dovecot/core-2.2: src/auth/db-passwd-file.c annotate

annotate src/auth/db-passwd-file.c @ 15641:19403b3926f9

Several fixes to handling "istream input line too long" conditions.

author	Timo Sirainen <tss@iki.fi>
date	Mon, 14 Jan 2013 08:01:47 +0200
parents	96fd2c3bf932
children	90710c6c3beb

rev	line source
14133 ba770cba5598 Updated copyright notices to include year 2012. Timo Sirainen <tss@iki.fi> parents: 14012 diff changeset	1 /* Copyright (c) 2002-2012 Dovecot authors, see the included COPYING file */
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	2
9219 97cdfeb57129 Renamed headers to prevent collision if they were flattened on an install. Mark Washenberger parents: 8590 diff changeset	3 #include "auth-common.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	4
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	5 #if defined (USERDB_PASSWD_FILE) \|\| defined(PASSDB_PASSWD_FILE)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	6
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	7 #include "userdb.h"
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	8 #include "db-passwd-file.h"
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	9
14818 f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	10 #include "array.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	11 #include "buffer.h"
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	12 #include "istream.h"
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	13 #include "hash.h"
1217 15c1353d74d9 passwd-file changes. Moved flags before MAIL environment which is now last Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	14 #include "str.h"
11432 dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	15 #include "eacces-error.h"
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	16 #include "var-expand.h"
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	17
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	18 #include <stdlib.h>
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	19 #include <unistd.h>
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	20 #include <fcntl.h>
14012 e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	21 #include <time.h>
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	22 #include <sys/stat.h>
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	23
14012 e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	24 #define PARSE_TIME_STARTUP_WARN_SECS 60
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	25 #define PARSE_TIME_RELOAD_WARN_SECS 10
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	26
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	27 static struct db_passwd_file *passwd_files;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	28
14629 c93ca5e46a8a Marked functions parameters that are allowed to be NULL. Some APIs were also changed. Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	29 static void ATTR_NULL(3)
c93ca5e46a8a Marked functions parameters that are allowed to be NULL. Some APIs were also changed. Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	30 passwd_file_add(struct passwd_file pw, const char username,
c93ca5e46a8a Marked functions parameters that are allowed to be NULL. Some APIs were also changed. Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	31 const char pass, const char const *args)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	32 {
4034 b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	33 /* args = uid, gid, user info, home dir, shell, extra_fields */
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	34 struct passwd_user *pu;
4111 07ee079dcf0d Don't break if password contains '[' characters. Timo Sirainen <tss@iki.fi> parents: 4103 diff changeset	35 const char *extra_fields = NULL;
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	36 char *user;
4111 07ee079dcf0d Don't break if password contains '[' characters. Timo Sirainen <tss@iki.fi> parents: 4103 diff changeset	37 size_t len;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	38
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	39 if (hash_table_lookup(pw->users, username) != NULL) {
3043 8b80b69938f0 If UID or GID isn't numeric, look it up from passwd/group. Timo Sirainen <tss@iki.fi> parents: 2099 diff changeset	40 i_error("passwd-file %s: User %s exists more than once",
8b80b69938f0 If UID or GID isn't numeric, look it up from passwd/group. Timo Sirainen <tss@iki.fi> parents: 2099 diff changeset	41 pw->path, username);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	42 return;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	43 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	44
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	45 pu = p_new(pw->pool, struct passwd_user, 1);
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	46 user = p_strdup(pw->pool, username);
1129 9a1a79df6238 More realm fixes Timo Sirainen <tss@iki.fi> parents: 1062 diff changeset	47
4137 1cbaed584eb8 Don't crash if passwd-file has entries without passwords. Timo Sirainen <tss@iki.fi> parents: 4111 diff changeset	48 len = pass == NULL ? 0 : strlen(pass);
1cbaed584eb8 Don't crash if passwd-file has entries without passwords. Timo Sirainen <tss@iki.fi> parents: 4111 diff changeset	49 if (len > 4 && pass[0] != '{' && pass[0] != '$' &&
1cbaed584eb8 Don't crash if passwd-file has entries without passwords. Timo Sirainen <tss@iki.fi> parents: 4111 diff changeset	50 pass[len-1] == ']' && pass[len-4] == '[') {
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	51 /* password[type] - we're being libpam-pwdfile compatible
