3 files changed, 10 insertions, 2 deletions

diff --git a/include/rabbit.hrl b/include/rabbit.hrl
index 7627ed431e..b4afddeef1 100644
--- a/include/rabbit.hrl
+++ b/include/rabbit.hrl
@@ -23,6 +23,8 @@
 -record(auth_user, {username,
                     tags,
                     impl}).
+%% Passed to authz backends.
+-record(authz_socket_info, {sockname, peername}).
 
 %% Implementation for the internal auth backend
 -record(internal_user, {username, password_hash, tags}).
diff --git a/src/rabbit_access_control.erl b/src/rabbit_access_control.erl
index 41c54b07a2..3ed6152020 100644
--- a/src/rabbit_access_control.erl
+++ b/src/rabbit_access_control.erl
@@ -41,7 +41,7 @@
                                 rabbit_net:socket() | inet:ip_address())
         -> 'ok' | 'not_allowed').
 -spec(check_vhost_access/3 ::
-        (rabbit_types:user(), rabbit_types:vhost(), rabbit_net:socket())
+        (rabbit_types:user(), rabbit_types:vhost(), rabbit_net:socket() | #authz_socket_info{})
         -> 'ok' | rabbit_types:channel_exit()).
 -spec(check_resource_access/3 ::
         (rabbit_types:user(), rabbit_types:r(atom()), permission_atom())
diff --git a/src/rabbit_direct.erl b/src/rabbit_direct.erl
index 11233e7eb8..9c9f31d4b5 100644
--- a/src/rabbit_direct.erl
+++ b/src/rabbit_direct.erl
@@ -102,8 +102,14 @@ notify_auth_result(Username, AuthResult, ExtraProps) ->
                  ExtraProps,
     rabbit_event:notify(AuthResult, [P || {_, V} = P <- EventProps, V =/= '']).
 
+authz_socket_info_direct(Infos) ->
+    #authz_socket_info{sockname={proplists:get_value(host, Infos),
+                                 proplists:get_value(port, Infos)},
+                       peername={proplists:get_value(peer_host, Infos),
+                                 proplists:get_value(peer_port, Infos)}}.
+
 connect1(User, VHost, Protocol, Pid, Infos) ->
-    try rabbit_access_control:check_vhost_access(User, VHost, undefined) of
+    try rabbit_access_control:check_vhost_access(User, VHost, authz_socket_info_direct(Infos)) of
         ok -> ok = pg_local:join(rabbit_direct, Pid),
               rabbit_event:notify(connection_created, Infos),
               {ok, {User, rabbit_reader:server_properties(Protocol)}}