annotate src/lib-master/master-login-auth.c @ 19552:0f22db71df7a

global: freshen copyright git ls-files | xargs perl -p -i -e 's/(\d+)-201[0-5]/$1-2016/g;s/ (201[0-5]) Dovecot/ $1-2016 Dovecot/'
author Timo Sirainen <timo.sirainen@dovecot.fi>
date Wed, 13 Jan 2016 12:24:03 +0200
parents 9e120590e0ef
children aa1ac716269e
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
19552
0f22db71df7a global: freshen copyright
Timo Sirainen <timo.sirainen@dovecot.fi>
parents: 19191
diff changeset
1 /* Copyright (c) 2009-2016 Dovecot authors, see the included COPYING file */
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
2
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
3 #include "lib.h"
15187
02451e967a06 Renamed network.[ch] to net.[ch].
Timo Sirainen <tss@iki.fi>
parents: 15049
diff changeset
4 #include "net.h"
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
5 #include "ioloop.h"
15049
aa6027a0a78e Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents: 14923
diff changeset
6 #include "hostpid.h"
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
7 #include "istream.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
8 #include "ostream.h"
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
9 #include "llist.h"
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
10 #include "hex-binary.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
11 #include "hash.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
12 #include "str.h"
11256
e08dd68309a9 auth/login related timeouts are now in one place and they make more sense.
Timo Sirainen <tss@iki.fi>
parents: 11248
diff changeset
13 #include "master-interface.h"
12367
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected.
Timo Sirainen <tss@iki.fi>
parents: 12329
diff changeset
14 #include "master-service.h"
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
15 #include "master-auth.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
16 #include "master-login-auth.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
17
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
18
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
19 #define AUTH_MAX_INBUF_SIZE 8192
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
20
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
21 struct master_login_auth_request {
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
22 struct master_login_auth_request *prev, *next;
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
23
11248
1fd45deee948 lib-master: Don't crash after timeouting an auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 11097
diff changeset
24 unsigned int id;
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
25 time_t create_stamp;
11248
1fd45deee948 lib-master: Don't crash after timeouting an auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 11097
diff changeset
26
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
27 pid_t auth_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
28 unsigned int auth_id;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
29 unsigned int client_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
30 uint8_t cookie[MASTER_AUTH_COOKIE_SIZE];
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
31
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
32 master_login_auth_request_callback_t *callback;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
33 void *context;
12405
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
34
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
35 unsigned int aborted:1;
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
36 };
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
37
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
38 struct master_login_auth {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
39 pool_t pool;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
40 const char *auth_socket_path;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
41 int refcount;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
42
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
43 int fd;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
44 struct io *io;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
45 struct istream *input;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
46 struct ostream *output;
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
47 struct timeout *to;
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
48
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
49 unsigned int id_counter;
14923
96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes.
Timo Sirainen <tss@iki.fi>
parents: 14918
diff changeset
50 HASH_TABLE(void *, struct master_login_auth_request *) requests;
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
51 /* linked list of requests, ordered by create_stamp */
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
52 struct master_login_auth_request *request_head, *request_tail;
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
53
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
54 pid_t auth_server_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
55
15049
aa6027a0a78e Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents: 14923
diff changeset
56 unsigned int request_auth_token:1;
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
57 unsigned int version_received:1;
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
58 unsigned int spid_received:1;
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
59 };
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
60
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
61 static void master_login_auth_set_timeout(struct master_login_auth *auth);
12405
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
62 static void master_login_auth_check_spids(struct master_login_auth *auth);
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
63
15049
aa6027a0a78e Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents: 14923
diff changeset
64 struct master_login_auth *
aa6027a0a78e Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents: 14923
diff changeset
65 master_login_auth_init(const char *auth_socket_path, bool request_auth_token)
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
66 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
67 struct master_login_auth *auth;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
68 pool_t pool;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
69
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
70 pool = pool_alloconly_create("master login auth", 1024);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
71 auth = p_new(pool, struct master_login_auth, 1);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
72 auth->pool = pool;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
73 auth->auth_socket_path = p_strdup(pool, auth_socket_path);
15049
aa6027a0a78e Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents: 14923
diff changeset
74 auth->request_auth_token = request_auth_token;
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
75 auth->refcount = 1;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
76 auth->fd = -1;
14918
8eae4e205c82 Hash table API is now (mostly) type safe.