1191 65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1129 diff changeset	52 here. it uses 13 = DES and 34 = MD5. For backwards
65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1129 diff changeset	53 comaptibility with ourself, we have also 56 = Digest-MD5. */
4111 07ee079dcf0d Don't break if password contains '[' characters. Timo Sirainen <tss@iki.fi> parents: 4103 diff changeset	54 int num = (pass[len-3] - '0') * 10 + (pass[len-2] - '0');
07ee079dcf0d Don't break if password contains '[' characters. Timo Sirainen <tss@iki.fi> parents: 4103 diff changeset	55
07ee079dcf0d Don't break if password contains '[' characters. Timo Sirainen <tss@iki.fi> parents: 4103 diff changeset	56 pass = t_strndup(pass, len-4);
07ee079dcf0d Don't break if password contains '[' characters. Timo Sirainen <tss@iki.fi> parents: 4103 diff changeset	57 if (num == 34) {
1191 65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1129 diff changeset	58 pu->password = p_strconcat(pw->pool, "{PLAIN-MD5}",
65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1129 diff changeset	59 pass, NULL);
4111 07ee079dcf0d Don't break if password contains '[' characters. Timo Sirainen <tss@iki.fi> parents: 4103 diff changeset	60 } else if (num == 56) {
1191 65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1129 diff changeset	61 pu->password = p_strconcat(pw->pool, "{DIGEST-MD5}",
65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1129 diff changeset	62 pass, NULL);
65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1129 diff changeset	63 if (strlen(pu->password) != 32 + 12) {
3043 8b80b69938f0 If UID or GID isn't numeric, look it up from passwd/group. Timo Sirainen <tss@iki.fi> parents: 2099 diff changeset	64 i_error("passwd-file %s: User %s "
8b80b69938f0 If UID or GID isn't numeric, look it up from passwd/group. Timo Sirainen <tss@iki.fi> parents: 2099 diff changeset	65 "has invalid password",
8b80b69938f0 If UID or GID isn't numeric, look it up from passwd/group. Timo Sirainen <tss@iki.fi> parents: 2099 diff changeset	66 pw->path, username);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	67 return;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	68 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	69 } else {
1191 65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1129 diff changeset	70 pu->password = p_strconcat(pw->pool, "{CRYPT}",
65e48854491d Added default_pass_scheme to LDAP. Support for more password schemes. Merged Timo Sirainen <tss@iki.fi> parents: 1129 diff changeset	71 pass, NULL);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	72 }
4111 07ee079dcf0d Don't break if password contains '[' characters. Timo Sirainen <tss@iki.fi> parents: 4103 diff changeset	73 } else {
07ee079dcf0d Don't break if password contains '[' characters. Timo Sirainen <tss@iki.fi> parents: 4103 diff changeset	74 pu->password = p_strdup(pw->pool, pass);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	75 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	76
5875 cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	77 pu->uid = (uid_t)-1;
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	78 pu->gid = (gid_t)-1;
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	79
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	80 if (*args == NULL)
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	81 ;
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	82 else if (!pw->db->userdb \|\| **args == '\0') {
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	83 args++;
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	84 } else {
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	85 pu->uid = userdb_parse_uid(NULL, *args);
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	86 if (pu->uid == 0 \|\| pu->uid == (uid_t)-1) {
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	87 i_error("passwd-file %s: User %s has invalid UID '%s'",
3043 8b80b69938f0 If UID or GID isn't numeric, look it up from passwd/group. Timo Sirainen <tss@iki.fi> parents: 2099 diff changeset	88 pw->path, username, *args);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	89 return;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	90 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	91 args++;
5875 cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	92 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	93
5875 cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	94 if (*args == NULL) {
14818 f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	95 if (pw->db->userdb_warn_missing) {
5875 cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	96 i_error("passwd-file %s: User %s is missing "
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	97 "userdb info", pw->path, username);
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	98 }
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	99 } else if (!pw->db->userdb \|\| **args == '\0')
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	100 args++;
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	101 else {
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	102 pu->gid = userdb_parse_gid(NULL, *args);
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	103 if (pu->gid == 0 \|\| pu->gid == (gid_t)-1) {
cda9824bab63 Allow passwd-file ti contain empty uid/gid fields. Timo Sirainen <tss@iki.fi> parents: 5290 diff changeset	104 i_error("passwd-file %s: User %s has invalid GID '%s'",
