client-connection.c revision ef0c36aa8114feee80aa696d9cb8106140371243
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen/* Copyright (c) 2010-2016 Dovecot authors, see the included COPYING file */
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainenstatic struct {
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen const char *str;
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainenstatic void client_connection_input(struct client_connection *conn);
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainendoveadm_cmd_server_post(struct client_connection *conn, const char *cmd_name)
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen unsigned int i;
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen for (i = 0; i < N_ELEMENTS(exit_code_strings); i++) {
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen if (exit_code_strings[i].code == doveadm_exit_code) {
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen i_error("BUG: Command '%s' returned unknown error code %d",
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainendoveadm_cmd_server_run_ver2(struct client_connection *conn,
20b136f04257b0ba338e49f31a999c0d4b243647Timo Sirainen if (doveadm_cmd_run_ver2(argc, argv, cctx) < 0)
37f96554a5734557cd454691d163e602d36384b4Timo Sirainen doveadm_cmd_server_post(conn, cctx->cmd->name);
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainendoveadm_cmd_server_run(struct client_connection *conn,
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainendoveadm_mail_cmd_server_parse(const struct doveadm_mail_cmd *cmd,
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen mctx->service_flags |= MAIL_STORAGE_SERVICE_FLAG_DEBUG;
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen getopt_args = t_strconcat("AF:S:u:", mctx->getopt_args, NULL);
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen while ((c = getopt(argc, (char **)argv, getopt_args)) > 0) {
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen "Client sent unknown parameter: %c",
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen if (argv[optind] != NULL && cmd->usage_args == NULL) {
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen i_error("doveadm %s: Client sent unknown parameter: %s",
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen if (strchr(mctx->cur_username, '*') != NULL ||
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen if (doveadm_print_is_initialized() && add_username_header) {
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen doveadm_print_sticky("username", cctx->username);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainendoveadm_mail_cmd_server_run(struct client_connection *conn,
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen ret = doveadm_mail_single_user(mctx, cctx, &error);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen mail_storage_service_deinit(&mctx->storage_service);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen } else if (ret == 0) {
37f96554a5734557cd454691d163e602d36384b4Timo Sirainen o_stream_nsend_str(conn->output, "\n-NOUSER\n");
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen /* maybe not an error, but not a full success either */
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainenbool doveadm_client_is_allowed_command(const struct doveadm_settings *set,
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen const char *const *cmds =
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen t_strsplit(set->doveadm_allowed_commands, ",");
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainenstatic int doveadm_cmd_handle(struct client_connection *conn,
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen struct ioloop *ioloop, *prev_ioloop = current_ioloop;
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen if ((cmd_ver2 = doveadm_cmd_find_with_args_ver2(cmd_name, &argc, &argv)) == NULL) {
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen cmd = doveadm_cmd_find_with_args(cmd_name, &argc, &argv);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen i_error("doveadm: Client sent unknown command: %s", cmd_name);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen if (doveadm_mail_cmd_server_parse(mail_cmd, conn->set,
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen /* some commands will want to call io_loop_run(), but we're already
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen running one and we can't call the original one recursively, so
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen create a new ioloop. */
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen doveadm_cmd_server_run_ver2(conn, argc, argv, cctx);
37f96554a5734557cd454691d163e602d36384b4Timo Sirainen doveadm_cmd_server_run(conn, argc, argv, cmd);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen doveadm_mail_cmd_server_run(conn, mctx, cctx);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen /* clear all headers */
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen doveadm_print_init(DOVEADM_PRINT_TYPE_SERVER);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainenstatic bool client_handle_command(struct client_connection *conn,
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen const char *const *args)
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen i_error("doveadm client: Unknown flag: %c", *flags);
37f96554a5734557cd454691d163e602d36384b4Timo Sirainen if (!doveadm_client_is_allowed_command(conn->set, cmd_name)) {
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen i_error("doveadm client isn't allowed to use command: %s",
37f96554a5734557cd454691d163e602d36384b4Timo Sirainen client_connection_set_proctitle(conn, cmd_name);
37f96554a5734557cd454691d163e602d36384b4Timo Sirainen if (doveadm_cmd_handle(conn, cmd_name, argc-2, args+2, &cctx) < 0)
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen /* flush the output and possibly run next command */
37f96554a5734557cd454691d163e602d36384b4Timo Sirainenclient_connection_authenticate(struct client_connection *conn)
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen const unsigned char *data;
37f96554a5734557cd454691d163e602d36384b4Timo Sirainen if ((line = i_stream_read_next_line(conn->input)) == NULL) {
37f96554a5734557cd454691d163e602d36384b4Timo Sirainen "remote authentication disabled");
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen /* FIXME: some day we should probably let auth process do this and
