615eef3139c2 Updated copyright notices to include year 2010.

parents: 10542

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

97cdfeb57129 Renamed headers to prevent collision if they were flattened on an install.

parents: 9015

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

941511db13c3 Added auth_verbose_passwords = no|plain|sha1.

parents: 10582

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

3f27bf7832a2 Added auth_username_format setting.

parents: 4164

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

f0cc5486696e Authentication cache caches now also userdb data. Code by Tommi Saviranta.

parents: 4914

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

40a461d554e6 Added auth_debug_passwords setting. If it's not enabled, hide all password

parents: 3879

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

f7cdede45a88 If uidgid_file=<template_path> is set, the uid and gid are looked up by

parents: 5872

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

941511db13c3 Added auth_verbose_passwords = no|plain|sha1.

parents: 10582

941511db13c3 Added auth_verbose_passwords = no|plain|sha1.

parents: 10582

941511db13c3 Added auth_verbose_passwords = no|plain|sha1.

parents: 10582

289a98ba5d95 Another try with API cleanup.

parents: 3071

bdb16967be64 Further const'ification of struct mech_module.

parents: 5619

3feb38ff17f5 Moving code around.

parents: 3072

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give

parents: 3171

16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give

parents: 3171

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

dad0e22b735a Changed auth_request->created to last_access and update it a bit more often.

parents: 5585

3feb38ff17f5 Moving code around.

parents: 3072

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

289a98ba5d95 Another try with API cleanup.

parents: 3071

3feb38ff17f5 Moving code around.

parents: 3072

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

4f8598b0ca62 Use a bit larger initial pool sizes

parents: 3687

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

dad0e22b735a Changed auth_request->created to last_access and update it a bit more often.

parents: 5585

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

3feb38ff17f5 Moving code around.

parents: 3072

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

3feb38ff17f5 Moving code around.

parents: 3072

3feb38ff17f5 Moving code around.

parents: 3072

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

3feb38ff17f5 Moving code around.

parents: 3072

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

e4b84d82c685 Master connection's USER command was leaking memory (with deliver binary).

parents: 3338

e4b84d82c685 Master connection's USER command was leaking memory (with deliver binary).

parents: 3338

e4b84d82c685 Master connection's USER command was leaking memory (with deliver binary).

parents: 3338

7cad076906eb pool_unref() now takes ** pointer.

parents: 6411

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

9f66028a1089 Pass original_username to auth-workers.

parents: 8320

fc5683975951 auth: original_username should never be NULL, removed all code that checks for it.

parents: 8346

fc5683975951 auth: original_username should never be NULL, removed all code that checks for it.

parents: 8346

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

e33158bc72b0 %c wasn't exported to auth worker processes. Patch by Andrey Panin

parents: 5475

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

be991f857c70 Fixed pass=yes with blocking passdbs. Also master_user wasn't exported

parents: 7278

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

d49aa6720fb2 Added %k variable to display valid-client-cert status. It expands to "valid" or empty.

parents: 8163

d49aa6720fb2 Added %k variable to display valid-client-cert status. It expands to "valid" or empty.

parents: 8163

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool.

parents: 3771

55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool.

parents: 3771

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

9f66028a1089 Pass original_username to auth-workers.

parents: 8320

9f66028a1089 Pass original_username to auth-workers.

parents: 8320

c12df370e1b2 Added ssl_username_from_cert setting. Not actually tested yet..

parents: 3609

9d0037a997f4 Initial commit for config rewrite.

parents: 8599

c12df370e1b2 Added ssl_username_from_cert setting. Not actually tested yet..

parents: 3609

c12df370e1b2 Added ssl_username_from_cert setting. Not actually tested yet..

parents: 3609

c12df370e1b2 Added ssl_username_from_cert setting. Not actually tested yet..

parents: 3609

c12df370e1b2 Added ssl_username_from_cert setting. Not actually tested yet..

parents: 3609

c12df370e1b2 Added ssl_username_from_cert setting. Not actually tested yet..

parents: 3609

c12df370e1b2 Added ssl_username_from_cert setting. Not actually tested yet..

parents: 3609

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

0d72eb2ed8af Added %c variable which expands to "secured" with SSL/TLS/localhost.

parents: 5251

0d72eb2ed8af Added %c variable which expands to "secured" with SSL/TLS/localhost.

parents: 5251

1bd8b17bfabe If AUTH has "nologin" parameter, the request is freed when authentication is

parents: 7086

1bd8b17bfabe If AUTH has "nologin" parameter, the request is freed when authentication is

parents: 7086

d49aa6720fb2 Added %k variable to display valid-client-cert status. It expands to "valid" or empty.

parents: 8163

d49aa6720fb2 Added %k variable to display valid-client-cert status. It expands to "valid" or empty.