3043 8b80b69938f0 If UID or GID isn't numeric, look it up from passwd/group. Timo Sirainen <tss@iki.fi> parents: 2099 diff changeset	105 pw->path, username, *args);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	106 return;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	107 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	108 args++;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	109 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	110
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	111 /* user info */
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	112 if (*args != NULL)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	113 args++;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	114
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	115 /* home */
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	116 if (*args != NULL) {
4419 c38157eefd1e extra_args field was ignored if the passwd-file wasn't also used as a Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	117 if (pw->db->userdb)
c38157eefd1e extra_args field was ignored if the passwd-file wasn't also used as a Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	118 pu->home = p_strdup_empty(pw->pool, *args);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	119 args++;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	120 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	121
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	122 /* shell */
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	123 if (*args != NULL)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	124 args++;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	125
4034 b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	126 if (args != NULL && *args == '\0') {
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	127 /* old format, this field is empty and next field may
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	128 contain MAIL */
1299 e7ece7cfb14c Fixes to parsing userdb fields. Timo Sirainen <tss@iki.fi> parents: 1293 diff changeset	129 args++;
4419 c38157eefd1e extra_args field was ignored if the passwd-file wasn't also used as a Timo Sirainen <tss@iki.fi> parents: 4295 diff changeset	130 if (args != NULL && *args != '\0' && pw->db->userdb) {
4034 b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	131 extra_fields =
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	132 t_strconcat("userdb_mail=",
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	133 t_strarray_join(args, ":"), NULL);
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	134 }
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	135 } else if (*args != NULL) {
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	136 /* new format, contains a space separated list of
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	137 extra fields */
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	138 extra_fields = t_strarray_join(args, ":");
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	139 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	140
4034 b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	141 if (extra_fields != NULL) {
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	142 pu->extra_fields =
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	143 p_strsplit_spaces(pw->pool, extra_fields, " ");
b533c52196e3 Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter. Timo Sirainen <timo.sirainen@movial.fi> parents: 3891 diff changeset	144 }
1217 15c1353d74d9 passwd-file changes. Moved flags before MAIL environment which is now last Timo Sirainen <tss@iki.fi> parents: 1191 diff changeset	145
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	146 hash_table_insert(pw->users, user, pu);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	147 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	148
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	149 static struct passwd_file *
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	150 passwd_file_new(struct db_passwd_file db, const char expanded_path)
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	151 {
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	152 struct passwd_file *pw;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	153
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	154 pw = i_new(struct passwd_file, 1);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	155 pw->db = db;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	156 pw->path = i_strdup(expanded_path);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	157 pw->fd = -1;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	158
14918 8eae4e205c82 Hash table API is now (mostly) type safe. Timo Sirainen <tss@iki.fi> parents: 14917 diff changeset	159 if (hash_table_is_created(db->files))
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	160 hash_table_insert(db->files, pw->path, pw);
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	161 return pw;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	162 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	163
14012 e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	164 static bool passwd_file_open(struct passwd_file *pw, bool startup)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	165 {
3608 b86d4c76efdf Read also users without password. Timo Sirainen <tss@iki.fi> parents: 3504 diff changeset	166 const char *no_args = NULL;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	167 struct istream *input;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	168 const char *line;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	169 struct stat st;
14012 e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	170 time_t start_time, end_time;
