Mercurial > dovecot > core-2.2
annotate src/auth/auth-settings.c @ 20419:0dc214cf2e30
auth-policy: Add policy implementation
| author | Aki Tuomi <aki.tuomi@dovecot.fi> |
|---|---|
| date | Fri, 03 Jun 2016 20:21:42 +0300 |
| parents | a7cd7cb4844c |
| children | b3803bacf702 |
| rev | line source |
|---|---|
|
19552
0f22db71df7a
global: freshen copyright
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
18137
diff
changeset
|
1 /* Copyright (c) 2005-2016 Dovecot authors, see the included COPYING file */ |
| 9002 | 2 |
| 3 #include "lib.h" | |
| 4 #include "array.h" | |
|
20419
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
5 #include "hash-method.h" |
| 9002 | 6 #include "settings-parser.h" |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
7 #include "master-service-private.h" |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
8 #include "master-service-settings.h" |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
9 #include "service-settings.h" |
| 9002 | 10 #include "auth-settings.h" |
| 11 | |
| 12 #include <stddef.h> | |
| 13 | |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
14 static bool auth_settings_check(void *_set, pool_t pool, const char **error_r); |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
15 static bool auth_passdb_settings_check(void *_set, pool_t pool, const char **error_r); |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
16 static bool auth_userdb_settings_check(void *_set, pool_t pool, const char **error_r); |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
17 |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
18 /* <settings checks> */ |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
19 static struct file_listener_settings auth_unix_listeners_array[] = { |
|
11285
1a3c9bd45b11
auth: Separate auth and login connections. Non-login requests are freed immediately after auth finished.
Timo Sirainen <tss@iki.fi>
parents:
11251
diff
changeset
|
20 { "login/login", 0666, "", "" }, |
|
15051
9ad9a79c1747
Use "tokenlogin" socket name (instead of "token-login") after all.
Timo Sirainen <tss@iki.fi>
parents:
15049
diff
changeset
|
21 { "token-login/tokenlogin", 0666, "", "" }, |
|
11330
f15b3aac5443
auth: Create auth-login socket by default where internal user can connect to.
Timo Sirainen <tss@iki.fi>
parents:
11285
diff
changeset
|
22 { "auth-login", 0600, "$default_internal_user", "" }, |
|
16723
96fa57cacfc7
auth: auth-client socket should be owned by $default_internal_user
Timo Sirainen <tss@iki.fi>
parents:
15715
diff
changeset
|
23 { "auth-client", 0600, "$default_internal_user", "" }, |
|
14461
bda92bf286a0
auth: Changed auth-userdb socket's default user to $default_internal_user.
Timo Sirainen <tss@iki.fi>
parents:
14159
diff
changeset
|
24 { "auth-userdb", 0666, "$default_internal_user", "" }, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
25 { "auth-master", 0600, "", "" } |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
26 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
27 static struct file_listener_settings *auth_unix_listeners[] = { |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
28 &auth_unix_listeners_array[0], |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
29 &auth_unix_listeners_array[1], |
|
10889
653ae02bf8cf
Create auth-client socket by default.
Timo Sirainen <tss@iki.fi>
parents:
10587
diff
changeset
|
30 &auth_unix_listeners_array[2], |
|
11330
f15b3aac5443
auth: Create auth-login socket by default where internal user can connect to.
Timo Sirainen <tss@iki.fi>
parents:
11285
diff
changeset
|
31 &auth_unix_listeners_array[3], |
|
15049
aa6027a0a78e
Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents:
14920
diff
changeset
|
32 &auth_unix_listeners_array[4], |
|
aa6027a0a78e
Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents:
14920
diff
changeset
|
33 &auth_unix_listeners_array[5] |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
34 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
35 static buffer_t auth_unix_listeners_buf = { |
|
17397
f373df52082a
treewide - mass cleanup of 0 used to end a settings list
Phil Carmody <phil@dovecot.fi>
parents:
17236
diff
changeset
|
36 auth_unix_listeners, sizeof(auth_unix_listeners), { NULL, } |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
37 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
38 /* </settings checks> */ |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
39 |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
40 struct service_settings auth_service_settings = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
41 .name = "auth", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
42 .protocol = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
43 .type = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
44 .executable = "auth", |
|
10910
858ad8aa7f8b
auth: Auth master process is now running as default_internal_user by default.
Timo Sirainen <tss@iki.fi>
parents:
10905
diff
changeset
|
45 .user = "$default_internal_user", |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
46 .group = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
47 .privileged_group = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
48 .extra_groups = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
49 .chroot = "", |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
50 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
51 .drop_priv_before_exec = FALSE, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
52 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
53 .process_min_avail = 0, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
54 .process_limit = 1, |
|
13785
8c8dd04b8496
auth: Dropped default client_limit back to default_client_limit.
Timo Sirainen <tss@iki.fi>
parents:
13760
diff
changeset
|
55 .client_limit = 0, |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
56 .service_count = 0, |
|
11631
d41694c931d0
Added support for per-service idle kill timeout.