parents: 8163

be991f857c70 Fixed pass=yes with blocking passdbs. Also master_user wasn't exported

parents: 7278

be991f857c70 Fixed pass=yes with blocking passdbs. Also master_user wasn't exported

parents: 7278

be991f857c70 Fixed pass=yes with blocking passdbs. Also master_user wasn't exported

parents: 7278

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

b01a8fa09f94 Cleanups.

parents: 3065

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

c7db6b291daa API cleanup

parents: 3069

b01a8fa09f94 Cleanups.

parents: 3065

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

c7db6b291daa API cleanup

parents: 3069

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give

parents: 3171

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

96fd7a3f9bfe If password is expired, give "Password expired" error. Currently works only

parents: 4295

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

e2fe8222449d s/occured/occurred/

parents: 3432

e2fe8222449d s/occured/occurred/

parents: 3432

079ec5c2d665 Last change caused user-given passwords to be cached, and later the password

parents: 3431

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

3b49b9ec87dc auth_cache: Try to handle changing passwords automatically: If password

parents: 4575

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

81180ca12997 We were caching failed blocking requests wrong.

parents: 3635

81180ca12997 We were caching failed blocking requests wrong.

parents: 3635

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

e2fe8222449d s/occured/occurred/

parents: 3432

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

e2fe8222449d s/occured/occurred/

parents: 3432

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

3b49b9ec87dc auth_cache: Try to handle changing passwords automatically: If password

parents: 4575

3b49b9ec87dc auth_cache: Try to handle changing passwords automatically: If password

parents: 4575

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

dee19849654b If master login failed because of non-password failure (eg. allow_nets)

parents: 4533

dee19849654b If master login failed because of non-password failure (eg. allow_nets)

parents: 4533

dee19849654b If master login failed because of non-password failure (eg. allow_nets)

parents: 4533

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool.

parents: 3771

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

97f53e0cce63 Fallback to using expired records from auth cache if database lookups fail.

parents: 3166

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

8846e6be0e02 If multiple passdbs were configured and we tried to authenticate as user

parents: 4374

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

96fd7a3f9bfe If password is expired, give "Password expired" error. Currently works only

parents: 4295

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

96fd7a3f9bfe If password is expired, give "Password expired" error. Currently works only

parents: 4295

96fd7a3f9bfe If password is expired, give "Password expired" error. Currently works only

parents: 4295

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give

parents: 3171

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

8a8352cda514 If passdb lookup fails with internal error, try other passdbs anyway before

parents: 3520

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

68c2ad5e4f85 Master login attempts weren't logged if no master passdbs were defined.

parents: 4136

529034798b6b Add login username in "Attempted master login with no master passdbs" error.

parents: 8402

529034798b6b Add login username in "Attempted master login with no master passdbs" error.

parents: 8402

529034798b6b Add login username in "Attempted master login with no master passdbs" error.

parents: 8402

68c2ad5e4f85 Master login attempts weren't logged if no master passdbs were defined.

parents: 4136

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give

parents: 3171

16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give

parents: 3171

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

da9e4ffef09f Last changes broke proxying when user was in auth cache.

parents: 3161

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

64ed35c97678 Don't crash if cache key isn't set but cache is enabled.

parents: 3695

64ed35c97678 Don't crash if cache key isn't set but cache is enabled.

parents: 3695

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

64ed35c97678 Don't crash if cache key isn't set but cache is enabled.

parents: 3695

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

f8dc0bdb06a7 Removed enum passdb_credentials. Use scheme strings directly instead. This

parents: 5586

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer.

parents: 3728

4b6d962485b9 Added authentication bind support. Patch by J.M. Maurer.

parents: 3728

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

f8dc0bdb06a7 Removed enum passdb_credentials. Use scheme strings directly instead. This

parents: 5586

f8dc0bdb06a7 Removed enum passdb_credentials. Use scheme strings directly instead. This

parents: 5586

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

9d0037a997f4 Initial commit for config rewrite.

parents: 8599

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

97f53e0cce63 Fallback to using expired records from auth cache if database lookups fail.

parents: 3166

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

97f53e0cce63 Fallback to using expired records from auth cache if database lookups fail.

parents: 3166

97f53e0cce63 Fallback to using expired records from auth cache if database lookups fail.

parents: 3166

97f53e0cce63 Fallback to using expired records from auth cache if database lookups fail.

parents: 3166

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

97f53e0cce63 Fallback to using expired records from auth cache if database lookups fail.

parents: 3166

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

90e2a21a4298 auth: Improved logging for "password scheme not available" failures.

parents: 8696

90e2a21a4298 auth: Improved logging for "password scheme not available" failures.

parents: 8696

90e2a21a4298 auth: Improved logging for "password scheme not available" failures.

parents: 8696

90e2a21a4298 auth: Improved logging for "password scheme not available" failures.

parents: 8696

90e2a21a4298 auth: Improved logging for "password scheme not available" failures.

parents: 8696

97f53e0cce63 Fallback to using expired records from auth cache if database lookups fail.

parents: 3166

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

f8dc0bdb06a7 Removed enum passdb_credentials. Use scheme strings directly instead. This

parents: 5586