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	171 unsigned int time_secs;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	172 int fd;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	173
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	174 fd = open(pw->path, O_RDONLY);
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	175 if (fd == -1) {
11432 dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	176 if (errno == EACCES) {
dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	177 i_error("passwd-file %s: %s", pw->path,
dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	178 eacces_error_get("open", pw->path));
dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	179 } else {
dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	180 i_error("passwd-file %s: Can't open file: %m",
dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	181 pw->path);
dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	182 }
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	183 return FALSE;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	184 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	185
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	186 if (fstat(fd, &st) != 0) {
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	187 i_error("passwd-file %s: fstat() failed: %m", pw->path);
14691 3945a3646c67 Changed i_close_fd() API to set the fd to -1 after closing. Timo Sirainen <tss@iki.fi> parents: 14687 diff changeset	188 i_close_fd(&fd);
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	189 return FALSE;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	190 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	191
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	192 pw->fd = fd;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	193 pw->stamp = st.st_mtime;
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	194 pw->size = st.st_size;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	195
7485 8bed019c834d Memory pool allocation tweaks. Timo Sirainen <tss@iki.fi> parents: 7226 diff changeset	196 pw->pool = pool_alloconly_create(MEMPOOL_GROWING"passwd_file", 10240);
14918 8eae4e205c82 Hash table API is now (mostly) type safe. Timo Sirainen <tss@iki.fi> parents: 14917 diff changeset	197 hash_table_create(&pw->users, pw->pool, 0, str_hash, strcmp);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	198
14012 e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	199 start_time = time(NULL);
15641 19403b3926f9 Several fixes to handling "istream input line too long" conditions. Timo Sirainen <tss@iki.fi> parents: 14923 diff changeset	200 input = i_stream_create_fd(pw->fd, (size_t)-1, FALSE);
8439 596a577698c1 Changed all config file readers to not ignore the last line if it's missing LF. Timo Sirainen <tss@iki.fi> parents: 7561 diff changeset	201 i_stream_set_return_partial_line(input, TRUE);
1293 2f2c6335ed6d Added i_stream_read_next_line() Timo Sirainen <tss@iki.fi> parents: 1217 diff changeset	202 while ((line = i_stream_read_next_line(input)) != NULL) {
1299 e7ece7cfb14c Fixes to parsing userdb fields. Timo Sirainen <tss@iki.fi> parents: 1293 diff changeset	203 if (line == '\0' \|\| line == ':' \|\| *line == '#')
e7ece7cfb14c Fixes to parsing userdb fields. Timo Sirainen <tss@iki.fi> parents: 1293 diff changeset	204 continue; /* no username or comment */
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	205
7226 e6693a0ec8e1 Renamed T_FRAME_BEGIN/END to T_BEGIN/END. Removed T_FRAME() macro and Timo Sirainen <tss@iki.fi> parents: 7086 diff changeset	206 T_BEGIN {
6940 414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6475 diff changeset	207 const char const args = t_strsplit(line, ":");
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6475 diff changeset	208 if (args[1] != NULL) {
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6475 diff changeset	209 /* at least username+password */
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6475 diff changeset	210 passwd_file_add(pw, args[0], args[1], args+2);
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6475 diff changeset	211 } else {
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6475 diff changeset	212 /* only username */
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6475 diff changeset	213 passwd_file_add(pw, args[0], NULL, &no_args);
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6475 diff changeset	214 }
7226 e6693a0ec8e1 Renamed T_FRAME_BEGIN/END to T_BEGIN/END. Removed T_FRAME() macro and Timo Sirainen <tss@iki.fi> parents: 7086 diff changeset	215 } T_END;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	216 }
4070 71b8faa84ec6 Added i_stream_destroy() and o_stream_destroy() and used them instead of Timo Sirainen <tss@iki.fi> parents: 4035 diff changeset	217 i_stream_destroy(&input);
14012 e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	218 end_time = time(NULL);
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	219 time_secs = end_time - start_time;
3891 2d0859490a2f If debug is enabled, tell how many users are found from passwd-file whenever Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	220
14012 e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	221 if ((time_secs > PARSE_TIME_STARTUP_WARN_SECS && startup) \|\|
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	222 (time_secs > PARSE_TIME_RELOAD_WARN_SECS && !startup)) {
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	223 i_warning("passwd-file %s: Reading %u users took %u secs",
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	224 pw->path, hash_table_count(pw->users), time_secs);
