"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/login-common/client-common.c" between
dovecot-2.3.16.tar.gz and dovecot-2.3.17.tar.gz

About: Dovecot is an IMAP and POP3 server, written with security primarily in mind.

client-common.c  (dovecot-2.3.16)	:	client-common.c  (dovecot-2.3.17)
skipping to change at line 173		skipping to change at line 173
if (net_is_in_network(&client->ip, &net_ip, bits))		if (net_is_in_network(&client->ip, &net_ip, bits))
return TRUE;		return TRUE;
}		}
return FALSE;		return FALSE;
}		}
struct client *		struct client *
client_alloc(int fd, pool_t pool,		client_alloc(int fd, pool_t pool,
const struct master_service_connection *conn,		const struct master_service_connection *conn,
const struct login_settings *set,		const struct login_settings *set,
const struct master_service_ssl_settings *ssl_set)		const struct master_service_ssl_settings *ssl_set,
		const struct master_service_ssl_server_settings *ssl_server_set)
{		{
struct client *client;		struct client *client;
i_assert(fd != -1);		i_assert(fd != -1);
client = login_binary->client_vfuncs->alloc(pool);		client = login_binary->client_vfuncs->alloc(pool);
client->v = *login_binary->client_vfuncs;		client->v = *login_binary->client_vfuncs;
if (client->v.auth_send_challenge == NULL)		if (client->v.auth_send_challenge == NULL)
client->v.auth_send_challenge = client_auth_send_challenge;		client->v.auth_send_challenge = client_auth_send_challenge;
if (client->v.auth_parse_response == NULL)		if (client->v.auth_parse_response == NULL)
client->v.auth_parse_response = client_auth_parse_response;		client->v.auth_parse_response = client_auth_parse_response;
client->created = ioloop_timeval;		client->created = ioloop_timeval;
client->refcount = 1;		client->refcount = 1;
client->pool = pool;		client->pool = pool;
client->preproxy_pool = pool_alloconly_create(MEMPOOL_GROWING"preproxy po ol", 256);		client->preproxy_pool = pool_alloconly_create(MEMPOOL_GROWING"preproxy po ol", 256);
client->set = set;		client->set = set;
client->ssl_set = ssl_set;		client->ssl_set = ssl_set;
		client->ssl_server_set = ssl_server_set;
p_array_init(&client->module_contexts, client->pool, 5);		p_array_init(&client->module_contexts, client->pool, 5);
client->fd = fd;		client->fd = fd;
client->local_ip = conn->local_ip;		client->local_ip = conn->local_ip;
client->local_port = conn->local_port;		client->local_port = conn->local_port;
client->ip = conn->remote_ip;		client->ip = conn->remote_ip;
client->remote_port = conn->remote_port;		client->remote_port = conn->remote_port;
client->real_local_ip = conn->real_local_ip;		client->real_local_ip = conn->real_local_ip;
client->real_local_port = conn->real_local_port;		client->real_local_port = conn->real_local_port;
client->real_remote_ip = conn->real_remote_ip;		client->real_remote_ip = conn->real_remote_ip;
skipping to change at line 517		skipping to change at line 519
void **other_sets;		void **other_sets;
const char *error;		const char *error;
if (client->ssl_servername_settings_read)		if (client->ssl_servername_settings_read)
return 0;		return 0;
client->ssl_servername_settings_read = TRUE;		client->ssl_servername_settings_read = TRUE;
client->local_name = p_strdup(client->pool, name);		client->local_name = p_strdup(client->pool, name);
client->set = login_settings_read(client->pool, &client->local_ip,		client->set = login_settings_read(client->pool, &client->local_ip,
&client->ip, name,		&client->ip, name,
&client->ssl_set, &other_sets);		&client->ssl_set,
		&client->ssl_server_set, &other_sets);
master_service_ssl_settings_to_iostream_set(client->ssl_set,		master_service_ssl_server_settings_to_iostream_set(client->ssl_set,
pool_datastack_create(),		client->ssl_server_set, pool_datastack_create(), &ssl_set);
MASTER_SERVICE_SSL_SETTINGS_TYPE_SERVER, &ssl_set);
if (ssl_iostream_server_context_cache_get(&ssl_set, &ssl_ctx, &error) < 0 ) {		if (ssl_iostream_server_context_cache_get(&ssl_set, &ssl_ctx, &error) < 0 ) {
*error_r = t_strdup_printf(		*error_r = t_strdup_printf(
"Failed to initialize SSL server context: %s", error);		"Failed to initialize SSL server context: %s", error);
return -1;		return -1;
}		}
ssl_iostream_change_context(client->ssl_iostream, ssl_ctx);		ssl_iostream_change_context(client->ssl_iostream, ssl_ctx);
ssl_iostream_context_unref(&ssl_ctx);		ssl_iostream_context_unref(&ssl_ctx);
return 0;		return 0;
}		}
skipping to change at line 545		skipping to change at line 547
struct ssl_iostream_settings ssl_set;		struct ssl_iostream_settings ssl_set;
const char *error;		const char *error;
i_assert(client->fd != -1);		i_assert(client->fd != -1);
if (strcmp(client->ssl_set->ssl, "no") == 0) {		if (strcmp(client->ssl_set->ssl, "no") == 0) {
e_info(client->event, "SSL is disabled (ssl=no)");		e_info(client->event, "SSL is disabled (ssl=no)");
return -1;		return -1;
}		}
master_service_ssl_settings_to_iostream_set(client->ssl_set,		master_service_ssl_server_settings_to_iostream_set(client->ssl_set,
pool_datastack_create(),		client->ssl_server_set, pool_datastack_create(), &ssl_set);
MASTER_SERVICE_SSL_SETTINGS_TYPE_SERVER, &ssl_set);
/* If the client cert is invalid, we'll reply NO to the login		/* If the client cert is invalid, we'll reply NO to the login
command. */		command. */
ssl_set.allow_invalid_cert = TRUE;		ssl_set.allow_invalid_cert = TRUE;
if (ssl_iostream_server_context_cache_get(&ssl_set, &ssl_ctx, &error) < 0 ) {		if (ssl_iostream_server_context_cache_get(&ssl_set, &ssl_ctx, &error) < 0 ) {
e_error(client->event,		e_error(client->event,
"Failed to initialize SSL server context: %s", error);		"Failed to initialize SSL server context: %s", error);
return -1;		return -1;
}		}
if (io_stream_create_ssl_server(ssl_ctx, &ssl_set,		if (io_stream_create_ssl_server(ssl_ctx, &ssl_set,
&client->input, &client->output,		&client->input, &client->output,
End of changes. 5 change blocks.
8 lines changed or deleted		9 lines changed or added

---