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen support all kinds of authentication */
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen i_error("doveadm client attempted non-PLAIN authentication: %s", line);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen plain = buffer_create_dynamic(pool_datastack_create(), 128);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen if (base64_decode(line + 6, strlen(line + 6), NULL, plain) < 0) {
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen i_error("doveadm client sent invalid base64 auth PLAIN data");
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen memcmp(data+1, "doveadm", 7) != 0 || data[8] != '\0') {
33502e55a9bf4cafcd184ca9b114c126e420f856Timo Sirainen i_error("doveadm client didn't authenticate as 'doveadm'");
37f96554a5734557cd454691d163e602d36384b4Timo Sirainen if (strcmp(pass, conn->set->doveadm_password) != 0) {
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen i_error("doveadm client authenticated with wrong password");
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainenstatic void client_log_disconnect_error(struct client_connection *conn)
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen ssl_iostream_get_last_error(conn->ssl_iostream);
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen error = conn->input->stream_errno == 0 ? "EOF" :
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen i_error("doveadm client disconnected before handshake: %s", error);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainenstatic void client_connection_input(struct client_connection *conn)
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen if ((line = i_stream_read_next_line(conn->input)) == NULL) {
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen if (conn->input->eof || conn->input->stream_errno != 0) {
6a866d5d5533cb744c78bc2f1ca47beaee690d2fTimo Sirainen if (!version_string_verify(line, "doveadm-server",
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen i_error("doveadm client not compatible with this server "
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen "(mixed old and new binaries?)");
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen if ((ret = client_connection_authenticate(conn)) <= 0) {
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen (line = i_stream_read_next_line(conn->input)) != NULL) {
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen const char *const *args;
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen if (conn->input->eof || conn->input->stream_errno != 0 || !ok)
37f96554a5734557cd454691d163e602d36384b4Timo Sirainenstatic int client_connection_read_settings(struct client_connection *conn)
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen const struct setting_parser_info *set_roots[] = {
dce232dfbb2244555299dffb3618a4724748d260Timo Sirainen if (master_service_settings_read(master_service, &input,
dce232dfbb2244555299dffb3618a4724748d260Timo Sirainen i_error("Error reading configuration: %s", error);
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen set = master_service_settings_get_others(master_service)[0];
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen conn->set = settings_dup(&doveadm_setting_parser_info, set, conn->pool);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainenstatic int client_connection_init_ssl(struct client_connection *conn)
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen if (ssl_iostream_handshake(conn->ssl_iostream) < 0) {
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen ssl_iostream_get_last_error(conn->ssl_iostream));
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainenclient_connection_send_auth_handshake(struct client_connection *
be044d4f3d08652d7332cdec5aaf8391474908bbTimo Sirainen /* we'll have to do this with stat(), because at least in Linux
be044d4f3d08652d7332cdec5aaf8391474908bbTimo Sirainen fstat() always returns mode as 0777 */
be044d4f3d08652d7332cdec5aaf8391474908bbTimo Sirainen if (net_getunixname(listen_fd, &listen_path) == 0 &&
be044d4f3d08652d7332cdec5aaf8391474908bbTimo Sirainen stat(listen_path, &st) == 0 && S_ISSOCK(st.st_mode) &&
be044d4f3d08652d7332cdec5aaf8391474908bbTimo Sirainen /* no need for client to authenticate */
be044d4f3d08652d7332cdec5aaf8391474908bbTimo Sirainenint client_connection_init(struct client_connection *conn, int fd)
be044d4f3d08652d7332cdec5aaf8391474908bbTimo Sirainen const char *ip;
be044d4f3d08652d7332cdec5aaf8391474908bbTimo Sirainen (void)net_getsockname(fd, &conn->local_ip, &conn->local_port);
be044d4f3d08652d7332cdec5aaf8391474908bbTimo Sirainen (void)net_getpeername(fd, &conn->remote_ip, &conn->remote_port);
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainen if (client_connection_read_settings(conn) < 0) {
031d075daf75b74b286711c1b6f64c3ae70e541bTimo Sirainenclient_connection_create(int fd, int listen_fd, bool ssl)
6a866d5d5533cb744c78bc2f1ca47beaee690d2fTimo Sirainen pool = pool_alloconly_create("doveadm client", 1024*16);
6a866d5d5533cb744c78bc2f1ca47beaee690d2fTimo Sirainen conn = p_new(pool, struct client_connection, 1);
20b136f04257b0ba338e49f31a999c0d4b243647Timo Sirainen doveadm_print_init(DOVEADM_PRINT_TYPE_SERVER);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen conn->name = p_strdup(pool, net_ip2addr(&conn->remote_ip));
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen conn->io = io_add(fd, IO_READ, client_connection_input, conn);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen conn->input = i_stream_create_fd(fd, MAX_INBUF_SIZE);
20b136f04257b0ba338e49f31a999c0d4b243647Timo Sirainen conn->output = o_stream_create_fd(fd, (size_t)-1);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen o_stream_set_no_error_handling(conn->output, TRUE);
6a866d5d5533cb744c78bc2f1ca47beaee690d2fTimo Sirainen client_connection_send_auth_handshake(conn, listen_fd);
20b136f04257b0ba338e49f31a999c0d4b243647Timo Sirainenvoid client_connection_destroy(struct client_connection **_conn)
6380f2bc729a03b328793e8ad6ba7587620fa184Timo Sirainen master_service_client_connection_destroyed(master_service);
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainenvoid client_connection_set_proctitle(struct client_connection *conn,
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen const char *str;
57f4445a46726a17bfe78b0964dd301a6ccb40ecTimo Sirainen str = t_strdup_printf("[%s %s]", conn->name, text);