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	225 } else if (pw->db->debug) {
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	226 i_debug("passwd-file %s: Read %u users in %u secs",
e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	227 pw->path, hash_table_count(pw->users), time_secs);
3891 2d0859490a2f If debug is enabled, tell how many users are found from passwd-file whenever Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	228 }
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	229 return TRUE;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	230 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	231
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	232 static void passwd_file_close(struct passwd_file *pw)
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	233 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	234 if (pw->fd != -1) {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	235 if (close(pw->fd) < 0)
3043 8b80b69938f0 If UID or GID isn't numeric, look it up from passwd/group. Timo Sirainen <tss@iki.fi> parents: 2099 diff changeset	236 i_error("passwd-file %s: close() failed: %m", pw->path);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	237 pw->fd = -1;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	238 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	239
14918 8eae4e205c82 Hash table API is now (mostly) type safe. Timo Sirainen <tss@iki.fi> parents: 14917 diff changeset	240 if (hash_table_is_created(pw->users))
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	241 hash_table_destroy(&pw->users);
6428 7cad076906eb pool_unref() now takes ** pointer. Timo Sirainen <tss@iki.fi> parents: 6417 diff changeset	242 if (pw->pool != NULL)
7cad076906eb pool_unref() now takes ** pointer. Timo Sirainen <tss@iki.fi> parents: 6417 diff changeset	243 pool_unref(&pw->pool);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	244 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	245
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	246 static void passwd_file_free(struct passwd_file *pw)
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	247 {
14918 8eae4e205c82 Hash table API is now (mostly) type safe. Timo Sirainen <tss@iki.fi> parents: 14917 diff changeset	248 if (hash_table_is_created(pw->db->files))
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	249 hash_table_remove(pw->db->files, pw->path);
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	250
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	251 passwd_file_close(pw);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	252 i_free(pw->path);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	253 i_free(pw);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	254 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	255
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	256 static bool passwd_file_sync(struct passwd_file *pw)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	257 {
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	258 struct stat st;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	259
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	260 if (stat(pw->path, &st) < 0) {
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	261 /* with variables don't give hard errors, or errors about
11887 05031751cc21 Fixing my english: s/non-?existing/nonexistent/ Timo Sirainen <tss@iki.fi> parents: 11432 diff changeset	262 nonexistent files */
11432 dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	263 if (errno == EACCES) {
dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	264 i_error("passwd-file %s: %s", pw->path,
dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	265 eacces_error_get("stat", pw->path));
dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	266 } else if (errno != ENOENT) {
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	267 i_error("passwd-file %s: stat() failed: %m", pw->path);
11432 dcfabc2e2143 auth: Improved passwd-file's EACCES error messages. Timo Sirainen <tss@iki.fi> parents: 11079 diff changeset	268 }
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	269
5290 9b3029f06521 If passwd-file wasn't found, don't crash. Timo Sirainen <tss@iki.fi> parents: 5259 diff changeset	270 if (pw->db->default_file != pw)
9b3029f06521 If passwd-file wasn't found, don't crash. Timo Sirainen <tss@iki.fi> parents: 5259 diff changeset	271 passwd_file_free(pw);
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	272 return FALSE;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	273 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	274
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	275 if (st.st_mtime != pw->stamp \|\| st.st_size != pw->size) {
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	276 passwd_file_close(pw);
14012 e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	277 return passwd_file_open(pw, FALSE);
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	278 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	279 return TRUE;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	280 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	281
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	282 static struct db_passwd_file db_passwd_file_find(const char path)
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	283 {
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	284 struct db_passwd_file *f;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	285
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	286 for (f = passwd_files; f != NULL; f = f->next) {
