dovecot/core-2.2: src/lib-master/master-login-auth.c annotate

annotate src/lib-master/master-login-auth.c @ 22311:25af9d4dad59

global: Replaced t_strsplit_tab() calls with t_strsplit_tabescaped() This is useful especially in auth code to support LFs in extra fields. Other pieces of code were also tab-escaping strings, but never unescaping them. Usually it didn't matter, because nobody would use the escaped characters. Still, the code wasn't exactly behaving correctly. One downside to this change is that it's now possible to pass through TABs, CRs and LFs through the various protocols. In theory this shouldn't cause any problems, but combined with other bugs this could trigger some security problems.

author	Timo Sirainen <timo.sirainen@dovecot.fi>
date	Thu, 20 Oct 2016 17:45:44 +0300
parents	2e2563132d5f
children	cb108f786fb4

rev	line source
21390 2e2563132d5f Updated copyright notices to include the year 2017. Stephan Bosch <stephan.bosch@dovecot.fi> parents: 20661 diff changeset	1 /* Copyright (c) 2009-2017 Dovecot authors, see the included COPYING file */
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	2
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	3 #include "lib.h"
15187 02451e967a06 Renamed network.[ch] to net.[ch]. Timo Sirainen <tss@iki.fi> parents: 15049 diff changeset	4 #include "net.h"
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	5 #include "ioloop.h"
15049 aa6027a0a78e Added support to perform token-based service process authentication. Stephan Bosch <stephan@rename-it.nl> parents: 14923 diff changeset	6 #include "hostpid.h"
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	7 #include "istream.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	8 #include "ostream.h"
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	9 #include "llist.h"
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	10 #include "hex-binary.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	11 #include "hash.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	12 #include "str.h"
22311 25af9d4dad59 global: Replaced t_strsplit_tab() calls with t_strsplit_tabescaped() Timo Sirainen <timo.sirainen@dovecot.fi> parents: 21390 diff changeset	13 #include "strescape.h"
11256 e08dd68309a9 auth/login related timeouts are now in one place and they make more sense. Timo Sirainen <tss@iki.fi> parents: 11248 diff changeset	14 #include "master-interface.h"
12367 9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected. Timo Sirainen <tss@iki.fi> parents: 12329 diff changeset	15 #include "master-service.h"
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	16 #include "master-auth.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	17 #include "master-login-auth.h"
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	18
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	19
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	20 #define AUTH_MAX_INBUF_SIZE 8192
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	21
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	22 struct master_login_auth_request {
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	23 struct master_login_auth_request prev, next;
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	24
11248 1fd45deee948 lib-master: Don't crash after timeouting an auth-master request. Timo Sirainen <tss@iki.fi> parents: 11097 diff changeset	25 unsigned int id;
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	26 time_t create_stamp;
11248 1fd45deee948 lib-master: Don't crash after timeouting an auth-master request. Timo Sirainen <tss@iki.fi> parents: 11097 diff changeset	27
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	28 pid_t auth_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	29 unsigned int auth_id;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	30 unsigned int client_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	31 uint8_t cookie[MASTER_AUTH_COOKIE_SIZE];
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	32
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	33 master_login_auth_request_callback_t *callback;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	34 void *context;
12405 e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	35
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	36 unsigned int aborted:1;
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	37 };
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	38
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	39 struct master_login_auth {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	40 pool_t pool;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	41 const char *auth_socket_path;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	42 int refcount;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	43
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	44 int fd;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	45 struct io *io;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	46 struct istream *input;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	47 struct ostream *output;
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	48 struct timeout *to;
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	49
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	50 unsigned int id_counter;
14923 96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes. Timo Sirainen <tss@iki.fi> parents: 14918 diff changeset	51 HASH_TABLE(void , struct master_login_auth_request ) requests;
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	52 /* linked list of requests, ordered by create_stamp */
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	53 struct master_login_auth_request request_head, request_tail;
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	54
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	55 pid_t auth_server_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	56
15049 aa6027a0a78e Added support to perform token-based service process authentication. Stephan Bosch <stephan@rename-it.nl> parents: 14923 diff changeset	57 unsigned int request_auth_token:1;
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	58 unsigned int version_received:1;
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	59 unsigned int spid_received:1;
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	60 };
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	61
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	62 static void master_login_auth_set_timeout(struct master_login_auth *auth);
12405 e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	63 static void master_login_auth_check_spids(struct master_login_auth *auth);
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	64
15049 aa6027a0a78e Added support to perform token-based service process authentication. Stephan Bosch <stephan@rename-it.nl> parents: 14923 diff changeset	65 struct master_login_auth *
aa6027a0a78e Added support to perform token-based service process authentication. Stephan Bosch <stephan@rename-it.nl> parents: 14923 diff changeset	66 master_login_auth_init(const char *auth_socket_path, bool request_auth_token)
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	67 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	68 struct master_login_auth *auth;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	69 pool_t pool;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	70
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	71 pool = pool_alloconly_create("master login auth", 1024);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	72 auth = p_new(pool, struct master_login_auth, 1);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	73 auth->pool = pool;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	74 auth->auth_socket_path = p_strdup(pool, auth_socket_path);
15049 aa6027a0a78e Added support to perform token-based service process authentication. Stephan Bosch <stephan@rename-it.nl> parents: 14923 diff changeset	75 auth->request_auth_token = request_auth_token;
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	76 auth->refcount = 1;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	77 auth->fd = -1;
14918 8eae4e205c82 Hash table API is now (mostly) type safe. Timo Sirainen <tss@iki.fi> parents: 14917 diff changeset	78 hash_table_create_direct(&auth->requests, pool, 0);
12490 16dbbb57a4b2 lib-master: Try to use auth request ID numbers from wider range to ease debugging. Timo Sirainen <tss@iki.fi> parents: 12488 diff changeset	79 auth->id_counter = (rand() % 32767) * 131072U;
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	80 return auth;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	81 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	82
12504 c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	83 static void
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	84 request_internal_failure(struct master_login_auth_request *request,
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	85 const char *reason)
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	86 {
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	87 i_error("%s (client-pid=%u client-id=%u)",
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	88 reason, request->client_pid, request->auth_id);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	89 request->callback(NULL, MASTER_AUTH_ERRMSG_INTERNAL_FAILURE,
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	90 request->context);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	91 }
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	92
10473 a0d99b374aa4 imap, pop3: Close auth/config connections when we stop accepting more connections. Timo Sirainen <tss@iki.fi> parents: 10199 diff changeset	93 void master_login_auth_disconnect(struct master_login_auth *auth)
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	94 {
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	95 struct master_login_auth_request *request;
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	96
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	97 while (auth->request_head != NULL) {
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	98 request = auth->request_head;
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	99 DLLIST2_REMOVE(&auth->request_head,
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	100 &auth->request_tail, request);
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	101
12504 c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	102 request_internal_failure(request,
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	103 "Disconnected from auth server, aborting");
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	104 i_free(request);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	105 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	106 hash_table_clear(auth->requests, FALSE);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	107
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	108 if (auth->to != NULL)
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	109 timeout_remove(&auth->to);
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	110 if (auth->io != NULL)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	111 io_remove(&auth->io);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	112 if (auth->fd != -1) {
20661 aa1ac716269e lib-master: Check for NULL in input/output Aki Tuomi <aki.tuomi@dovecot.fi> parents: 19552 diff changeset	113 if (auth->input != NULL)
aa1ac716269e lib-master: Check for NULL in input/output Aki Tuomi <aki.tuomi@dovecot.fi> parents: 19552 diff changeset	114 i_stream_destroy(&auth->input);
aa1ac716269e lib-master: Check for NULL in input/output Aki Tuomi <aki.tuomi@dovecot.fi> parents: 19552 diff changeset	115 if (auth->output != NULL)
aa1ac716269e lib-master: Check for NULL in input/output Aki Tuomi <aki.tuomi@dovecot.fi> parents: 19552 diff changeset	116 o_stream_destroy(&auth->output);
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	117
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	118 net_disconnect(auth->fd);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	119 auth->fd = -1;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	120 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	121 auth->version_received = FALSE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	122 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	123
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	124 static void master_login_auth_unref(struct master_login_auth **_auth)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	125 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	126 struct master_login_auth auth = _auth;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	127
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	128 *_auth = NULL;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	129
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	130 i_assert(auth->refcount > 0);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	131 if (--auth->refcount > 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	132 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	133
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	134 hash_table_destroy(&auth->requests);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	135 pool_unref(&auth->pool);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	136 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	137
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	138 void master_login_auth_deinit(struct master_login_auth **_auth)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	139 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	140 struct master_login_auth auth = _auth;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	141
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	142 *_auth = NULL;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	143
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	144 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	145 master_login_auth_unref(&auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	146 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	147
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	148 static unsigned int auth_get_next_timeout_secs(struct master_login_auth *auth)
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	149 {
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	150 time_t expires;
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	151
11256 e08dd68309a9 auth/login related timeouts are now in one place and they make more sense. Timo Sirainen <tss@iki.fi> parents: 11248 diff changeset	152 expires = auth->request_head->create_stamp +
e08dd68309a9 auth/login related timeouts are now in one place and they make more sense. Timo Sirainen <tss@iki.fi> parents: 11248 diff changeset	153 MASTER_AUTH_LOOKUP_TIMEOUT_SECS;
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	154 return expires <= ioloop_time ? 0 : expires - ioloop_time;
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	155 }
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	156
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	157 static void master_login_auth_timeout(struct master_login_auth *auth)
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	158 {
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	159 struct master_login_auth_request *request;
12504 c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	160 const char *reason;
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	161
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	162 while (auth->request_head != NULL &&
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	163 auth_get_next_timeout_secs(auth) == 0) {
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	164 request = auth->request_head;
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	165 DLLIST2_REMOVE(&auth->request_head,
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	166 &auth->request_tail, request);
14923 96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes. Timo Sirainen <tss@iki.fi> parents: 14918 diff changeset	167 hash_table_remove(auth->requests, POINTER_CAST(request->id));
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	168
12504 c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	169 reason = t_strdup_printf(
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	170 "Auth server request timed out after %u secs",
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	171 (unsigned int)(ioloop_time - request->create_stamp));
12504 c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	172 request_internal_failure(request, reason);
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	173 i_free(request);
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	174 }
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	175 timeout_remove(&auth->to);
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	176 master_login_auth_set_timeout(auth);
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	177 }
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	178
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	179 static void master_login_auth_set_timeout(struct master_login_auth *auth)
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	180 {
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	181 i_assert(auth->to == NULL);
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	182
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	183 if (auth->request_head != NULL) {
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	184 auth->to = timeout_add(auth_get_next_timeout_secs(auth) * 1000,
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	185 master_login_auth_timeout, auth);
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	186 }
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	187 }
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	188
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	189 static void
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	190 master_login_auth_request_remove(struct master_login_auth *auth,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	191 struct master_login_auth_request *request)
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	192 {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	193 bool update_timeout;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	194
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	195 update_timeout = request->prev == NULL;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	196
14923 96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes. Timo Sirainen <tss@iki.fi> parents: 14918 diff changeset	197 hash_table_remove(auth->requests, POINTER_CAST(request->id));
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	198 DLLIST2_REMOVE(&auth->request_head, &auth->request_tail, request);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	199
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	200 if (update_timeout) {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	201 timeout_remove(&auth->to);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	202 master_login_auth_set_timeout(auth);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	203 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	204 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	205
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	206 static struct master_login_auth_request *
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	207 master_login_auth_lookup_request(struct master_login_auth *auth,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	208 unsigned int id)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	209 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	210 struct master_login_auth_request *request;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	211
14923 96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes. Timo Sirainen <tss@iki.fi> parents: 14918 diff changeset	212 request = hash_table_lookup(auth->requests, POINTER_CAST(id));
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	213 if (request == NULL) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	214 i_error("Auth server sent reply with unknown ID %u", id);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	215 return NULL;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	216 }
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	217 master_login_auth_request_remove(auth, request);
12405 e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	218 if (request->aborted) {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	219 request->callback(NULL, MASTER_AUTH_ERRMSG_INTERNAL_FAILURE,
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	220 request->context);
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	221 i_free(request);
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	222 return NULL;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	223 }
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	224 return request;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	225 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	226
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	227 static bool
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	228 master_login_auth_input_user(struct master_login_auth auth, const char args)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	229 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	230 struct master_login_auth_request *request;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	231 const char const list;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	232 unsigned int id;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	233
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	234 /* <id> <userid> [..] */
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	235
22311 25af9d4dad59 global: Replaced t_strsplit_tab() calls with t_strsplit_tabescaped() Timo Sirainen <timo.sirainen@dovecot.fi> parents: 21390 diff changeset	236 list = t_strsplit_tabescaped(args);
11086 260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	237 if (list[0] == NULL \|\| list[1] == NULL \|\|
260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	238 str_to_uint(list[0], &id) < 0) {
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	239 i_error("Auth server sent corrupted USER line");
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	240 return FALSE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	241 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	242
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	243 request = master_login_auth_lookup_request(auth, id);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	244 if (request != NULL) {
11018 2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	245 request->callback(list + 1, NULL, request->context);
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	246 i_free(request);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	247 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	248 return TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	249 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	250
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	251 static bool
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	252 master_login_auth_input_notfound(struct master_login_auth *auth,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	253 const char *args)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	254 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	255 struct master_login_auth_request *request;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	256 unsigned int id;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	257
11086 260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	258 if (str_to_uint(args, &id) < 0) {
260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	259 i_error("Auth server sent corrupted NOTFOUND line");
260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	260 return FALSE;
260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	261 }
260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	262
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	263 request = master_login_auth_lookup_request(auth, id);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	264 if (request != NULL) {
12504 c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	265 const char *reason = t_strdup_printf(
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	266 "Authenticated user not found from userdb, "
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	267 "auth lookup id=%u", id);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	268 request_internal_failure(request, reason);
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	269 i_free(request);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	270 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	271 return TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	272 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	273
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	274 static bool
11018 2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	275 master_login_auth_input_fail(struct master_login_auth *auth,
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	276 const char *args_line)
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	277 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	278 struct master_login_auth_request *request;
11018 2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	279 const char const args, *error = NULL;
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	280 unsigned int i, id;
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	281
22311 25af9d4dad59 global: Replaced t_strsplit_tab() calls with t_strsplit_tabescaped() Timo Sirainen <timo.sirainen@dovecot.fi> parents: 21390 diff changeset	282 args = t_strsplit_tabescaped(args_line);
11086 260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	283 if (args[0] == NULL \|\| str_to_uint(args[0], &id) < 0) {
11018 2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	284 i_error("Auth server sent broken FAIL line");
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	285 return FALSE;
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	286 }
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	287 for (i = 1; args[i] != NULL; i++) {
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	288 if (strncmp(args[i], "reason=", 7) == 0)
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	289 error = args[i] + 7;
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	290 }
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	291
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	292 request = master_login_auth_lookup_request(auth, id);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	293 if (request != NULL) {
12504 c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	294 if (error == NULL) {
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	295 request_internal_failure(request,
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	296 "Internal auth failure");
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	297 } else {
12552 6a0f3010d592 lib-master: Error message typofix. Timo Sirainen <tss@iki.fi> parents: 12504 diff changeset	298 i_error("Internal auth failure: %s "
12504 c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	299 "(client-pid=%u client-id=%u)",
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	300 error, request->client_pid, request->auth_id);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	301 request->callback(NULL, error, request->context);
c6b0e643d2dc Log login pid/id for internal failures to allow matching errors between processes. Timo Sirainen <tss@iki.fi> parents: 12490 diff changeset	302 }
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	303 i_free(request);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	304 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	305 return TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	306 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	307
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	308 static void master_login_auth_input(struct master_login_auth *auth)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	309 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	310 const char *line;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	311 bool ret;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	312
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	313 switch (i_stream_read(auth->input)) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	314 case 0:
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	315 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	316 case -1:
12367 9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected. Timo Sirainen <tss@iki.fi> parents: 12329 diff changeset	317 /* disconnected. stop accepting new connections, because in
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected. Timo Sirainen <tss@iki.fi> parents: 12329 diff changeset	318 default configuration we no longer have permissions to
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected. Timo Sirainen <tss@iki.fi> parents: 12329 diff changeset	319 connect back to auth-master */
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected. Timo Sirainen <tss@iki.fi> parents: 12329 diff changeset	320 master_service_stop_new_connections(master_service);
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	321 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	322 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	323 case -2:
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	324 /* buffer full */
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	325 i_error("Auth server sent us too long line");
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	326 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	327 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	328 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	329
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	330 if (!auth->version_received) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	331 line = i_stream_next_line(auth->input);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	332 if (line == NULL)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	333 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	334
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	335 /* make sure the major version matches */
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	336 if (strncmp(line, "VERSION\t", 8) != 0 \|\|
11086 260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	337 !str_uint_equals(t_strcut(line + 8, '\t'),
260e190306b0 Started using str_to_() functions instead of libc's ones. Timo Sirainen <tss@iki.fi>* parents: 11018 diff changeset	338 AUTH_MASTER_PROTOCOL_MAJOR_VERSION)) {
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	339 i_error("Authentication server not compatible with "
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	340 "master process (mixed old and new binaries?)");
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	341 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	342 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	343 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	344 auth->version_received = TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	345 }
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	346 if (!auth->spid_received) {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	347 line = i_stream_next_line(auth->input);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	348 if (line == NULL)
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	349 return;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	350
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	351 if (strncmp(line, "SPID\t", 5) != 0 \|\|
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	352 str_to_pid(line + 5, &auth->auth_server_pid) < 0) {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	353 i_error("Authentication server didn't "
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	354 "send valid SPID as expected: %s", line);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	355 master_login_auth_disconnect(auth);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	356 return;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	357 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	358 auth->spid_received = TRUE;
12405 e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	359 master_login_auth_check_spids(auth);
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	360 }
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	361
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	362 auth->refcount++;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	363 while ((line = i_stream_next_line(auth->input)) != NULL) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	364 if (strncmp(line, "USER\t", 5) == 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	365 ret = master_login_auth_input_user(auth, line + 5);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	366 else if (strncmp(line, "NOTFOUND\t", 9) == 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	367 ret = master_login_auth_input_notfound(auth, line + 9);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	368 else if (strncmp(line, "FAIL\t", 5) == 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	369 ret = master_login_auth_input_fail(auth, line + 5);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	370 else
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	371 ret = TRUE;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	372
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	373 if (!ret \|\| auth->input == NULL) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	374 master_login_auth_disconnect(auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	375 break;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	376 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	377 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	378 master_login_auth_unref(&auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	379 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	380
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	381 static int
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	382 master_login_auth_connect(struct master_login_auth *auth)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	383 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	384 int fd;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	385
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	386 i_assert(auth->fd == -1);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	387
10159 e027503ddb6b Use net_connect_unix_with_retries() instead of duplicating the code everywhere. Timo Sirainen <tss@iki.fi> parents: 10101 diff changeset	388 fd = net_connect_unix_with_retries(auth->auth_socket_path, 1000);
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	389 if (fd == -1) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	390 i_error("net_connect_unix(%s) failed: %m",
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	391 auth->auth_socket_path);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	392 return -1;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	393 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	394 auth->fd = fd;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	395 auth->input = i_stream_create_fd(fd, AUTH_MAX_INBUF_SIZE, FALSE);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	396 auth->output = o_stream_create_fd(fd, (size_t)-1, FALSE);
14681 ca37d1577291 Added o_stream_nsend() and related functions to make delayed error handling safer. Timo Sirainen <tss@iki.fi>* parents: 14471 diff changeset	397 o_stream_set_no_error_handling(auth->output, TRUE);
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	398 auth->io = io_add(fd, IO_READ, master_login_auth_input, auth);
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	399 return 0;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	400 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	401
12405 e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	402 static bool
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	403 auth_request_check_spid(struct master_login_auth *auth,
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	404 struct master_login_auth_request *req)
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	405 {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	406 if (auth->auth_server_pid != req->auth_pid && auth->spid_received) {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	407 /* auth server was restarted. don't even attempt a login. */
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	408 i_warning("Auth server restarted (pid %u -> %u), aborting auth",
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	409 (unsigned int)req->auth_pid,
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	410 (unsigned int)auth->auth_server_pid);
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	411 return FALSE;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	412 }
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	413 return TRUE;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	414 }
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	415
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	416 static void master_login_auth_check_spids(struct master_login_auth *auth)
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	417 {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	418 struct master_login_auth_request req, next;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	419
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	420 for (req = auth->request_head; req != NULL; req = next) {
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	421 next = req->next;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	422 if (!auth_request_check_spid(auth, req))
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	423 req->aborted = TRUE;
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	424 }
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	425 }
e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	426
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	427 static void
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	428 master_login_auth_send_request(struct master_login_auth *auth,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	429 struct master_login_auth_request *req)
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	430 {
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	431 string_t *str;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	432
12405 e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	433 if (!auth_request_check_spid(auth, req)) {
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	434 master_login_auth_request_remove(auth, req);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	435 req->callback(NULL, MASTER_AUTH_ERRMSG_INTERNAL_FAILURE,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	436 req->context);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	437 i_free(req);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	438 return;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	439 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	440
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	441 str = t_str_new(128);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	442 str_printfa(str, "REQUEST\t%u\t%u\t%u\t", req->id,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	443 req->client_pid, req->auth_id);
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	444 binary_to_hex_append(str, req->cookie, sizeof(req->cookie));
16909 9ef23179892a auth: Added %{session_pid} variable for userdb lookups in login requests. Timo Sirainen <tss@iki.fi> parents: 15715 diff changeset	445 str_printfa(str, "\tsession_pid=%s", my_pid);
15049 aa6027a0a78e Added support to perform token-based service process authentication. Stephan Bosch <stephan@rename-it.nl> parents: 14923 diff changeset	446 if (auth->request_auth_token)
16909 9ef23179892a auth: Added %{session_pid} variable for userdb lookups in login requests. Timo Sirainen <tss@iki.fi> parents: 15715 diff changeset	447 str_append(str, "\trequest_auth_token");
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	448 str_append_c(str, '\n');
14681 ca37d1577291 Added o_stream_nsend() and related functions to make delayed error handling safer. Timo Sirainen <tss@iki.fi>* parents: 14471 diff changeset	449 o_stream_nsend(auth->output, str_data(str), str_len(str));
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	450 }
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	451
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	452 void master_login_auth_request(struct master_login_auth *auth,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	453 const struct master_auth_request *req,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	454 master_login_auth_request_callback_t *callback,
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	455 void *context)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	456 {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	457 struct master_login_auth_request *login_req;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	458 unsigned int id;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	459
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	460 if (auth->fd == -1) {
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	461 if (master_login_auth_connect(auth) < 0) {
12367 9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected. Timo Sirainen <tss@iki.fi> parents: 12329 diff changeset	462 /* we couldn't connect to auth now,
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected. Timo Sirainen <tss@iki.fi> parents: 12329 diff changeset	463 so we probably can't in future either. */
9f179255b796 lib-master: Stop accepting new connections after auth-master gets disconnected. Timo Sirainen <tss@iki.fi> parents: 12329 diff changeset	464 master_service_stop_new_connections(master_service);
11018 2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	465 callback(NULL, MASTER_AUTH_ERRMSG_INTERNAL_FAILURE,
2e08ce368bc0 Added support for userdb lookup to fail with a reason (many API changes). Timo Sirainen <tss@iki.fi> parents: 10589 diff changeset	466 context);
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	467 return;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	468 }
14681 ca37d1577291 Added o_stream_nsend() and related functions to make delayed error handling safer. Timo Sirainen <tss@iki.fi>* parents: 14471 diff changeset	469 o_stream_nsend_str(auth->output,
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	470 t_strdup_printf("VERSION\t%u\t%u\n",
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	471 AUTH_MASTER_PROTOCOL_MAJOR_VERSION,
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	472 AUTH_MASTER_PROTOCOL_MINOR_VERSION));
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	473 }
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	474
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	475 id = ++auth->id_counter;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	476 if (id == 0)
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	477 id++;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	478
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	479 login_req = i_new(struct master_login_auth_request, 1);
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	480 login_req->create_stamp = ioloop_time;
11248 1fd45deee948 lib-master: Don't crash after timeouting an auth-master request. Timo Sirainen <tss@iki.fi> parents: 11097 diff changeset	481 login_req->id = id;
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	482 login_req->auth_pid = req->auth_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	483 login_req->client_pid = req->client_pid;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	484 login_req->auth_id = req->auth_id;
16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	485 memcpy(login_req->cookie, req->cookie, sizeof(login_req->cookie));
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	486 login_req->callback = callback;
4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	487 login_req->context = context;
17489 f6e2fa1afa45 Added several asserts to make sure duplicates aren't inserted into hash table. Timo Sirainen <tss@iki.fi> parents: 17130 diff changeset	488 i_assert(hash_table_lookup(auth->requests, POINTER_CAST(id)) == NULL);
14923 96fd2c3bf932 Reverted "support for non-pointers" part of the hash table API changes. Timo Sirainen <tss@iki.fi> parents: 14918 diff changeset	489 hash_table_insert(auth->requests, POINTER_CAST(id), login_req);
11097 0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	490 DLLIST2_APPEND(&auth->request_head, &auth->request_tail, login_req);
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	491
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	492 if (auth->to == NULL)
0979e9e1e124 lib-master: Added timeout for auth master lookups. Timo Sirainen <tss@iki.fi> parents: 11086 diff changeset	493 master_login_auth_set_timeout(auth);
12137 16330c0c8ef4 lib-master: When finishing auth, don't send REQUEST if auth process has restarted. Timo Sirainen <tss@iki.fi> parents: 11256 diff changeset	494
12405 e72ab743b8df lib-master: Don't wait for handshake before sending auth-master request. Timo Sirainen <tss@iki.fi> parents: 12367 diff changeset	495 master_login_auth_send_request(auth, login_req);
10101 4fe8c4382712 Redesigned how login process passes connections to mail processes and changed related APIs. Timo Sirainen <tss@iki.fi> parents: diff changeset	496 }
10199 9d13e9f78d52 lib-master: Fixes to handling master-login services. Timo Sirainen <tss@iki.fi> parents: 10159 diff changeset	497
9d13e9f78d52 lib-master: Fixes to handling master-login services. Timo Sirainen <tss@iki.fi> parents: 10159 diff changeset	498 unsigned int master_login_auth_request_count(struct master_login_auth *auth)
9d13e9f78d52 lib-master: Fixes to handling master-login services. Timo Sirainen <tss@iki.fi> parents: 10159 diff changeset	499 {
9d13e9f78d52 lib-master: Fixes to handling master-login services. Timo Sirainen <tss@iki.fi> parents: 10159 diff changeset	500 return hash_table_count(auth->requests);
9d13e9f78d52 lib-master: Fixes to handling master-login services. Timo Sirainen <tss@iki.fi> parents: 10159 diff changeset	501 }

Mercurial > dovecot > core-2.2

annotate src/lib-master/master-login-auth.c @ 22311:25af9d4dad59