Timo Sirainen <tss@iki.fi>
parents: 14917
diff changeset
77 hash_table_create_direct(&auth->requests, pool, 0);
12490
16dbbb57a4b2 lib-master: Try to use auth request ID numbers from wider range to ease debugging.
Timo Sirainen <tss@iki.fi>
parents: 12488
diff changeset
78 auth->id_counter = (rand() % 32767) * 131072U;
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
79 return auth;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
80 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
81
12504
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
82 static void
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
83 request_internal_failure(struct master_login_auth_request *request,
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
84 const char *reason)
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
85 {
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
86 i_error("%s (client-pid=%u client-id=%u)",
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
87 reason, request->client_pid, request->auth_id);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
88 request->callback(NULL, MASTER_AUTH_ERRMSG_INTERNAL_FAILURE,
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
89 request->context);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
90 }
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
91
10473
a0d99b374aa4 imap, pop3: Close auth/config connections when we stop accepting more connections.
Timo Sirainen <tss@iki.fi>
parents: 10199
diff changeset
92 void master_login_auth_disconnect(struct master_login_auth *auth)
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
93 {
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
94 struct master_login_auth_request *request;
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
95
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
96 while (auth->request_head != NULL) {
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
97 request = auth->request_head;
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
98 DLLIST2_REMOVE(&auth->request_head,
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
99 &auth->request_tail, request);
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
100
12504
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
101 request_internal_failure(request,
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
102 "Disconnected from auth server, aborting");
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
103 i_free(request);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
104 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
105 hash_table_clear(auth->requests, FALSE);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
106
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
107 if (auth->to != NULL)
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
108 timeout_remove(&auth->to);
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
109 if (auth->io != NULL)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
110 io_remove(&auth->io);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
111 if (auth->fd != -1) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
112 i_stream_destroy(&auth->input);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
113 o_stream_destroy(&auth->output);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
114
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
115 net_disconnect(auth->fd);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
116 auth->fd = -1;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
117 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
118 auth->version_received = FALSE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
119 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
120
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
121 static void master_login_auth_unref(struct master_login_auth **_auth)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
122 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
123 struct master_login_auth *auth = *_auth;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
124
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
125 *_auth = NULL;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
126
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
127 i_assert(auth->refcount > 0);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
128 if (--auth->refcount > 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
129 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
130
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
131 hash_table_destroy(&auth->requests);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
132 pool_unref(&auth->pool);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
133 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
134
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
135 void master_login_auth_deinit(struct master_login_auth **_auth)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
136 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
137 struct master_login_auth *auth = *_auth;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
138
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
139 *_auth = NULL;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
140
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
141 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
142 master_login_auth_unref(&auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
143 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
144
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
145 static unsigned int auth_get_next_timeout_secs(struct master_login_auth *auth)
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
146 {
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
147 time_t expires;
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
148
11256
e08dd68309a9 auth/login related timeouts are now in one place and they make more sense.
Timo Sirainen <tss@iki.fi>
parents: 11248
diff changeset
149 expires = auth->request_head->create_stamp +
e08dd68309a9 auth/login related timeouts are now in one place and they make more sense.
Timo Sirainen <tss@iki.fi>
parents: 11248
diff changeset
150 MASTER_AUTH_LOOKUP_TIMEOUT_SECS;
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
151 return expires <= ioloop_time ? 0 : expires - ioloop_time;
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
152 }
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
153
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
154 static void master_login_auth_timeout(struct master_login_auth *auth)
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
155 {
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
156 struct master_login_auth_request *request;
12504
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
157 const char *reason;
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
158
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
159 while (auth->request_head != NULL &&
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
160 auth_get_next_timeout_secs(auth) == 0) {
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
161 request = auth->request_head;
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
162 DLLIST2_REMOVE(&auth->request_head,
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
163 &auth->request_tail, request);
14923
96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes.