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	287 if (strcmp(f->path, path) == 0)
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	288 return f;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	289 }
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	290
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	291 return NULL;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	292 }
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	293
14818 f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	294 static void db_passwd_file_set_userdb(struct db_passwd_file *db)
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	295 {
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	296 db->userdb = TRUE;
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	297 /* warn about missing userdb fields only when there aren't any other
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	298 userdbs. */
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	299 db->userdb_warn_missing =
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	300 array_count(&global_auth_settings->userdbs) == 1;
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	301 }
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	302
3891 2d0859490a2f If debug is enabled, tell how many users are found from passwd-file whenever Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	303 struct db_passwd_file *
11079 2fbd31f90277 auth: Fixed using same passwd-file with different username_format settings. Timo Sirainen <tss@iki.fi> parents: 10582 diff changeset	304 db_passwd_file_init(const char *path, bool userdb, bool debug)
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	305 {
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	306 struct db_passwd_file *db;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	307 const char *p;
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3657 diff changeset	308 bool percents = FALSE;
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	309
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	310 db = db_passwd_file_find(path);
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	311 if (db != NULL) {
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	312 db->refcount++;
14818 f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	313 if (userdb)
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	314 db_passwd_file_set_userdb(db);
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	315 return db;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	316 }
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	317
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	318 db = i_new(struct db_passwd_file, 1);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	319 db->refcount = 1;
14818 f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	320 if (userdb)
f74557336910 auth: if passwd-file isn't the only userdb, don't complain about missing userdb fields Timo Sirainen <tss@iki.fi> parents: 14133 diff changeset	321 db_passwd_file_set_userdb(db);
3891 2d0859490a2f If debug is enabled, tell how many users are found from passwd-file whenever Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	322 db->debug = debug;
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	323
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	324 for (p = path; *p != '\0'; p++) {
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	325 if (*p == '%' && p[1] != '\0') {
6394 9e74c008484a Added username_format parameter for passwd-file passdb and userdb. Timo Sirainen <tss@iki.fi> parents: 6162 diff changeset	326 if (var_get_key(++p) == '%')
3611 5d92a45fc751 When passwd-file has %d, drop domain names from username lookups only if %d Timo Sirainen <tss@iki.fi> parents: 3608 diff changeset	327 percents = TRUE;
5d92a45fc751 When passwd-file has %d, drop domain names from username lookups only if %d Timo Sirainen <tss@iki.fi> parents: 3608 diff changeset	328 else
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	329 db->vars = TRUE;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	330 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	331 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	332
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	333 if (percents && !db->vars) {
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	334 /* just extra escaped % chars. remove them. */
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	335 struct var_expand_table empty_table[1];
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	336 string_t *dest;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	337
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	338 empty_table[0].key = '\0';
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	339 dest = t_str_new(256);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	340 var_expand(dest, path, empty_table);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	341 path = str_c(dest);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	342 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	343
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	344 db->path = i_strdup(path);
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	345 if (db->vars) {
14918 8eae4e205c82 Hash table API is now (mostly) type safe. Timo Sirainen <tss@iki.fi> parents: 14917 diff changeset	346 hash_table_create(&db->files, default_pool, 0,
8eae4e205c82 Hash table API is now (mostly) type safe. Timo Sirainen <tss@iki.fi> parents: 14917 diff changeset	347 str_hash, strcmp);
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	348 } else {
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	349 db->default_file = passwd_file_new(db, path);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	350 }
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	351
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	352 db->next = passwd_files;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	353 passwd_files = db;
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	354 return db;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	355 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	356
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	357 void db_passwd_file_parse(struct db_passwd_file *db)
335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	358 {
335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	359 if (db->default_file != NULL && db->default_file->stamp == 0) {
335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	360 /* no variables, open the file immediately */
14012 e9a816eaa0e2 auth: If parsing passwd-file takes a long time, log a warning. Timo Sirainen <tss@iki.fi> parents: 13856 diff changeset	361 (void)passwd_file_open(db->default_file, TRUE);
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	362 }
335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	363 }
335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	364
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	365 void db_passwd_file_unref(struct db_passwd_file **_db)
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	366 {
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	367 struct db_passwd_file db = _db;
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	368 struct db_passwd_file **p;
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	369 struct hash_iterate_context *iter;
14918 8eae4e205c82 Hash table API is now (mostly) type safe. Timo Sirainen <tss@iki.fi> parents: 14917 diff changeset	370 char *path;
8eae4e205c82 Hash table API is now (mostly) type safe. Timo Sirainen <tss@iki.fi> parents: 14917 diff changeset	371 struct passwd_file *file;
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	372
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	373 *_db = NULL;
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	374 i_assert(db->refcount >= 0);
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	375 if (--db->refcount > 0)
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	376 return;
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	377
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	378 for (p = &passwd_files; p != NULL; p = &(p)->next) {
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	379 if (*p == db) {
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	380 *p = db->next;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	381 break;
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	382 }
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	383 }
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	384
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	385 if (db->default_file != NULL)
335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	386 passwd_file_free(db->default_file);
335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	387 else {
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	388 iter = hash_table_iterate_init(db->files);
14923 96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes. Timo Sirainen <tss@iki.fi> parents: 14918 diff changeset	389 while (hash_table_iterate(iter, db->files, &path, &file))
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	390 passwd_file_free(file);
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	391 hash_table_iterate_deinit(&iter);
f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	392 hash_table_destroy(&db->files);
4035 335ac59efffd If passwd-file is being used as userdb, complain immediately if some entries Timo Sirainen <tss@iki.fi> parents: 4034 diff changeset	393 }
3657 0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	394 i_free(db->path);
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's Timo Sirainen <tss@iki.fi> parents: 3611 diff changeset	395 i_free(db);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	396 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	397
4295 4fc637010202 Escape SQL strings using sql_escape_string(). Fixes the problems with Timo Sirainen <tss@iki.fi> parents: 4137 diff changeset	398 static const char *
4fc637010202 Escape SQL strings using sql_escape_string(). Fixes the problems with Timo Sirainen <tss@iki.fi> parents: 4137 diff changeset	399 path_fix(const char *path,
6411 6a64e64fa3a3 Renamed __attr___ to ATTR_. Renamed __attrs_used__ to ATTRS_DEFINED. Timo Sirainen <tss@iki.fi> parents: 6394 diff changeset	400 const struct auth_request *auth_request ATTR_UNUSED)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	401 {
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	402 const char *p;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	403
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	404 p = strchr(path, '/');
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	405 if (p == NULL)
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	406 return path;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	407
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	408 /* most likely this is an invalid request. just cut off the '/' and
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	409 everything after it. */
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	410 return t_strdup_until(path, p);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	411 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	412
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	413 struct passwd_user *
11079 2fbd31f90277 auth: Fixed using same passwd-file with different username_format settings. Timo Sirainen <tss@iki.fi> parents: 10582 diff changeset	414 db_passwd_file_lookup(struct db_passwd_file db, struct auth_request request,
2fbd31f90277 auth: Fixed using same passwd-file with different username_format settings. Timo Sirainen <tss@iki.fi> parents: 10582 diff changeset	415 const char *username_format)
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	416 {
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	417 struct passwd_file *pw;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	418 struct passwd_user *pu;
6394 9e74c008484a Added username_format parameter for passwd-file passdb and userdb. Timo Sirainen <tss@iki.fi> parents: 6162 diff changeset	419 const struct var_expand_table *table;
7561 1a58b18652a6 Avoid using shadow variables. Unfortunately -Wshadow also complains about Timo Sirainen <tss@iki.fi> parents: 7485 diff changeset	420 string_t username, dest;
6394 9e74c008484a Added username_format parameter for passwd-file passdb and userdb. Timo Sirainen <tss@iki.fi> parents: 6162 diff changeset	421 const char *path;
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	422
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	423 if (!db->vars)
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	424 pw = db->default_file;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	425 else {
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	426 table = auth_request_get_var_expand_table(request, path_fix);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	427 dest = t_str_new(256);
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	428 var_expand(dest, db->path, table);
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	429
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	430 pw = hash_table_lookup(db->files, str_c(dest));
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	431 if (pw == NULL) {
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	432 /* doesn't exist yet. create lookup for it. */
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	433 pw = passwd_file_new(db, str_c(dest));
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	434 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	435 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	436
5290 9b3029f06521 If passwd-file wasn't found, don't crash. Timo Sirainen <tss@iki.fi> parents: 5259 diff changeset	437 path = t_strdup(pw->path);
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	438 if (!passwd_file_sync(pw)) {
5290 9b3029f06521 If passwd-file wasn't found, don't crash. Timo Sirainen <tss@iki.fi> parents: 5259 diff changeset	439 /* pw may be freed now */
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	440 auth_request_log_info(request, "passwd-file",
5290 9b3029f06521 If passwd-file wasn't found, don't crash. Timo Sirainen <tss@iki.fi> parents: 5259 diff changeset	441 "no passwd file: %s", path);
3504 ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	442 return NULL;
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	443 }
ee0e39cf4ca5 Added support for variables in passwd-file path. Timo Sirainen <tss@iki.fi> parents: 3474 diff changeset	444
6394 9e74c008484a Added username_format parameter for passwd-file passdb and userdb. Timo Sirainen <tss@iki.fi> parents: 6162 diff changeset	445 username = t_str_new(256);
9e74c008484a Added username_format parameter for passwd-file passdb and userdb. Timo Sirainen <tss@iki.fi> parents: 6162 diff changeset	446 table = auth_request_get_var_expand_table(request,
9e74c008484a Added username_format parameter for passwd-file passdb and userdb. Timo Sirainen <tss@iki.fi> parents: 6162 diff changeset	447 auth_request_str_escape);
11079 2fbd31f90277 auth: Fixed using same passwd-file with different username_format settings. Timo Sirainen <tss@iki.fi> parents: 10582 diff changeset	448 var_expand(username, username_format, table);
5259 228eacfb2647 Added more debug logging. Timo Sirainen <tss@iki.fi> parents: 4466 diff changeset	449
228eacfb2647 Added more debug logging. Timo Sirainen <tss@iki.fi> parents: 4466 diff changeset	450 auth_request_log_debug(request, "passwd-file",
6394 9e74c008484a Added username_format parameter for passwd-file passdb and userdb. Timo Sirainen <tss@iki.fi> parents: 6162 diff changeset	451 "lookup: user=%s file=%s",
9e74c008484a Added username_format parameter for passwd-file passdb and userdb. Timo Sirainen <tss@iki.fi> parents: 6162 diff changeset	452 str_c(username), pw->path);
5259 228eacfb2647 Added more debug logging. Timo Sirainen <tss@iki.fi> parents: 4466 diff changeset	453
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8439 diff changeset	454 pu = hash_table_lookup(pw->users, str_c(username));
3069 131151e25e4b Added auth_request_log_(). Timo Sirainen <tss@iki.fi>* parents: 3043 diff changeset	455 if (pu == NULL)
131151e25e4b Added auth_request_log_(). Timo Sirainen <tss@iki.fi>* parents: 3043 diff changeset	456 auth_request_log_info(request, "passwd-file", "unknown user");
1062 0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	457 return pu;
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	458 }
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	459
0522a0315d2f Cleanups, LDAP support compiles again and generally looks ok, even if it Timo Sirainen <tss@iki.fi> parents: diff changeset	460 #endif

Mercurial > dovecot > core-2.2

annotate src/auth/db-passwd-file.c @ 15641:19403b3926f9