Timo Sirainen <tss@iki.fi>
parents:
11330
diff
changeset
|
57 .idle_kill = 0, |
|
12432
8793036f6de8
Services' default vsz_limit wasn't actually using default_vsz_limit but rather 4 GB.
Timo Sirainen <tss@iki.fi>
parents:
12328
diff
changeset
|
58 .vsz_limit = (uoff_t)-1, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
59 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
60 .unix_listeners = { { &auth_unix_listeners_buf, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
61 sizeof(auth_unix_listeners[0]) } }, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
62 .fifo_listeners = ARRAY_INIT, |
|
12166
ce75971127a2
Fail at startup if process_limit>1 for services that don't support it.
Timo Sirainen <tss@iki.fi>
parents:
12089
diff
changeset
|
63 .inet_listeners = ARRAY_INIT, |
|
ce75971127a2
Fail at startup if process_limit>1 for services that don't support it.
Timo Sirainen <tss@iki.fi>
parents:
12089
diff
changeset
|
64 |
|
ce75971127a2
Fail at startup if process_limit>1 for services that don't support it.
Timo Sirainen <tss@iki.fi>
parents:
12089
diff
changeset
|
65 .process_limit_1 = TRUE |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
66 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
67 |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
68 /* <settings checks> */ |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
69 static struct file_listener_settings auth_worker_unix_listeners_array[] = { |
|
10910
858ad8aa7f8b
auth: Auth master process is now running as default_internal_user by default.
Timo Sirainen <tss@iki.fi>
parents:
10905
diff
changeset
|
70 { "auth-worker", 0600, "$default_internal_user", "" } |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
71 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
72 static struct file_listener_settings *auth_worker_unix_listeners[] = { |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
73 &auth_worker_unix_listeners_array[0] |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
74 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
75 static buffer_t auth_worker_unix_listeners_buf = { |
|
17397
f373df52082a
treewide - mass cleanup of 0 used to end a settings list
Phil Carmody <phil@dovecot.fi>
parents:
17236
diff
changeset
|
76 auth_worker_unix_listeners, sizeof(auth_worker_unix_listeners), { NULL, } |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
77 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
78 /* </settings checks> */ |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
79 |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
80 struct service_settings auth_worker_service_settings = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
81 .name = "auth-worker", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
82 .protocol = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
83 .type = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
84 .executable = "auth -w", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
85 .user = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
86 .group = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
87 .privileged_group = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
88 .extra_groups = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
89 .chroot = "", |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
90 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
91 .drop_priv_before_exec = FALSE, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
92 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
93 .process_min_avail = 0, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
94 .process_limit = 0, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
95 .client_limit = 1, |
|
10921
87c462c463cc
auth: Changed worker process to die after auth server closes its connection.
Timo Sirainen <tss@iki.fi>
parents:
10910
diff
changeset
|
96 .service_count = 1, |
|
11631
d41694c931d0
Added support for per-service idle kill timeout.
Timo Sirainen <tss@iki.fi>
parents:
11330
diff
changeset
|
97 .idle_kill = 0, |
|
12432
8793036f6de8
Services' default vsz_limit wasn't actually using default_vsz_limit but rather 4 GB.
Timo Sirainen <tss@iki.fi>
parents:
12328
diff
changeset
|
98 .vsz_limit = (uoff_t)-1, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
99 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
100 .unix_listeners = { { &auth_worker_unix_listeners_buf, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
101 sizeof(auth_worker_unix_listeners[0]) } }, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
102 .fifo_listeners = ARRAY_INIT, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
103 .inet_listeners = ARRAY_INIT |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
104 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
105 |
| 9002 | 106 #undef DEF |
| 107 #define DEF(type, name) \ | |
| 108 { type, #name, offsetof(struct auth_passdb_settings, name), NULL } | |
| 109 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
110 static const struct setting_define auth_passdb_setting_defines[] = { |
|
17236
917946c08f83
auth: If passdb/userdb has a name, use it for the log prefix instead of the driver name.
Timo Sirainen <tss@iki.fi>
parents:
17139
diff
changeset
|
111 DEF(SET_STR, name), |
| 9002 | 112 DEF(SET_STR, driver), |
| 113 DEF(SET_STR, args), | |
|
13330
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
114 DEF(SET_STR, default_fields), |
|
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
115 DEF(SET_STR, override_fields), |
|
17042
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
116 |
|
15691
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
117 DEF(SET_ENUM, skip), |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
118 DEF(SET_ENUM, result_success), |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
119 DEF(SET_ENUM, result_failure), |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
120 DEF(SET_ENUM, result_internalfail), |
|
17042
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
121 |
| 9002 | 122 DEF(SET_BOOL, deny), |
|
10576
9c80cc65def8
auth: passdb { pass and master } settings weren't working.
Timo Sirainen <tss@iki.fi>
parents:
10410
diff
changeset
|
123 DEF(SET_BOOL, pass), |
|
9c80cc65def8
auth: passdb { pass and master } settings weren't working.
Timo Sirainen <tss@iki.fi>
parents:
10410
diff
changeset
|
124 DEF(SET_BOOL, master), |
|
20036
a7cd7cb4844c
auth: Added passdb/userdb { auth_verbose } setting.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19721
diff
changeset
|
125 DEF(SET_ENUM, auth_verbose), |
| 9002 | 126 |
| 127 SETTING_DEFINE_LIST_END | |
| 128 }; | |
| 129 | |
|
10905
cb26518a7e51
auth: Fixed compiling config binary.
Timo Sirainen <tss@iki.fi>
parents:
10903
diff
changeset
|
130 static const struct auth_passdb_settings auth_passdb_default_settings = { |
|
17236
917946c08f83
auth: If passdb/userdb has a name, use it for the log prefix instead of the driver name.
Timo Sirainen <tss@iki.fi>
parents:
17139
diff
changeset
|
131 .name = "", |
|
10897
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
132 .driver = "", |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
133 .args = "", |
|
13330
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
134 .default_fields = "", |
|
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
135 .override_fields = "", |
|
17042
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
136 |
|
15691
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
137 .skip = "never:authenticated:unauthenticated", |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
138 .result_success = "return-ok:return:return-fail:continue:continue-ok:continue-fail", |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
139 .result_failure = "continue:return:return-ok:return-fail:continue-ok:continue-fail", |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
140 .result_internalfail = "continue:return:return-ok:return-fail:continue-ok:continue-fail", |
|
17042
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
141 |
|
10897
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
142 .deny = FALSE, |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
143 .pass = FALSE, |
|
20036
a7cd7cb4844c
auth: Added passdb/userdb { auth_verbose } setting.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19721
diff
changeset
|
144 .master = FALSE, |
|
a7cd7cb4844c
auth: Added passdb/userdb { auth_verbose } setting.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19721
diff
changeset
|
145 .auth_verbose = "default:yes:no" |
|
10897
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
146 }; |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
147 |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
148 const struct setting_parser_info auth_passdb_setting_parser_info = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
149 .defines = auth_passdb_setting_defines, |
|
10905
cb26518a7e51
auth: Fixed compiling config binary.
Timo Sirainen <tss@iki.fi>
parents:
10903
diff
changeset
|
150 .defaults = &auth_passdb_default_settings, |
| 9002 | 151 |
|
17236
917946c08f83
auth: If passdb/userdb has a name, use it for the log prefix instead of the driver name.
Timo Sirainen <tss@iki.fi>
parents:
17139
diff
changeset
|
152 .type_offset = offsetof(struct auth_passdb_settings, name), |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
153 .struct_size = sizeof(struct auth_passdb_settings), |
| 9002 | 154 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
155 .parent_offset = (size_t)-1, |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
156 .parent = &auth_setting_parser_info, |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
157 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
158 .check_func = auth_passdb_settings_check |
| 9002 | 159 }; |
| 160 | |
| 161 #undef DEF | |
| 162 #define DEF(type, name) \ | |
| 163 { type, #name, offsetof(struct auth_userdb_settings, name), NULL } | |
| 164 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
165 static const struct setting_define auth_userdb_setting_defines[] = { |
|
17236
917946c08f83
auth: If passdb/userdb has a name, use it for the log prefix instead of the driver name.
Timo Sirainen <tss@iki.fi>
parents:
17139
diff
changeset
|
166 DEF(SET_STR, name), |
| 9002 | 167 DEF(SET_STR, driver), |
| 168 DEF(SET_STR, args), | |
|
13330
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
169 DEF(SET_STR, default_fields), |
|
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
170 DEF(SET_STR, override_fields), |
| 9002 | 171 |
|
17042
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
172 DEF(SET_ENUM, skip), |
|
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
173 DEF(SET_ENUM, result_success), |
|
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
174 DEF(SET_ENUM, result_failure), |
|
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
175 DEF(SET_ENUM, result_internalfail), |
|
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
176 |
|
20036
a7cd7cb4844c
auth: Added passdb/userdb { auth_verbose } setting.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19721
diff
changeset
|
177 DEF(SET_ENUM, auth_verbose), |
|
a7cd7cb4844c
auth: Added passdb/userdb { auth_verbose } setting.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19721
diff
changeset
|
178 |
| 9002 | 179 SETTING_DEFINE_LIST_END |
| 180 }; | |
| 181 | |
|
10905
cb26518a7e51
auth: Fixed compiling config binary.
Timo Sirainen <tss@iki.fi>
parents:
10903
diff
changeset
|
182 static const struct auth_userdb_settings auth_userdb_default_settings = { |
|
17060
eaadd1e1fea2
auth: Don't crash when userdb hasn't been specified at all.
Timo Sirainen <tss@iki.fi>
parents:
17042
diff
changeset
|
183 /* NOTE: when adding fields, update also auth.c:userdb_dummy_set */ |
|
17236
917946c08f83
auth: If passdb/userdb has a name, use it for the log prefix instead of the driver name.
Timo Sirainen <tss@iki.fi>
parents:
17139
diff
changeset
|
184 .name = "", |
|
10897
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
185 .driver = "", |
|
13330
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
186 .args = "", |
|
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
187 .default_fields = "", |
|
17042
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
188 .override_fields = "", |
|
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
189 |
|
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
190 .skip = "never:found:notfound", |
|
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
191 .result_success = "return-ok:return:return-fail:continue:continue-ok:continue-fail", |
|
eeadb7b5045b
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's.
Timo Sirainen <tss@iki.fi>
parents:
16838
diff
changeset
|
192 .result_failure = "continue:return:return-ok:return-fail:continue-ok:continue-fail", |
|
20036
a7cd7cb4844c
auth: Added passdb/userdb { auth_verbose } setting.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19721
diff
changeset
|
193 .result_internalfail = "continue:return:return-ok:return-fail:continue-ok:continue-fail", |
|
a7cd7cb4844c
auth: Added passdb/userdb { auth_verbose } setting.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19721
diff
changeset
|
194 |
|
a7cd7cb4844c
auth: Added passdb/userdb { auth_verbose } setting.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19721
diff
changeset
|
195 .auth_verbose = "default:yes:no" |
|
10897
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
196 }; |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
197 |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
198 const struct setting_parser_info auth_userdb_setting_parser_info = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
199 .defines = auth_userdb_setting_defines, |
|
10905
cb26518a7e51
auth: Fixed compiling config binary.
Timo Sirainen <tss@iki.fi>
parents:
10903
diff
changeset
|
200 .defaults = &auth_userdb_default_settings, |
| 9002 | 201 |
|
17236
917946c08f83
auth: If passdb/userdb has a name, use it for the log prefix instead of the driver name.
Timo Sirainen <tss@iki.fi>
parents:
17139
diff
changeset
|
202 .type_offset = offsetof(struct auth_userdb_settings, name), |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
203 .struct_size = sizeof(struct auth_userdb_settings), |
| 9002 | 204 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
205 .parent_offset = (size_t)-1, |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
206 .parent = &auth_setting_parser_info, |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
207 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
208 .check_func = auth_userdb_settings_check |
| 9002 | 209 }; |
| 210 | |
|
9834
3f4d796db5fd
config: Auth settings now require the "auth_" prefix also inside auth blocks.
Timo Sirainen <tss@iki.fi>
parents:
9451
diff
changeset
|
211 /* we're kind of kludging here to avoid "auth_" prefix in the struct fields */ |
| 9002 | 212 #undef DEF |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
213 #undef DEF_NOPREFIX |
| 9002 | 214 #undef DEFLIST |
| 215 #define DEF(type, name) \ | |
|
9834
3f4d796db5fd
config: Auth settings now require the "auth_" prefix also inside auth blocks.
Timo Sirainen <tss@iki.fi>
parents:
9451
diff
changeset
|
216 { type, "auth_"#name, offsetof(struct auth_settings, name), NULL } |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
217 #define DEF_NOPREFIX(type, name) \ |
|
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
218 { type, #name, offsetof(struct auth_settings, name), NULL } |
| 9002 | 219 #define DEFLIST(field, name, defines) \ |
| 220 { SET_DEFLIST, name, offsetof(struct auth_settings, field), defines } | |
| 221 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
222 static const struct setting_define auth_setting_defines[] = { |
| 9002 | 223 DEF(SET_STR, mechanisms), |
| 224 DEF(SET_STR, realms), | |
| 225 DEF(SET_STR, default_realm), | |
|
10281
4b663b9e63af
Added "size" setting type, which supports B/k/M/G/T suffixes.
Timo Sirainen <tss@iki.fi>
parents:
10179
diff
changeset
|
226 DEF(SET_SIZE, cache_size), |
|
10282
7215f4142901
Added "time" (interval) setting type, which supports s/m/h/d/w suffixes.
Timo Sirainen <tss@iki.fi>
parents:
10281
diff
changeset
|
227 DEF(SET_TIME, cache_ttl), |
|
7215f4142901
Added "time" (interval) setting type, which supports s/m/h/d/w suffixes.
Timo Sirainen <tss@iki.fi>
parents:
10281
diff
changeset
|
228 DEF(SET_TIME, cache_negative_ttl), |
| 9002 | 229 DEF(SET_STR, username_chars), |
| 230 DEF(SET_STR, username_translation), | |
| 231 DEF(SET_STR, username_format), | |
| 232 DEF(SET_STR, master_user_separator), | |
| 233 DEF(SET_STR, anonymous_username), | |
| 234 DEF(SET_STR, krb5_keytab), | |
| 235 DEF(SET_STR, gssapi_hostname), | |
| 236 DEF(SET_STR, winbind_helper_path), | |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
237 DEF(SET_STR, proxy_self), |
|
10282
7215f4142901
Added "time" (interval) setting type, which supports s/m/h/d/w suffixes.
Timo Sirainen <tss@iki.fi>
parents:
10281
diff
changeset
|
238 DEF(SET_TIME, failure_delay), |
| 9002 | 239 |
|
20419
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
240 DEF(SET_STR, policy_server_url), |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
241 DEF(SET_STR, policy_server_api_header), |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
242 DEF(SET_UINT, policy_server_timeout_msecs), |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
243 DEF(SET_STR, policy_hash_mech), |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
244 DEF(SET_STR, policy_hash_nonce), |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
245 DEF(SET_STR, policy_request_attributes), |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
246 DEF(SET_BOOL, policy_reject_on_fail), |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
247 DEF(SET_UINT, policy_hash_truncate), |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
248 |
|
19721
9d2fa1afc222
auth: If auth_stats=yes, send statistics to stats process.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19552
diff
changeset
|
249 DEF(SET_BOOL, stats), |
| 9002 | 250 DEF(SET_BOOL, verbose), |
| 251 DEF(SET_BOOL, debug), | |
| 252 DEF(SET_BOOL, debug_passwords), | |
|
16838
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
253 DEF(SET_STR, verbose_passwords), |
| 9002 | 254 DEF(SET_BOOL, ssl_require_client_cert), |
| 255 DEF(SET_BOOL, ssl_username_from_cert), | |
| 256 DEF(SET_BOOL, use_winbind), | |
| 257 | |
| 258 DEF(SET_UINT, worker_max_count), | |
| 259 | |
| 260 DEFLIST(passdbs, "passdb", &auth_passdb_setting_parser_info), | |
| 261 DEFLIST(userdbs, "userdb", &auth_userdb_setting_parser_info), | |
| 262 | |
|
13555
fe89e95867a4
auth: Added passdb imap plugin.
Timo Sirainen <tss@iki.fi>
parents:
13330
diff
changeset
|
263 DEF_NOPREFIX(SET_STR, base_dir), |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
264 DEF_NOPREFIX(SET_BOOL, verbose_proctitle), |
|
15709
18661d1d6ed0
auth: first/last_valid_uid settings shouldn't have had auth_ prefix.
Timo Sirainen <tss@iki.fi>
parents:
15691
diff
changeset
|
265 DEF_NOPREFIX(SET_UINT, first_valid_uid), |
|
18661d1d6ed0
auth: first/last_valid_uid settings shouldn't have had auth_ prefix.
Timo Sirainen <tss@iki.fi>
parents:
15691
diff
changeset
|
266 DEF_NOPREFIX(SET_UINT, last_valid_uid), |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
267 |
| 9002 | 268 SETTING_DEFINE_LIST_END |
| 269 }; | |
| 270 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
271 static const struct auth_settings auth_default_settings = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
272 .mechanisms = "plain", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
273 .realms = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
274 .default_realm = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
275 .cache_size = 0, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
276 .cache_ttl = 60*60, |
|
12298
94608c2debe2
auth: Default for auth_cache_negative_ttl was supposed to be 1 hour, not disabled.
Timo Sirainen <tss@iki.fi>
parents:
12166
diff
changeset
|
277 .cache_negative_ttl = 60*60, |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
278 .username_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
279 .username_translation = "", |
|
12983
c0b40ebc527d
auth_username_format default changed to %Lu
Timo Sirainen <tss@iki.fi>
parents:
12889
diff
changeset
|
280 .username_format = "%Lu", |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
281 .master_user_separator = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
282 .anonymous_username = "anonymous", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
283 .krb5_keytab = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
284 .gssapi_hostname = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
285 .winbind_helper_path = "/usr/bin/ntlm_auth", |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
286 .proxy_self = "", |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
287 .failure_delay = 2, |
| 9002 | 288 |
|
20419
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
289 .policy_server_url = "", |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
290 .policy_server_api_header = "", |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
291 .policy_server_timeout_msecs = 2000, |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
292 .policy_hash_mech = "sha256", |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
293 .policy_hash_nonce = "", |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
294 .policy_request_attributes = "login=%{orig_username} pwhash=%{hashed_password} remote=%{real_rip}", |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
295 .policy_reject_on_fail = FALSE, |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
296 .policy_hash_truncate = 12, |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
297 |
|
19721
9d2fa1afc222
auth: If auth_stats=yes, send statistics to stats process.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19552
diff
changeset
|
298 .stats = FALSE, |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
299 .verbose = FALSE, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
300 .debug = FALSE, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
301 .debug_passwords = FALSE, |
|
16838
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
302 .verbose_passwords = "no", |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
303 .ssl_require_client_cert = FALSE, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
304 .ssl_username_from_cert = FALSE, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
305 .use_winbind = FALSE, |
| 9002 | 306 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
307 .worker_max_count = 30, |
| 9002 | 308 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
309 .passdbs = ARRAY_INIT, |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
310 .userdbs = ARRAY_INIT, |
|
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
311 |
|
13555
fe89e95867a4
auth: Added passdb imap plugin.
Timo Sirainen <tss@iki.fi>
parents:
13330
diff
changeset
|
312 .base_dir = PKG_RUNDIR, |
|
15709
18661d1d6ed0
auth: first/last_valid_uid settings shouldn't have had auth_ prefix.
Timo Sirainen <tss@iki.fi>
parents:
15691
diff
changeset
|
313 .verbose_proctitle = FALSE, |
|
18661d1d6ed0
auth: first/last_valid_uid settings shouldn't have had auth_ prefix.
Timo Sirainen <tss@iki.fi>
parents:
15691
diff
changeset
|
314 .first_valid_uid = 500, |
|
18661d1d6ed0
auth: first/last_valid_uid settings shouldn't have had auth_ prefix.
Timo Sirainen <tss@iki.fi>
parents:
15691
diff
changeset
|
315 .last_valid_uid = 0, |
| 9002 | 316 }; |
| 317 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
318 const struct setting_parser_info auth_setting_parser_info = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
319 .module_name = "auth", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
320 .defines = auth_setting_defines, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
321 .defaults = &auth_default_settings, |
| 9002 | 322 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
323 .type_offset = (size_t)-1, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
324 .struct_size = sizeof(struct auth_settings), |
| 9002 | 325 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
326 .parent_offset = (size_t)-1, |
|
10106
5a25b4ec5694
Reordered struct setting_parser_info fields to make using them easier.
Timo Sirainen <tss@iki.fi>
parents:
9846
diff
changeset
|
327 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
328 .check_func = auth_settings_check |
| 9002 | 329 }; |
| 330 | |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
331 /* <settings checks> */ |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
332 static bool |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
333 auth_settings_set_self_ips(struct auth_settings *set, pool_t pool, |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
334 const char **error_r) |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
335 { |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
336 const char *const *tmp; |
|
14920
a097ef0a9d6d
Array API changed: ARRAY_DEFINE(name, type) -> ARRAY(type) name
Timo Sirainen <tss@iki.fi>
parents:
14726
diff
changeset
|
337 ARRAY(struct ip_addr) ips_array; |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
338 struct ip_addr *ips; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
339 unsigned int ips_count; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
340 int ret; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
341 |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
342 if (*set->proxy_self == '\0') { |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
343 set->proxy_self_ips = p_new(pool, struct ip_addr, 1); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
344 return TRUE; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
345 } |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
346 |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
347 p_array_init(&ips_array, pool, 4); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
348 tmp = t_strsplit_spaces(set->proxy_self, " "); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
349 for (; *tmp != NULL; tmp++) { |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
350 ret = net_gethostbyname(*tmp, &ips, &ips_count); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
351 if (ret != 0) { |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
352 *error_r = t_strdup_printf("auth_proxy_self_ips: " |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
353 "gethostbyname(%s) failed: %s", |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
354 *tmp, net_gethosterror(ret)); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
355 } |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
356 array_append(&ips_array, ips, ips_count); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
357 } |
|
14686
9ff19c1d5f69
Added array_append_zero() to write a zero-filled record to an array.
Timo Sirainen <tss@iki.fi>
parents:
14461
diff
changeset
|
358 array_append_zero(&ips_array); |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
359 set->proxy_self_ips = array_idx(&ips_array, 0); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
360 return TRUE; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
361 } |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
362 |
|
16838
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
363 static bool |
|
17139
27ac53f11f1f
auth: Allow auth_verbose_passwords=yes as an alias for "plain".
Timo Sirainen <tss@iki.fi>
parents:
17138
diff
changeset
|
364 auth_verify_verbose_password(struct auth_settings *set, |
|
16838
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
365 const char **error_r) |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
366 { |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
367 const char *p, *value = set->verbose_passwords; |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
368 unsigned int num; |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
369 |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
370 p = strchr(value, ':'); |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
371 if (p != NULL) { |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
372 if (str_to_uint(p+1, &num) < 0 || num == 0) { |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
373 *error_r = t_strdup_printf("auth_verbose_passwords: " |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
374 "Invalid truncation number: '%s'", p+1); |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
375 return FALSE; |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
376 } |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
377 value = t_strdup_until(value, p); |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
378 } |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
379 if (strcmp(value, "no") == 0) |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
380 return TRUE; |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
381 else if (strcmp(value, "plain") == 0) |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
382 return TRUE; |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
383 else if (strcmp(value, "sha1") == 0) |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
384 return TRUE; |
|
17139
27ac53f11f1f
auth: Allow auth_verbose_passwords=yes as an alias for "plain".
Timo Sirainen <tss@iki.fi>
parents:
17138
diff
changeset
|
385 else if (strcmp(value, "yes") == 0) { |
|
27ac53f11f1f
auth: Allow auth_verbose_passwords=yes as an alias for "plain".
Timo Sirainen <tss@iki.fi>
parents:
17138
diff
changeset
|
386 /* just use it as alias for "plain" */ |
|
27ac53f11f1f
auth: Allow auth_verbose_passwords=yes as an alias for "plain".
Timo Sirainen <tss@iki.fi>
parents:
17138
diff
changeset
|
387 set->verbose_passwords = "plain"; |
|
27ac53f11f1f
auth: Allow auth_verbose_passwords=yes as an alias for "plain".
Timo Sirainen <tss@iki.fi>
parents:
17138
diff
changeset
|
388 return TRUE; |
|
27ac53f11f1f
auth: Allow auth_verbose_passwords=yes as an alias for "plain".
Timo Sirainen <tss@iki.fi>
parents:
17138
diff
changeset
|
389 } else { |
|
17138
afd3cfcf1bcb
auth: Fixed crash/NULL error if auth_verbose_passwords had an invalid value.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
390 *error_r = "auth_verbose_passwords: Invalid value"; |
|
16838
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
391 return FALSE; |
|
17138
afd3cfcf1bcb
auth: Fixed crash/NULL error if auth_verbose_passwords had an invalid value.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
392 } |
|
16838
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
393 } |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
394 |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
395 static bool auth_settings_check(void *_set, pool_t pool, |
|
12087
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
396 const char **error_r) |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
397 { |
|
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
398 struct auth_settings *set = _set; |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
399 const char *p; |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
400 |
|
9451
d86490ef27bd
auth: Fixed auth_debug_password -> auth_debug -> auth_Verbose cascading.
Timo Sirainen <tss@iki.fi>
parents:
9267
diff
changeset
|
401 if (set->debug_passwords) |
|
d86490ef27bd
auth: Fixed auth_debug_password -> auth_debug -> auth_Verbose cascading.
Timo Sirainen <tss@iki.fi>
parents:
9267
diff
changeset
|
402 set->debug = TRUE; |
|
d86490ef27bd
auth: Fixed auth_debug_password -> auth_debug -> auth_Verbose cascading.
Timo Sirainen <tss@iki.fi>
parents:
9267
diff
changeset
|
403 if (set->debug) |
|
d86490ef27bd
auth: Fixed auth_debug_password -> auth_debug -> auth_Verbose cascading.
Timo Sirainen <tss@iki.fi>
parents:
9267
diff
changeset
|
404 set->verbose = TRUE; |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
405 |
|
13958
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
406 if (set->worker_max_count == 0) { |
|
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
407 *error_r = "auth_worker_max_count must be above zero"; |
|
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
408 return FALSE; |
|
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
409 } |
|
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
410 |
|
12089
52e197994a55
Don't fail with auth_cache_size=0
Timo Sirainen <tss@iki.fi>
parents:
12087
diff
changeset
|
411 if (set->cache_size > 0 && set->cache_size < 1024) { |
|
12087
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
412 /* probably a configuration error. |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
413 older versions used megabyte numbers */ |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
414 *error_r = t_strdup_printf("auth_cache_size value is too small " |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
415 "(%"PRIuUOFF_T" bytes)", |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
416 set->cache_size); |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
417 return FALSE; |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
418 } |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
419 |
|
16838
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
420 if (!auth_verify_verbose_password(set, error_r)) |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
421 return FALSE; |
|
dc46ae14008c
auth: Added ability to truncate values logged by auth_verbose_passwords.
Timo Sirainen <tss@iki.fi>
parents:
16723
diff
changeset
|
422 |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
423 if (*set->username_chars == '\0') { |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
424 /* all chars are allowed */ |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
425 memset(set->username_chars_map, 1, |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
426 sizeof(set->username_chars_map)); |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
427 } else { |
|
10896
f93195ae4bed
auth: Recent changes broke auth_username_chars checking.
Timo Sirainen <tss@iki.fi>
parents:
10893
diff
changeset
|
428 for (p = set->username_chars; *p != '\0'; p++) |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
429 set->username_chars_map[(int)(uint8_t)*p] = 1; |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
430 } |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
431 |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
432 if (*set->username_translation != '\0') { |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
433 p = set->username_translation; |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
434 for (; *p != '\0' && p[1] != '\0'; p += 2) |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
435 set->username_translation_map[(int)(uint8_t)*p] = p[1]; |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
436 } |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
437 set->realms_arr = |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
438 (const char *const *)p_strsplit_spaces(pool, set->realms, " "); |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
439 |
|
20419
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
440 if (*set->policy_server_url != '\0') { |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
441 if (*set->policy_hash_nonce == '\0') { |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
442 |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
443 *error_r = "auth_policy_hash_nonce must be set when policy server is used"; |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
444 return FALSE; |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
445 } |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
446 const struct hash_method *digest = hash_method_lookup(set->policy_hash_mech); |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
447 if (digest == NULL) { |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
448 *error_r = "invalid auth_policy_hash_mech given"; |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
449 return FALSE; |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
450 } |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
451 if (set->policy_hash_truncate > 0 && set->policy_hash_truncate >= digest->digest_size*8) { |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
452 *error_r = t_strdup_printf("policy_hash_truncate is not smaller than digest size (%u >= %u)", |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
453 set->policy_hash_truncate, |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
454 digest->digest_size*8); |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
455 return FALSE; |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
456 } |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
457 } |
|
0dc214cf2e30
auth-policy: Add policy implementation
Aki Tuomi <aki.tuomi@dovecot.fi>
parents:
20036
diff
changeset
|
458 |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
459 if (!auth_settings_set_self_ips(set, pool, error_r)) |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
460 return FALSE; |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
461 return TRUE; |
|
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
462 } |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
463 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
464 static bool |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
465 auth_passdb_settings_check(void *_set, pool_t pool ATTR_UNUSED, |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
466 const char **error_r) |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
467 { |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
468 struct auth_passdb_settings *set = _set; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
469 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
470 if (set->driver == NULL || *set->driver == '\0') { |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
471 *error_r = "passdb is missing driver"; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
472 return FALSE; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
473 } |
|
15691
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
474 if (set->pass && strcmp(set->result_success, "return-ok") != 0) { |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
475 *error_r = "Obsolete pass=yes setting mixed with non-default result_success"; |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
476 return FALSE; |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
477 } |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
478 return TRUE; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
479 } |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
480 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
481 static bool |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
482 auth_userdb_settings_check(void *_set, pool_t pool ATTR_UNUSED, |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
483 const char **error_r) |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
484 { |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
485 struct auth_userdb_settings *set = _set; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
486 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
487 if (set->driver == NULL || *set->driver == '\0') { |
|
10587
bea4b2d1f27f
auth: Fixed "userdb is missing driver" error.
Timo Sirainen <tss@iki.fi>
parents:
10585
diff
changeset
|
488 *error_r = "userdb is missing driver"; |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
489 return FALSE; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
490 } |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
491 return TRUE; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
492 } |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
493 /* </settings checks> */ |
|
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
494 |
|
10893
1a4c2e4bff75
auth: auth_userdb and auth_passdb no longer has pointer to struct auth.
Timo Sirainen <tss@iki.fi>
parents:
10892
diff
changeset
|
495 struct auth_settings *global_auth_settings; |
|
1a4c2e4bff75
auth: auth_userdb and auth_passdb no longer has pointer to struct auth.
Timo Sirainen <tss@iki.fi>
parents:
10892
diff
changeset
|
496 |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
497 struct auth_settings * |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
498 auth_settings_read(const char *service, pool_t pool, |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
499 struct master_service_settings_output *output_r) |
| 9002 | 500 { |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
501 static const struct setting_parser_info *set_roots[] = { |
|
9846
cf27080f3fcf
config: Removed auth sections completely for now.
Timo Sirainen <tss@iki.fi>
parents:
9834
diff
changeset
|
502 &auth_setting_parser_info, |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
503 NULL |
|
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
504 }; |
|
10903
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
505 struct master_service_settings_input input; |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
506 struct setting_parser_context *set_parser; |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
507 const char *error; |
|
15088
14df6be0111f
Read SSL settings only if service has SSL sockets or MASTER_SERVICE_FLAG_USE_SSL_SETTINGS.
Timo Sirainen <tss@iki.fi>
parents:
15051
diff
changeset
|
508 void **sets; |
| 9002 | 509 |
|
10903
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
510 memset(&input, 0, sizeof(input)); |
|
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
511 input.roots = set_roots; |
|
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
512 input.module = "auth"; |
|
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
513 input.service = service; |
|
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
514 if (master_service_settings_read(master_service, &input, |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
515 output_r, &error) < 0) |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
516 i_fatal("Error reading configuration: %s", error); |
| 9002 | 517 |
|
13760
acfe332f9aeb
auth: Support passing regular %variables to sql/ldap iterate queries.
Timo Sirainen <tss@iki.fi>
parents:
13555
diff
changeset
|
518 pool_ref(pool); |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
519 set_parser = settings_parser_dup(master_service->set_parser, pool); |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
520 if (!settings_parser_check(set_parser, pool, &error)) |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
521 i_unreached(); |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
522 |
|
15088
14df6be0111f
Read SSL settings only if service has SSL sockets or MASTER_SERVICE_FLAG_USE_SSL_SETTINGS.
Timo Sirainen <tss@iki.fi>
parents:
15051
diff
changeset
|
523 sets = master_service_settings_parser_get_others(master_service, |
|
14df6be0111f
Read SSL settings only if service has SSL sockets or MASTER_SERVICE_FLAG_USE_SSL_SETTINGS.
Timo Sirainen <tss@iki.fi>
parents:
15051
diff
changeset
|
524 set_parser); |
|
13760
acfe332f9aeb
auth: Support passing regular %variables to sql/ldap iterate queries.
Timo Sirainen <tss@iki.fi>
parents:
13555
diff
changeset
|
525 settings_parser_deinit(&set_parser); |
|
15088
14df6be0111f
Read SSL settings only if service has SSL sockets or MASTER_SERVICE_FLAG_USE_SSL_SETTINGS.
Timo Sirainen <tss@iki.fi>
parents:
15051
diff
changeset
|
526 return sets[0]; |
| 9002 | 527 } |