Timo Sirainen <tss@iki.fi>
parents: 14918
diff changeset
164 hash_table_remove(auth->requests, POINTER_CAST(request->id));
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
165
12504
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
166 reason = t_strdup_printf(
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
167 "Auth server request timed out after %u secs",
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
168 (unsigned int)(ioloop_time - request->create_stamp));
12504
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
169 request_internal_failure(request, reason);
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
170 i_free(request);
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
171 }
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
172 timeout_remove(&auth->to);
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
173 master_login_auth_set_timeout(auth);
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
174 }
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
175
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
176 static void master_login_auth_set_timeout(struct master_login_auth *auth)
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
177 {
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
178 i_assert(auth->to == NULL);
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
179
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
180 if (auth->request_head != NULL) {
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
181 auth->to = timeout_add(auth_get_next_timeout_secs(auth) * 1000,
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
182 master_login_auth_timeout, auth);
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
183 }
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
184 }
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
185
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
186 static void
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
187 master_login_auth_request_remove(struct master_login_auth *auth,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
188 struct master_login_auth_request *request)
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
189 {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
190 bool update_timeout;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
191
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
192 update_timeout = request->prev == NULL;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
193
14923
96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes.
Timo Sirainen <tss@iki.fi>
parents: 14918
diff changeset
194 hash_table_remove(auth->requests, POINTER_CAST(request->id));
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
195 DLLIST2_REMOVE(&auth->request_head, &auth->request_tail, request);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
196
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
197 if (update_timeout) {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
198 timeout_remove(&auth->to);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
199 master_login_auth_set_timeout(auth);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
200 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
201 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
202
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
203 static struct master_login_auth_request *
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
204 master_login_auth_lookup_request(struct master_login_auth *auth,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
205 unsigned int id)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
206 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
207 struct master_login_auth_request *request;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
208
14923
96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes.
Timo Sirainen <tss@iki.fi>
parents: 14918
diff changeset
209 request = hash_table_lookup(auth->requests, POINTER_CAST(id));
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
210 if (request == NULL) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
211 i_error("Auth server sent reply with unknown ID %u", id);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
212 return NULL;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
213 }
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
214 master_login_auth_request_remove(auth, request);
12405
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
215 if (request->aborted) {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
216 request->callback(NULL, MASTER_AUTH_ERRMSG_INTERNAL_FAILURE,
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
217 request->context);
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
218 i_free(request);
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
219 return NULL;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
220 }
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
221 return request;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
222 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
223
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
224 static bool
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
225 master_login_auth_input_user(struct master_login_auth *auth, const char *args)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
226 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
227 struct master_login_auth_request *request;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
228 const char *const *list;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
229 unsigned int id;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
230
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
231 /* <id> <userid> [..] */
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
232
14471
fc8031c5e691 Use t_strsplit_tab() wherever possible
Timo Sirainen <tss@iki.fi>
parents: 14133
diff changeset
233 list = t_strsplit_tab(args);
11086
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
234 if (list[0] == NULL || list[1] == NULL ||
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
235 str_to_uint(list[0], &id) < 0) {
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
236 i_error("Auth server sent corrupted USER line");
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
237 return FALSE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
238 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
239
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
240 request = master_login_auth_lookup_request(auth, id);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
241 if (request != NULL) {
11018
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
242 request->callback(list + 1, NULL, request->context);
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
243 i_free(request);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
244 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
245 return TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
246 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
247
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
248 static bool
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
249 master_login_auth_input_notfound(struct master_login_auth *auth,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
250 const char *args)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
251 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
252 struct master_login_auth_request *request;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
253 unsigned int id;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
254
11086
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
255 if (str_to_uint(args, &id) < 0) {
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
256 i_error("Auth server sent corrupted NOTFOUND line");
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
257 return FALSE;
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
258 }
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
259
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
260 request = master_login_auth_lookup_request(auth, id);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
261 if (request != NULL) {
12504
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
262 const char *reason = t_strdup_printf(
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
263 "Authenticated user not found from userdb, "
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
264 "auth lookup id=%u", id);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
265 request_internal_failure(request, reason);
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
266 i_free(request);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
267 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
268 return TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
269 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
270
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
271 static bool
11018
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
272 master_login_auth_input_fail(struct master_login_auth *auth,
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
273 const char *args_line)
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
274 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
275 struct master_login_auth_request *request;
11018
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
276 const char *const *args, *error = NULL;
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
277 unsigned int i, id;
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
278
14471
fc8031c5e691 Use t_strsplit_tab() wherever possible
Timo Sirainen <tss@iki.fi>
parents: 14133
diff changeset
279 args = t_strsplit_tab(args_line);
11086
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
280 if (args[0] == NULL || str_to_uint(args[0], &id) < 0) {
11018
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
281 i_error("Auth server sent broken FAIL line");
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
282 return FALSE;
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
283 }
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
284 for (i = 1; args[i] != NULL; i++) {
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
285 if (strncmp(args[i], "reason=", 7) == 0)
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
286 error = args[i] + 7;
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
287 }
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
288
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
289 request = master_login_auth_lookup_request(auth, id);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
290 if (request != NULL) {
12504
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
291 if (error == NULL) {
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
292 request_internal_failure(request,
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
293 "Internal auth failure");
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
294 } else {
12552
6a0f3010d592 lib-master: Error message typofix.
Timo Sirainen <tss@iki.fi>
parents: 12504
diff changeset
295 i_error("Internal auth failure: %s "
12504
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
296 "(client-pid=%u client-id=%u)",
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
297 error, request->client_pid, request->auth_id);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
298 request->callback(NULL, error, request->context);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes.
Timo Sirainen <tss@iki.fi>
parents: 12490
diff changeset
299 }
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
300 i_free(request);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
301 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
302 return TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
303 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
304
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
305 static void master_login_auth_input(struct master_login_auth *auth)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
306 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
307 const char *line;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
308 bool ret;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
309
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
310 switch (i_stream_read(auth->input)) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
311 case 0:
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
312 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
313 case -1:
12367
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected.
Timo Sirainen <tss@iki.fi>
parents: 12329
diff changeset
314 /* disconnected. stop accepting new connections, because in
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected.
Timo Sirainen <tss@iki.fi>
parents: 12329
diff changeset
315 default configuration we no longer have permissions to
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected.
Timo Sirainen <tss@iki.fi>
parents: 12329
diff changeset
316 connect back to auth-master */
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected.
Timo Sirainen <tss@iki.fi>
parents: 12329
diff changeset
317 master_service_stop_new_connections(master_service);
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
318 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
319 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
320 case -2:
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
321 /* buffer full */
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
322 i_error("Auth server sent us too long line");
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
323 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
324 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
325 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
326
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
327 if (!auth->version_received) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
328 line = i_stream_next_line(auth->input);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
329 if (line == NULL)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
330 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
331
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
332 /* make sure the major version matches */
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
333 if (strncmp(line, "VERSION\t", 8) != 0 ||
11086
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
334 !str_uint_equals(t_strcut(line + 8, '\t'),
260e190306b0 Started using str_to_*() functions instead of libc's ones.
Timo Sirainen <tss@iki.fi>
parents: 11018
diff changeset
335 AUTH_MASTER_PROTOCOL_MAJOR_VERSION)) {
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
336 i_error("Authentication server not compatible with "
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
337 "master process (mixed old and new binaries?)");
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
338 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
339 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
340 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
341 auth->version_received = TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
342 }
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
343 if (!auth->spid_received) {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
344 line = i_stream_next_line(auth->input);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
345 if (line == NULL)
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
346 return;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
347
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
348 if (strncmp(line, "SPID\t", 5) != 0 ||
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
349 str_to_pid(line + 5, &auth->auth_server_pid) < 0) {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
350 i_error("Authentication server didn't "
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
351 "send valid SPID as expected: %s", line);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
352 master_login_auth_disconnect(auth);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
353 return;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
354 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
355 auth->spid_received = TRUE;
12405
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
356 master_login_auth_check_spids(auth);
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
357 }
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
358
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
359 auth->refcount++;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
360 while ((line = i_stream_next_line(auth->input)) != NULL) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
361 if (strncmp(line, "USER\t", 5) == 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
362 ret = master_login_auth_input_user(auth, line + 5);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
363 else if (strncmp(line, "NOTFOUND\t", 9) == 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
364 ret = master_login_auth_input_notfound(auth, line + 9);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
365 else if (strncmp(line, "FAIL\t", 5) == 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
366 ret = master_login_auth_input_fail(auth, line + 5);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
367 else
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
368 ret = TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
369
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
370 if (!ret || auth->input == NULL) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
371 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
372 break;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
373 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
374 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
375 master_login_auth_unref(&auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
376 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
377
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
378 static int
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
379 master_login_auth_connect(struct master_login_auth *auth)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
380 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
381 int fd;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
382
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
383 i_assert(auth->fd == -1);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
384
10159
e027503ddb6b Use net_connect_unix_with_retries() instead of duplicating the code everywhere.
Timo Sirainen <tss@iki.fi>
parents: 10101
diff changeset
385 fd = net_connect_unix_with_retries(auth->auth_socket_path, 1000);
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
386 if (fd == -1) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
387 i_error("net_connect_unix(%s) failed: %m",
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
388 auth->auth_socket_path);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
389 return -1;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
390 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
391 auth->fd = fd;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
392 auth->input = i_stream_create_fd(fd, AUTH_MAX_INBUF_SIZE, FALSE);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
393 auth->output = o_stream_create_fd(fd, (size_t)-1, FALSE);
14681
ca37d1577291 Added o_stream_nsend*() and related functions to make delayed error handling safer.
Timo Sirainen <tss@iki.fi>
parents: 14471
diff changeset
394 o_stream_set_no_error_handling(auth->output, TRUE);
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
395 auth->io = io_add(fd, IO_READ, master_login_auth_input, auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
396 return 0;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
397 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
398
12405
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
399 static bool
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
400 auth_request_check_spid(struct master_login_auth *auth,
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
401 struct master_login_auth_request *req)
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
402 {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
403 if (auth->auth_server_pid != req->auth_pid && auth->spid_received) {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
404 /* auth server was restarted. don't even attempt a login. */
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
405 i_warning("Auth server restarted (pid %u -> %u), aborting auth",
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
406 (unsigned int)req->auth_pid,
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
407 (unsigned int)auth->auth_server_pid);
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
408 return FALSE;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
409 }
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
410 return TRUE;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
411 }
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
412
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
413 static void master_login_auth_check_spids(struct master_login_auth *auth)
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
414 {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
415 struct master_login_auth_request *req, *next;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
416
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
417 for (req = auth->request_head; req != NULL; req = next) {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
418 next = req->next;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
419 if (!auth_request_check_spid(auth, req))
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
420 req->aborted = TRUE;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
421 }
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
422 }
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
423
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
424 static void
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
425 master_login_auth_send_request(struct master_login_auth *auth,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
426 struct master_login_auth_request *req)
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
427 {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
428 string_t *str;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
429
12405
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
430 if (!auth_request_check_spid(auth, req)) {
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
431 master_login_auth_request_remove(auth, req);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
432 req->callback(NULL, MASTER_AUTH_ERRMSG_INTERNAL_FAILURE,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
433 req->context);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
434 i_free(req);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
435 return;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
436 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
437
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
438 str = t_str_new(128);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
439 str_printfa(str, "REQUEST\t%u\t%u\t%u\t", req->id,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
440 req->client_pid, req->auth_id);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
441 binary_to_hex_append(str, req->cookie, sizeof(req->cookie));
16909
9ef23179892a auth: Added %{session_pid} variable for userdb lookups in login requests.
Timo Sirainen <tss@iki.fi>
parents: 15715
diff changeset
442 str_printfa(str, "\tsession_pid=%s", my_pid);
15049
aa6027a0a78e Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents: 14923
diff changeset
443 if (auth->request_auth_token)
16909
9ef23179892a auth: Added %{session_pid} variable for userdb lookups in login requests.
Timo Sirainen <tss@iki.fi>
parents: 15715
diff changeset
444 str_append(str, "\trequest_auth_token");
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
445 str_append_c(str, '\n');
14681
ca37d1577291 Added o_stream_nsend*() and related functions to make delayed error handling safer.
Timo Sirainen <tss@iki.fi>
parents: 14471
diff changeset
446 o_stream_nsend(auth->output, str_data(str), str_len(str));
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
447 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
448
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
449 void master_login_auth_request(struct master_login_auth *auth,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
450 const struct master_auth_request *req,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
451 master_login_auth_request_callback_t *callback,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
452 void *context)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
453 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
454 struct master_login_auth_request *login_req;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
455 unsigned int id;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
456
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
457 if (auth->fd == -1) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
458 if (master_login_auth_connect(auth) < 0) {
12367
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected.
Timo Sirainen <tss@iki.fi>
parents: 12329
diff changeset
459 /* we couldn't connect to auth now,
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected.
Timo Sirainen <tss@iki.fi>
parents: 12329
diff changeset
460 so we probably can't in future either. */
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected.
Timo Sirainen <tss@iki.fi>
parents: 12329
diff changeset
461 master_service_stop_new_connections(master_service);
11018
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
462 callback(NULL, MASTER_AUTH_ERRMSG_INTERNAL_FAILURE,
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes).
Timo Sirainen <tss@iki.fi>
parents: 10589
diff changeset
463 context);
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
464 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
465 }
14681
ca37d1577291 Added o_stream_nsend*() and related functions to make delayed error handling safer.
Timo Sirainen <tss@iki.fi>
parents: 14471
diff changeset
466 o_stream_nsend_str(auth->output,
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
467 t_strdup_printf("VERSION\t%u\t%u\n",
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
468 AUTH_MASTER_PROTOCOL_MAJOR_VERSION,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
469 AUTH_MASTER_PROTOCOL_MINOR_VERSION));
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
470 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
471
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
472 id = ++auth->id_counter;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
473 if (id == 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
474 id++;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
475
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
476 login_req = i_new(struct master_login_auth_request, 1);
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
477 login_req->create_stamp = ioloop_time;
11248
1fd45deee948 lib-master: Don't crash after timeouting an auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 11097
diff changeset
478 login_req->id = id;
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
479 login_req->auth_pid = req->auth_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
480 login_req->client_pid = req->client_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
481 login_req->auth_id = req->auth_id;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
482 memcpy(login_req->cookie, req->cookie, sizeof(login_req->cookie));
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
483 login_req->callback = callback;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
484 login_req->context = context;
17489
f6e2fa1afa45 Added several asserts to make sure duplicates aren't inserted into hash table.
Timo Sirainen <tss@iki.fi>
parents: 17130
diff changeset
485 i_assert(hash_table_lookup(auth->requests, POINTER_CAST(id)) == NULL);
14923
96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes.
Timo Sirainen <tss@iki.fi>
parents: 14918
diff changeset
486 hash_table_insert(auth->requests, POINTER_CAST(id), login_req);
11097
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
487 DLLIST2_APPEND(&auth->request_head, &auth->request_tail, login_req);
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
488
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
489 if (auth->to == NULL)
0979e9e1e124 lib-master: Added timeout for auth master lookups.
Timo Sirainen <tss@iki.fi>
parents: 11086
diff changeset
490 master_login_auth_set_timeout(auth);
12137
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted.
Timo Sirainen <tss@iki.fi>
parents: 11256
diff changeset
491
12405
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request.
Timo Sirainen <tss@iki.fi>
parents: 12367
diff changeset
492 master_login_auth_send_request(auth, login_req);
10101
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
493 }
10199
9d13e9f78d52 lib-master: Fixes to handling master-login services.
Timo Sirainen <tss@iki.fi>
parents: 10159
diff changeset
494
9d13e9f78d52 lib-master: Fixes to handling master-login services.
Timo Sirainen <tss@iki.fi>
parents: 10159
diff changeset
495 unsigned int master_login_auth_request_count(struct master_login_auth *auth)
9d13e9f78d52 lib-master: Fixes to handling master-login services.
Timo Sirainen <tss@iki.fi>
parents: 10159
diff changeset
496 {
9d13e9f78d52 lib-master: Fixes to handling master-login services.
Timo Sirainen <tss@iki.fi>
parents: 10159
diff changeset
497 return hash_table_count(auth->requests);
9d13e9f78d52 lib-master: Fixes to handling master-login services.
Timo Sirainen <tss@iki.fi>
parents: 10159
diff changeset
498 }