generic NO response otherwise (RFC 3501 doesn't allow
+ * other responses)
*/
- snprintf( SendBuf, BufLen, "%s NO LOGIN failed\r\n", Tag );
+ if ( !memcmp( (const void *)fullServerResponse, "NO", 2 )
+ || !memcmp( (const void *)fullServerResponse, "BAD", 3 ) )
+ {
+ snprintf( SendBuf, BufLen, "%s %s\r\n", Tag, fullServerResponse );
+ }
+ else
+ snprintf( SendBuf, BufLen, "%s NO LOGIN failed\r\n", Tag );
if ( IMAP_Write( Client->conn, SendBuf, strlen(SendBuf) ) == -1 )
{
@@ -1021,7 +1053,12 @@
* Send a success message back to the client
* and go into raw proxy mode.
*/
- snprintf( SendBuf, BufLen, "%s OK User logged in\r\n", Tag );
+// TODO: under what circumstances do we want to pass through the server's full OK \
response? (usually a CAPABILITY string) + //if ( !memcmp( (const void \
*)fullServerResponse, "OK", 2 ) ) + if (0)
+ snprintf( SendBuf, BufLen, "%s %s\r\n", Tag, fullServerResponse );
+ else
+ snprintf( SendBuf, BufLen, "%s OK User logged in\r\n", Tag );
if ( IMAP_Write( Client->conn, SendBuf, strlen(SendBuf) ) == -1 )
{
/*
@@ -1378,13 +1415,12 @@
rc = Handle_Select_Command( Client, Server,
ISC, Client->ReadBuf,
status );
-//LEFT OFF HERE should this deal with ICC_INVALIDATE too???????????????????
if ( rc == 0 )
continue;
- if ( rc == -1 )
- return( -1 );
+ if ( rc < 0 ) // -1 or -2
+ return( rc );
/*
* if Handle_Select_Command() returned 1,
This was sent by the SourceForge.net collaborative development platform, the world's \
largest Open Source development site.
------------------------------------------------------------------------------
Benefiting from Server Virtualization: Beyond Initial Workload
Consolidation -- Increasing the use of server virtualization is a top
priority.Virtualization can reduce costs, simplify management, and improve
application availability and disaster protection. Learn more about boosting
the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev
-----
squirrelmail-cvs mailing list
List address: squirrelmail-cvs@lists.sourceforge.net
List info (subscribe/unsubscribe/change options): \
https://lists.sourceforge.net/lists/listinfo/squirrelmail-cvs
Repository: http://squirrelmail.org/svn
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic