Mercurial > dovecot > core-2.2
annotate src/login-common/main.c @ 22659:69f827f71014
*-login: Add login_proxy_notify_path setting to configure proxy-notify path
A single FIFO can be a bottleneck, so this could be set to e.g.:
login_proxy_notify_path = proxy-notify%1R{pid}
or:
login_proxy_notify_path = proxy-notify%10N{pid}
author | Timo Sirainen <timo.sirainen@dovecot.fi> |
---|---|
date | Fri, 27 Oct 2017 16:45:16 +0300 |
parents | a85bccd23139 |
children | cb108f786fb4 |
rev | line source |
---|---|
21390
2e2563132d5f
Updated copyright notices to include the year 2017.
Stephan Bosch <stephan.bosch@dovecot.fi>
parents:
21389
diff
changeset
|
1 /* Copyright (c) 2002-2017 Dovecot authors, see the included COPYING file */ |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
10549
9ae939146ff7
login-common: Renamed common.h to login-common.h
Timo Sirainen <tss@iki.fi>
parents:
10449
diff
changeset
|
3 #include "login-common.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #include "ioloop.h" |
17504
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
5 #include "array.h" |
2622
033d2fd1cd38
Replaced timestamp in APOP challenge with 128 bits of randomness.
Timo Sirainen <tss@iki.fi>
parents:
2235
diff
changeset
|
6 #include "randgen.h" |
19567
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
7 #include "module-dir.h" |
10198
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
8 #include "process-title.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 #include "restrict-access.h" |
1398
b2a2edafdd91
Moved setting process limit after exec().
Timo Sirainen <tss@iki.fi>
parents:
1281
diff
changeset
|
10 #include "restrict-process-size.h" |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
11 #include "master-auth.h" |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
12 #include "master-service.h" |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
13 #include "master-interface.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 #include "client-common.h" |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
15 #include "access-lookup.h" |
10266
e99c02873d8c
*-login: Use new anvil library to do async anvil lookups.
Timo Sirainen <tss@iki.fi>
parents:
10225
diff
changeset
|
16 #include "anvil-client.h" |
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
17 #include "auth-client.h" |
16555
2dd27b0e7e49
lib-sasl: Use dsasl_ prefix so we don't conflict with Cyrus SASL library.
Timo Sirainen <tss@iki.fi>
parents:
16487
diff
changeset
|
18 #include "dsasl-client.h" |
14728
983c6ff12cc9
Moved ssl_* settings from login-common to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
14368
diff
changeset
|
19 #include "master-service-ssl-settings.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 #include "ssl-proxy.h" |
2768
d344be0bb70f
Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
2691
diff
changeset
|
21 #include "login-proxy.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
23 #include <unistd.h> |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
24 #include <syslog.h> |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
25 |
10760
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
26 #define AUTH_CLIENT_IDLE_TIMEOUT_MSECS (1000*60) |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
27 |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
28 struct login_access_lookup { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
29 struct master_service_connection conn; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
30 struct io *io; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
31 |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
32 char **sockets, **next_socket; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
33 struct access_lookup *access; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
34 }; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
35 |
12890
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
36 const struct login_binary *login_binary; |
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
37 struct auth_client *auth_client; |
10101
4fe8c4382712
Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
10038
diff
changeset
|
38 struct master_auth *master_auth; |
19565
103896524313
*-login: Changed -D parameter to mean a more generic login_debug option.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19552
diff
changeset
|
39 bool closing_down, login_debug; |
10266
e99c02873d8c
*-login: Use new anvil library to do async anvil lookups.
Timo Sirainen <tss@iki.fi>
parents:
10225
diff
changeset
|
40 struct anvil_client *anvil; |
13539
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
41 const char *login_rawlog_dir = NULL; |
13721
80558d1b7040
login: Minor potential authentication fix when service_count>1
Timo Sirainen <tss@iki.fi>
parents:
13689
diff
changeset
|
42 unsigned int initial_service_count; |
19572
8bb95d42e5ea
*-login: Allow plugins to hook into client allocation and add module-specific contexts to client.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19567
diff
changeset
|
43 struct login_module_register login_module_register; |
20840
1b4a57403aef
*-login: Store user_* passdb fields to client->alt_usernames.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19705
diff
changeset
|
44 ARRAY_TYPE(string) global_alt_usernames; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
45 |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
46 const struct login_settings *global_login_settings; |
14728
983c6ff12cc9
Moved ssl_* settings from login-common to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
14368
diff
changeset
|
47 const struct master_service_ssl_settings *global_ssl_settings; |
10111
9a71228ea41c
imap-login: If imap_capability is set, use it.
Timo Sirainen <tss@iki.fi>
parents:
10101
diff
changeset
|
48 void **global_other_settings; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
49 |
17504
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
50 const struct ip_addr *login_source_ips; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
51 unsigned int login_source_ips_idx, login_source_ips_count; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
52 |
19567
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
53 static struct module *modules; |
10760
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
54 static struct timeout *auth_client_to; |
19705
9fb16176c200
*-login: Added -l parameter to specify the socket where to connect to after authentication
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19588
diff
changeset
|
55 static const char *post_login_socket; |
10449
a164075ea33a
*-login: If we've a pending shutdown and auth connection gets lost, kill clients.
Timo Sirainen <tss@iki.fi>
parents:
10300
diff
changeset
|
56 static bool shutting_down = FALSE; |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
57 static bool ssl_connections = FALSE; |
14171
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
58 static bool auth_connected_once = FALSE; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
59 |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
60 static void login_access_lookup_next(struct login_access_lookup *lookup); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
61 |
10198
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
62 void login_refresh_proctitle(void) |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
63 { |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
64 struct client *client = clients; |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
65 const char *addr; |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
66 |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
67 if (!global_login_settings->verbose_proctitle) |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
68 return; |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
69 |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
70 if (clients_get_count() == 0) { |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
71 process_title_set(""); |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
72 } else if (clients_get_count() > 1 || client == NULL) { |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
73 process_title_set(t_strdup_printf("[%u connections (%u TLS)]", |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
74 clients_get_count(), ssl_proxy_get_count())); |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
75 } else { |
16666
58be84a381e5
net_ip2addr() changed to return "" instead of NULL on failure.
Timo Sirainen <tss@iki.fi>
parents:
16555
diff
changeset
|
76 addr = net_ip2addr(&client->ip); |
58be84a381e5
net_ip2addr() changed to return "" instead of NULL on failure.
Timo Sirainen <tss@iki.fi>
parents:
16555
diff
changeset
|
77 if (addr[0] != '\0') { |
58be84a381e5
net_ip2addr() changed to return "" instead of NULL on failure.
Timo Sirainen <tss@iki.fi>
parents:
16555
diff
changeset
|
78 process_title_set(t_strdup_printf(client->tls ? |
58be84a381e5
net_ip2addr() changed to return "" instead of NULL on failure.
Timo Sirainen <tss@iki.fi>
parents:
16555
diff
changeset
|
79 "[%s TLS]" : "[%s]", addr)); |
58be84a381e5
net_ip2addr() changed to return "" instead of NULL on failure.
Timo Sirainen <tss@iki.fi>
parents:
16555
diff
changeset
|
80 } else { |
58be84a381e5
net_ip2addr() changed to return "" instead of NULL on failure.
Timo Sirainen <tss@iki.fi>
parents:
16555
diff
changeset
|
81 process_title_set(client->tls ? "[TLS]" : ""); |
58be84a381e5
net_ip2addr() changed to return "" instead of NULL on failure.
Timo Sirainen <tss@iki.fi>
parents:
16555
diff
changeset
|
82 } |
10198
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
83 } |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
84 } |
3e7e08af2991
*-login: Show better state with verbose_proctitle=yes.
Timo Sirainen <tss@iki.fi>
parents:
10171
diff
changeset
|
85 |
10760
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
86 static void auth_client_idle_timeout(struct auth_client *auth_client) |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
87 { |
13724 | 88 i_assert(clients == NULL); |
89 | |
13959
3dae51fd4565
lib-auth: Improved warning message about aborting auth requests.
Timo Sirainen <tss@iki.fi>
parents:
13819
diff
changeset
|
90 auth_client_disconnect(auth_client, "idle disconnect"); |
10760
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
91 timeout_remove(&auth_client_to); |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
92 } |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
93 |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
94 void login_client_destroyed(void) |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
95 { |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
96 if (clients == NULL && auth_client_to == NULL) { |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
97 auth_client_to = timeout_add(AUTH_CLIENT_IDLE_TIMEOUT_MSECS, |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
98 auth_client_idle_timeout, |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
99 auth_client); |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
100 } |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
101 } |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
102 |
10171
7f0ccd367351
Handle shutdown_clients globally for all services.
Timo Sirainen <tss@iki.fi>
parents:
10159
diff
changeset
|
103 static void login_die(void) |
7f0ccd367351
Handle shutdown_clients globally for all services.
Timo Sirainen <tss@iki.fi>
parents:
10159
diff
changeset
|
104 { |
10449
a164075ea33a
*-login: If we've a pending shutdown and auth connection gets lost, kill clients.
Timo Sirainen <tss@iki.fi>
parents:
10300
diff
changeset
|
105 shutting_down = TRUE; |
10171
7f0ccd367351
Handle shutdown_clients globally for all services.
Timo Sirainen <tss@iki.fi>
parents:
10159
diff
changeset
|
106 login_proxy_kill_idle(); |
10449
a164075ea33a
*-login: If we've a pending shutdown and auth connection gets lost, kill clients.
Timo Sirainen <tss@iki.fi>
parents:
10300
diff
changeset
|
107 |
10760
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
108 if (!auth_client_is_connected(auth_client)) { |
10449
a164075ea33a
*-login: If we've a pending shutdown and auth connection gets lost, kill clients.
Timo Sirainen <tss@iki.fi>
parents:
10300
diff
changeset
|
109 /* we don't have auth client, and we might never get one */ |
a164075ea33a
*-login: If we've a pending shutdown and auth connection gets lost, kill clients.
Timo Sirainen <tss@iki.fi>
parents:
10300
diff
changeset
|
110 clients_destroy_all(); |
a164075ea33a
*-login: If we've a pending shutdown and auth connection gets lost, kill clients.
Timo Sirainen <tss@iki.fi>
parents:
10300
diff
changeset
|
111 } |
10171
7f0ccd367351
Handle shutdown_clients globally for all services.
Timo Sirainen <tss@iki.fi>
parents:
10159
diff
changeset
|
112 } |
7f0ccd367351
Handle shutdown_clients globally for all services.
Timo Sirainen <tss@iki.fi>
parents:
10159
diff
changeset
|
113 |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
114 static void |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
115 client_connected_finish(const struct master_service_connection *conn) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
116 { |
2027
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
117 struct client *client; |
dc5d0da1abe9
Added ssl_require_client_cert auth-specific setting. Hide
Timo Sirainen <tss@iki.fi>
parents:
2000
diff
changeset
|
118 struct ssl_proxy *proxy; |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
119 const struct login_settings *set; |
14728
983c6ff12cc9
Moved ssl_* settings from login-common to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
14368
diff
changeset
|
120 const struct master_service_ssl_settings *ssl_set; |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
121 pool_t pool; |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
122 int fd_ssl; |
10111
9a71228ea41c
imap-login: If imap_capability is set, use it.
Timo Sirainen <tss@iki.fi>
parents:
10101
diff
changeset
|
123 void **other_sets; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
124 |
13642
402cff03919a
login: Increased client's initial memory pool size.
Timo Sirainen <tss@iki.fi>
parents:
13539
diff
changeset
|
125 pool = pool_alloconly_create("login client", 8*1024); |
18950
a0e8c6b88072
lmtp, *-login: Use ip/port values from struct master_service_connection instead of from the socket.
Stephan Bosch <stephan@rename-it.nl>
parents:
18137
diff
changeset
|
126 set = login_settings_read(pool, &conn->local_ip, |
14728
983c6ff12cc9
Moved ssl_* settings from login-common to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
14368
diff
changeset
|
127 &conn->remote_ip, NULL, &ssl_set, &other_sets); |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
128 |
9218
4a42f694b762
inet_listeners now support ssl=yes. For now only login processes support it.
Timo Sirainen <tss@iki.fi>
parents:
9159
diff
changeset
|
129 if (!ssl_connections && !conn->ssl) { |
18974
0f442376beae
*-login: Removed dead assignment to make static analyzer happy.
Timo Sirainen <tss@iki.fi>
parents:
18950
diff
changeset
|
130 (void)client_create(conn->fd, FALSE, pool, conn, |
0f442376beae
*-login: Removed dead assignment to make static analyzer happy.
Timo Sirainen <tss@iki.fi>
parents:
18950
diff
changeset
|
131 set, ssl_set, other_sets); |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
132 } else { |
14728
983c6ff12cc9
Moved ssl_* settings from login-common to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
14368
diff
changeset
|
133 fd_ssl = ssl_proxy_alloc(conn->fd, &conn->remote_ip, pool, |
983c6ff12cc9
Moved ssl_* settings from login-common to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
14368
diff
changeset
|
134 set, ssl_set, &proxy); |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
135 if (fd_ssl == -1) { |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
136 net_disconnect(conn->fd); |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
137 pool_unref(&pool); |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
138 master_service_client_connection_destroyed(master_service); |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
139 return; |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
140 } |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
141 |
18950
a0e8c6b88072
lmtp, *-login: Use ip/port values from struct master_service_connection instead of from the socket.
Stephan Bosch <stephan@rename-it.nl>
parents:
18137
diff
changeset
|
142 client = client_create(fd_ssl, TRUE, pool, conn, |
a0e8c6b88072
lmtp, *-login: Use ip/port values from struct master_service_connection instead of from the socket.
Stephan Bosch <stephan@rename-it.nl>
parents:
18137
diff
changeset
|
143 set, ssl_set, other_sets); |
9756
e30495ae11de
*-login: Moved most of the common code to login-common.
Timo Sirainen <tss@iki.fi>
parents:
9448
diff
changeset
|
144 client->ssl_proxy = proxy; |
9929
d60fa42fbaac
*-login: Fixes to SSL/login proxy connection counting.
Timo Sirainen <tss@iki.fi>
parents:
9923
diff
changeset
|
145 ssl_proxy_set_client(proxy, client); |
10224
3f1c47797dee
ssl: Don't start handshake until client has been set.
Timo Sirainen <tss@iki.fi>
parents:
10198
diff
changeset
|
146 ssl_proxy_start(proxy); |
4538
9d9e72374164
Fixes to login process handling, especially with
Timo Sirainen <tss@iki.fi>
parents:
4253
diff
changeset
|
147 } |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
148 |
10760
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
149 if (auth_client_to != NULL) |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
150 timeout_remove(&auth_client_to); |
4560
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
151 } |
507088c0d511
Fixes for handling near-full connection queues.
Timo Sirainen <tss@iki.fi>
parents:
4553
diff
changeset
|
152 |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
153 static void login_access_lookup_free(struct login_access_lookup *lookup) |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
154 { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
155 if (lookup->io != NULL) |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
156 io_remove(&lookup->io); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
157 if (lookup->access != NULL) |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
158 access_lookup_destroy(&lookup->access); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
159 if (lookup->conn.fd != -1) { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
160 if (close(lookup->conn.fd) < 0) |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
161 i_error("close(client) failed: %m"); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
162 master_service_client_connection_destroyed(master_service); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
163 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
164 |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
165 p_strsplit_free(default_pool, lookup->sockets); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
166 i_free(lookup); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
167 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
168 |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
169 static void login_access_callback(bool success, void *context) |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
170 { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
171 struct login_access_lookup *lookup = context; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
172 |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
173 if (!success) { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
174 i_info("access(%s): Client refused (rip=%s)", |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
175 *lookup->next_socket, |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
176 net_ip2addr(&lookup->conn.remote_ip)); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
177 login_access_lookup_free(lookup); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
178 } else { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
179 lookup->next_socket++; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
180 login_access_lookup_next(lookup); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
181 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
182 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
183 |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
184 static void login_access_lookup_next(struct login_access_lookup *lookup) |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
185 { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
186 if (*lookup->next_socket == NULL) { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
187 /* last one */ |
10682
9f0c4800cb13
login: tcpwrappers change caused crashes at startup.
Timo Sirainen <tss@iki.fi>
parents:
10647
diff
changeset
|
188 if (lookup->io != NULL) |
9f0c4800cb13
login: tcpwrappers change caused crashes at startup.
Timo Sirainen <tss@iki.fi>
parents:
10647
diff
changeset
|
189 io_remove(&lookup->io); |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
190 client_connected_finish(&lookup->conn); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
191 lookup->conn.fd = -1; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
192 login_access_lookup_free(lookup); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
193 return; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
194 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
195 lookup->access = access_lookup(*lookup->next_socket, lookup->conn.fd, |
12890
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
196 login_binary->protocol, |
11156
57e53ecebbd3
login: Keep binary-specific defaults in a struct.
Timo Sirainen <tss@iki.fi>
parents:
10793
diff
changeset
|
197 login_access_callback, lookup); |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
198 if (lookup->access == NULL) |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
199 login_access_lookup_free(lookup); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
200 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
201 |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
202 static void client_input_error(struct login_access_lookup *lookup) |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
203 { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
204 char c; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
205 int ret; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
206 |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
207 ret = recv(lookup->conn.fd, &c, 1, MSG_PEEK); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
208 if (ret <= 0) { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
209 i_info("access(%s): Client disconnected during lookup (rip=%s)", |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
210 *lookup->next_socket, |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
211 net_ip2addr(&lookup->conn.remote_ip)); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
212 login_access_lookup_free(lookup); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
213 } else { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
214 /* actual input. stop listening until lookup is done. */ |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
215 io_remove(&lookup->io); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
216 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
217 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
218 |
11388
b8d3c96e61a7
lib-master API changed to avoid accidentally leaking client connections.
Timo Sirainen <tss@iki.fi>
parents:
11324
diff
changeset
|
219 static void client_connected(struct master_service_connection *conn) |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
220 { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
221 const char *access_sockets = |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
222 global_login_settings->login_access_sockets; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
223 struct login_access_lookup *lookup; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
224 |
11388
b8d3c96e61a7
lib-master API changed to avoid accidentally leaking client connections.
Timo Sirainen <tss@iki.fi>
parents:
11324
diff
changeset
|
225 master_service_client_connection_accept(conn); |
13819
d9ad41825a34
login: Send the last connected client's IP address to log process.
Timo Sirainen <tss@iki.fi>
parents:
13739
diff
changeset
|
226 if (conn->remote_ip.family != 0) { |
d9ad41825a34
login: Send the last connected client's IP address to log process.
Timo Sirainen <tss@iki.fi>
parents:
13739
diff
changeset
|
227 /* log the connection's IP address in case we crash. it's of |
d9ad41825a34
login: Send the last connected client's IP address to log process.
Timo Sirainen <tss@iki.fi>
parents:
13739
diff
changeset
|
228 course possible that another earlier client causes the |
d9ad41825a34
login: Send the last connected client's IP address to log process.
Timo Sirainen <tss@iki.fi>
parents:
13739
diff
changeset
|
229 crash, but this is better than nothing. */ |
d9ad41825a34
login: Send the last connected client's IP address to log process.
Timo Sirainen <tss@iki.fi>
parents:
13739
diff
changeset
|
230 i_set_failure_send_ip(&conn->remote_ip); |
d9ad41825a34
login: Send the last connected client's IP address to log process.
Timo Sirainen <tss@iki.fi>
parents:
13739
diff
changeset
|
231 } |
11388
b8d3c96e61a7
lib-master API changed to avoid accidentally leaking client connections.
Timo Sirainen <tss@iki.fi>
parents:
11324
diff
changeset
|
232 |
10767
ce1dd7328b20
*-login: If we disconnect from auth server, make sure we reconnect back when necessary.
Timo Sirainen <tss@iki.fi>
parents:
10760
diff
changeset
|
233 /* make sure we're connected (or attempting to connect) to auth */ |
ce1dd7328b20
*-login: If we disconnect from auth server, make sure we reconnect back when necessary.
Timo Sirainen <tss@iki.fi>
parents:
10760
diff
changeset
|
234 auth_client_connect(auth_client); |
ce1dd7328b20
*-login: If we disconnect from auth server, make sure we reconnect back when necessary.
Timo Sirainen <tss@iki.fi>
parents:
10760
diff
changeset
|
235 |
10647
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
236 if (*access_sockets == '\0') { |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
237 /* no access checks */ |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
238 client_connected_finish(conn); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
239 return; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
240 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
241 |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
242 lookup = i_new(struct login_access_lookup, 1); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
243 lookup->conn = *conn; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
244 lookup->io = io_add(conn->fd, IO_READ, client_input_error, lookup); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
245 lookup->sockets = p_strsplit_spaces(default_pool, access_sockets, " "); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
246 lookup->next_socket = lookup->sockets; |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
247 |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
248 login_access_lookup_next(lookup); |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
249 } |
51a978045f47
Added support for tcpwrappers and potentially other login access checks.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
250 |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
5887
diff
changeset
|
251 static void auth_connect_notify(struct auth_client *client ATTR_UNUSED, |
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
5887
diff
changeset
|
252 bool connected, void *context ATTR_UNUSED) |
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
253 { |
14171
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
254 if (connected) { |
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
255 auth_connected_once = TRUE; |
10449
a164075ea33a
*-login: If we've a pending shutdown and auth connection gets lost, kill clients.
Timo Sirainen <tss@iki.fi>
parents:
10300
diff
changeset
|
256 clients_notify_auth_connected(); |
14171
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
257 } else if (shutting_down) |
10449
a164075ea33a
*-login: If we've a pending shutdown and auth connection gets lost, kill clients.
Timo Sirainen <tss@iki.fi>
parents:
10300
diff
changeset
|
258 clients_destroy_all(); |
14171
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
259 else if (!auth_connected_once) { |
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
260 /* auth disconnected without having ever succeeded, so the |
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
261 auth process is probably misconfigured. no point in |
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
262 keeping the client connections hanging. */ |
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
263 clients_destroy_all_reason("Disconnected: Auth process broken"); |
4462ceb09c0d
login: If auth client disconnects without having ever succeeded, destroy clients.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
264 } |
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
265 } |
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1629
diff
changeset
|
266 |
10266
e99c02873d8c
*-login: Use new anvil library to do async anvil lookups.
Timo Sirainen <tss@iki.fi>
parents:
10225
diff
changeset
|
267 static bool anvil_reconnect_callback(void) |
9235
2e2b957f1cca
Implemented anvil service, which is used to implement mail_max_userip_connections.
Timo Sirainen <tss@iki.fi>
parents:
9218
diff
changeset
|
268 { |
14185 | 269 /* we got disconnected from anvil. we can't reconnect to it since we're |
270 chrooted, so just die after we've finished handling the current | |
271 connections. */ | |
10266
e99c02873d8c
*-login: Use new anvil library to do async anvil lookups.
Timo Sirainen <tss@iki.fi>
parents:
10225
diff
changeset
|
272 master_service_stop_new_connections(master_service); |
e99c02873d8c
*-login: Use new anvil library to do async anvil lookups.
Timo Sirainen <tss@iki.fi>
parents:
10225
diff
changeset
|
273 return FALSE; |
9235
2e2b957f1cca
Implemented anvil service, which is used to implement mail_max_userip_connections.
Timo Sirainen <tss@iki.fi>
parents:
9218
diff
changeset
|
274 } |
2e2b957f1cca
Implemented anvil service, which is used to implement mail_max_userip_connections.
Timo Sirainen <tss@iki.fi>
parents:
9218
diff
changeset
|
275 |
21925
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
276 void login_anvil_init(void) |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
277 { |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
278 if (anvil != NULL) |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
279 return; |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
280 |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
281 anvil = anvil_client_init("anvil", anvil_reconnect_callback, 0); |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
282 if (anvil_client_connect(anvil, TRUE) < 0) |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
283 i_fatal("Couldn't connect to anvil"); |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
284 } |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
285 |
17504
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
286 static const struct ip_addr * |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
287 parse_login_source_ips(const char *ips_str, unsigned int *count_r) |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
288 { |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
289 ARRAY(struct ip_addr) ips; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
290 const char *const *tmp; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
291 struct ip_addr *tmp_ips; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
292 bool skip_nonworking = FALSE; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
293 unsigned int i, tmp_ips_count; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
294 int ret; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
295 |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
296 if (ips_str[0] == '?') { |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
297 /* try binding to the IP immediately. if it doesn't |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
298 work, skip it. (this allows using the same config file for |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
299 all the servers.) */ |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
300 skip_nonworking = TRUE; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
301 ips_str++; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
302 } |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
303 t_array_init(&ips, 4); |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
304 for (tmp = t_strsplit_spaces(ips_str, ", "); *tmp != NULL; tmp++) { |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
305 ret = net_gethostbyname(*tmp, &tmp_ips, &tmp_ips_count); |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
306 if (ret != 0) { |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
307 i_error("login_source_ips: net_gethostbyname(%s) failed: %s", |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
308 *tmp, net_gethosterror(ret)); |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
309 continue; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
310 } |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
311 for (i = 0; i < tmp_ips_count; i++) { |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
312 if (skip_nonworking && net_try_bind(&tmp_ips[i]) < 0) |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
313 continue; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
314 array_append(&ips, &tmp_ips[i], 1); |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
315 } |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
316 } |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
317 return array_get(&ips, count_r); |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
318 } |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
319 |
19567
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
320 static void login_load_modules(void) |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
321 { |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
322 struct module_dir_load_settings mod_set; |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
323 |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
324 if (global_login_settings->login_plugins[0] == '\0') |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
325 return; |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
326 |
21389
59437f8764c6
global: Replaced all instances of memset(p, 0, sizeof(*p)) with the new i_zero() macro.
Stephan Bosch <stephan.bosch@dovecot.fi>
parents:
21000
diff
changeset
|
327 i_zero(&mod_set); |
19567
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
328 mod_set.abi_version = DOVECOT_ABI_VERSION; |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
329 mod_set.binary_name = login_binary->process_name; |
19588
3ad2efd7e247
*-login: Typofix for login_plugins error messages.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19572
diff
changeset
|
330 mod_set.setting_name = "login_plugins"; |
19567
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
331 mod_set.require_init_funcs = TRUE; |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
332 mod_set.debug = login_debug; |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
333 |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
334 modules = module_dir_load(global_login_settings->login_plugin_dir, |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
335 global_login_settings->login_plugins, |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
336 &mod_set); |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
337 module_dir_init(modules); |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
338 } |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
339 |
19565
103896524313
*-login: Changed -D parameter to mean a more generic login_debug option.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19552
diff
changeset
|
340 static void main_preinit(void) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
341 { |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
342 unsigned int max_fds; |
9002
9d0037a997f4
Initial commit for config rewrite.
Timo Sirainen <tss@iki.fi>
parents:
8678
diff
changeset
|
343 |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
344 random_init(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
345 /* Initialize SSL proxy so it can read certificate and private |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
346 key file. */ |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
347 ssl_proxy_init(); |
16555
2dd27b0e7e49
lib-sasl: Use dsasl_ prefix so we don't conflict with Cyrus SASL library.
Timo Sirainen <tss@iki.fi>
parents:
16487
diff
changeset
|
348 dsasl_clients_init(); |
21741
ad2aa897a8d7
*-login: Change API for how login_plugins hook into client allocation.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21390
diff
changeset
|
349 client_common_init(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
350 |
7852
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
351 /* set the number of fds we want to use. it may get increased or |
8073
f27ecc07d93a
login processes: Another try at setting the correct fd limit.
Timo Sirainen <tss@iki.fi>
parents:
8072
diff
changeset
|
352 decreased. leave a couple of extra fds for auth sockets and such. |
9923
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
353 |
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
354 worst case each connection can use: |
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
355 |
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
356 - 1 for client |
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
357 - 1 for login proxy |
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
358 - 2 for client-side ssl proxy |
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
359 - 2 for server-side ssl proxy (with login proxy) |
21000
5782e4451c81
*-login: Removed enforcing maximum calculated fd limit.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
20840
diff
changeset
|
360 |
5782e4451c81
*-login: Removed enforcing maximum calculated fd limit.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
20840
diff
changeset
|
361 However, login process nowadays supports plugins, there are rawlogs |
5782e4451c81
*-login: Removed enforcing maximum calculated fd limit.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
20840
diff
changeset
|
362 and so on. Don't enforce the fd limit anymore, but use this value |
5782e4451c81
*-login: Removed enforcing maximum calculated fd limit.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
20840
diff
changeset
|
363 for optimizing the ioloop's fd table size. |
9923
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
364 */ |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
365 max_fds = MASTER_LISTEN_FD_FIRST + 16 + |
9348
0c587f108916
lib-master has now a global master_service variable that all binaries use.
Timo Sirainen <tss@iki.fi>
parents:
9283
diff
changeset
|
366 master_service_get_socket_count(master_service) + |
9923
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
367 master_service_get_client_limit(master_service)*6; |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
368 io_loop_set_max_fd_count(current_ioloop, max_fds); |
7852
53604857c7d2
Change fd limit in login process after it's execed. This fixes OSes which
Timo Sirainen <tss@iki.fi>
parents:
7203
diff
changeset
|
369 |
14728
983c6ff12cc9
Moved ssl_* settings from login-common to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
14368
diff
changeset
|
370 i_assert(strcmp(global_ssl_settings->ssl, "no") == 0 || |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
371 ssl_initialized); |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
372 |
21925
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
373 if (global_login_settings->mail_max_userip_connections > 0) |
eb3ae53f8ac0
*-login: Move code to login_anvil_init()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21741
diff
changeset
|
374 login_anvil_init(); |
9235
2e2b957f1cca
Implemented anvil service, which is used to implement mail_max_userip_connections.
Timo Sirainen <tss@iki.fi>
parents:
9218
diff
changeset
|
375 |
17504
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
376 /* read the login_source_ips before chrooting so it can access |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
377 /etc/hosts */ |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
378 login_source_ips = parse_login_source_ips(global_login_settings->login_source_ips, |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
379 &login_source_ips_count); |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
380 if (login_source_ips_count > 0) { |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
381 /* randomize the initial index in case service_count=1 |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
382 (although in that case it's unlikely this setting is |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
383 even used..) */ |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
384 login_source_ips_idx = rand() % login_source_ips_count; |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
385 } |
b6733f4777f1
login proxy: Added login_source_ips setting.
Timo Sirainen <tss@iki.fi>
parents:
17130
diff
changeset
|
386 |
19567
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
387 login_load_modules(); |
11b714c6c31c
*-login: Added login_plugins and login_plugin_dir settings.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19565
diff
changeset
|
388 |
9044
967bfafe6c0a
Cleaned up restrict_access*() API.
Timo Sirainen <tss@iki.fi>
parents:
9015
diff
changeset
|
389 restrict_access_by_env(NULL, TRUE); |
19565
103896524313
*-login: Changed -D parameter to mean a more generic login_debug option.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19552
diff
changeset
|
390 if (login_debug) |
10116
50db5e7bddd9
Fixed login processes' core dump handling.
Timo Sirainen <tss@iki.fi>
parents:
10111
diff
changeset
|
391 restrict_access_allow_coredumps(TRUE); |
13721
80558d1b7040
login: Minor potential authentication fix when service_count>1
Timo Sirainen <tss@iki.fi>
parents:
13689
diff
changeset
|
392 initial_service_count = master_service_get_service_count(master_service); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
393 |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
394 if (restrict_access_get_current_chroot() == NULL) { |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
395 if (chdir("login") < 0) |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
396 i_fatal("chdir(login) failed: %m"); |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
397 } |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
398 |
13539
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
399 if (login_rawlog_dir != NULL && |
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
400 access(login_rawlog_dir, W_OK | X_OK) < 0) { |
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
401 i_error("access(%s, wx) failed: %m - disabling rawlog", |
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
402 login_rawlog_dir); |
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
403 login_rawlog_dir = NULL; |
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
404 } |
13739
1827699b8156
login: Moved all i_fatal()s to preinit stage.
Timo Sirainen <tss@iki.fi>
parents:
13727
diff
changeset
|
405 } |
1827699b8156
login: Moved all i_fatal()s to preinit stage.
Timo Sirainen <tss@iki.fi>
parents:
13727
diff
changeset
|
406 |
1827699b8156
login: Moved all i_fatal()s to preinit stage.
Timo Sirainen <tss@iki.fi>
parents:
13727
diff
changeset
|
407 static void main_init(const char *login_socket) |
1827699b8156
login: Moved all i_fatal()s to preinit stage.
Timo Sirainen <tss@iki.fi>
parents:
13727
diff
changeset
|
408 { |
1827699b8156
login: Moved all i_fatal()s to preinit stage.
Timo Sirainen <tss@iki.fi>
parents:
13727
diff
changeset
|
409 /* make sure we can't fork() */ |
1827699b8156
login: Moved all i_fatal()s to preinit stage.
Timo Sirainen <tss@iki.fi>
parents:
13727
diff
changeset
|
410 restrict_process_count(1); |
13539
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
411 |
20840
1b4a57403aef
*-login: Store user_* passdb fields to client->alt_usernames.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19705
diff
changeset
|
412 i_array_init(&global_alt_usernames, 4); |
9923
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
413 master_service_set_avail_overflow_callback(master_service, |
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
414 client_destroy_oldest); |
10171
7f0ccd367351
Handle shutdown_clients globally for all services.
Timo Sirainen <tss@iki.fi>
parents:
10159
diff
changeset
|
415 master_service_set_die_callback(master_service, login_die); |
9923
77228b5431e1
*-login: Fixed dropping oldest connection when reaching all limits.
Timo Sirainen <tss@iki.fi>
parents:
9912
diff
changeset
|
416 |
11308
df2599ab2cee
login: Allow command line to override login socket path.
Timo Sirainen <tss@iki.fi>
parents:
11285
diff
changeset
|
417 auth_client = auth_client_init(login_socket, (unsigned int)getpid(), |
df2599ab2cee
login: Allow command line to override login socket path.
Timo Sirainen <tss@iki.fi>
parents:
11285
diff
changeset
|
418 FALSE); |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
419 auth_client_set_connect_notify(auth_client, auth_connect_notify, NULL); |
19705
9fb16176c200
*-login: Added -l parameter to specify the socket where to connect to after authentication
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19588
diff
changeset
|
420 master_auth = master_auth_init(master_service, post_login_socket); |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
421 |
12890
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
422 login_binary->init(); |
22659
69f827f71014
*-login: Add login_proxy_notify_path setting to configure proxy-notify path
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21968
diff
changeset
|
423 |
69f827f71014
*-login: Add login_proxy_notify_path setting to configure proxy-notify path
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21968
diff
changeset
|
424 login_proxy_init(global_login_settings->login_proxy_notify_path); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
425 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
426 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
427 static void main_deinit(void) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
428 { |
1230
e6d2b8c78519
Keep list of the SSL proxies, so they're deinitialized properly if we have
Timo Sirainen <tss@iki.fi>
parents:
1134
diff
changeset
|
429 ssl_proxy_deinit(); |
2768
d344be0bb70f
Added IMAP and POP3 proxying support.
Timo Sirainen <tss@iki.fi>
parents:
2691
diff
changeset
|
430 login_proxy_deinit(); |
1230
e6d2b8c78519
Keep list of the SSL proxies, so they're deinitialized properly if we have
Timo Sirainen <tss@iki.fi>
parents:
1134
diff
changeset
|
431 |
12890
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
432 login_binary->deinit(); |
21968
a85bccd23139
*-login: Unload plugins at deinit.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21925
diff
changeset
|
433 module_dir_unload(&modules); |
10760
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
434 auth_client_deinit(&auth_client); |
10101
4fe8c4382712
Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
10038
diff
changeset
|
435 master_auth_deinit(&master_auth); |
9235
2e2b957f1cca
Implemented anvil service, which is used to implement mail_max_userip_connections.
Timo Sirainen <tss@iki.fi>
parents:
9218
diff
changeset
|
436 |
20840
1b4a57403aef
*-login: Store user_* passdb fields to client->alt_usernames.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19705
diff
changeset
|
437 char **strp; |
1b4a57403aef
*-login: Store user_* passdb fields to client->alt_usernames.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19705
diff
changeset
|
438 array_foreach_modifiable(&global_alt_usernames, strp) |
1b4a57403aef
*-login: Store user_* passdb fields to client->alt_usernames.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19705
diff
changeset
|
439 i_free(*strp); |
1b4a57403aef
*-login: Store user_* passdb fields to client->alt_usernames.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19705
diff
changeset
|
440 array_free(&global_alt_usernames); |
1b4a57403aef
*-login: Store user_* passdb fields to client->alt_usernames.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19705
diff
changeset
|
441 |
10266
e99c02873d8c
*-login: Use new anvil library to do async anvil lookups.
Timo Sirainen <tss@iki.fi>
parents:
10225
diff
changeset
|
442 if (anvil != NULL) |
e99c02873d8c
*-login: Use new anvil library to do async anvil lookups.
Timo Sirainen <tss@iki.fi>
parents:
10225
diff
changeset
|
443 anvil_client_deinit(&anvil); |
10760
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
444 if (auth_client_to != NULL) |
fc77d1cd1201
*-login: Disconnect from auth server after idling for a minute.
Timo Sirainen <tss@iki.fi>
parents:
10684
diff
changeset
|
445 timeout_remove(&auth_client_to); |
21741
ad2aa897a8d7
*-login: Change API for how login_plugins hook into client allocation.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21390
diff
changeset
|
446 client_common_deinit(); |
16555
2dd27b0e7e49
lib-sasl: Use dsasl_ prefix so we don't conflict with Cyrus SASL library.
Timo Sirainen <tss@iki.fi>
parents:
16487
diff
changeset
|
447 dsasl_clients_deinit(); |
10793
bf4822f0846b
lib-master: Added support for caching config lookups.
Timo Sirainen <tss@iki.fi>
parents:
10767
diff
changeset
|
448 login_settings_deinit(); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
449 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
450 |
12890
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
451 int login_binary_run(const struct login_binary *binary, |
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
452 int argc, char *argv[]) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
453 { |
10101
4fe8c4382712
Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
10038
diff
changeset
|
454 enum master_service_flags service_flags = |
4fe8c4382712
Redesigned how login process passes connections to mail processes and changed related APIs.
Timo Sirainen <tss@iki.fi>
parents:
10038
diff
changeset
|
455 MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN | |
15088
14df6be0111f
Read SSL settings only if service has SSL sockets or MASTER_SERVICE_FLAG_USE_SSL_SETTINGS.
Timo Sirainen <tss@iki.fi>
parents:
15049
diff
changeset
|
456 MASTER_SERVICE_FLAG_TRACK_LOGIN_STATE | |
15962
effecdd32cb0
login: Don't fail at startup by trying to load SSL plugin.
Timo Sirainen <tss@iki.fi>
parents:
15888
diff
changeset
|
457 MASTER_SERVICE_FLAG_USE_SSL_SETTINGS | |
effecdd32cb0
login: Don't fail at startup by trying to load SSL plugin.
Timo Sirainen <tss@iki.fi>
parents:
15888
diff
changeset
|
458 MASTER_SERVICE_FLAG_NO_SSL_INIT; |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
459 pool_t set_pool; |
15049
aa6027a0a78e
Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents:
14728
diff
changeset
|
460 const char *login_socket; |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
461 int c; |
1273
2cf2e08a6ee9
Somewhat working code to support loading Dovecot from inetd and such. It
Timo Sirainen <tss@iki.fi>
parents:
1235
diff
changeset
|
462 |
12890
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
463 login_binary = binary; |
15049
aa6027a0a78e
Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents:
14728
diff
changeset
|
464 login_socket = binary->default_login_socket != NULL ? |
aa6027a0a78e
Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents:
14728
diff
changeset
|
465 binary->default_login_socket : LOGIN_DEFAULT_SOCKET; |
19705
9fb16176c200
*-login: Added -l parameter to specify the socket where to connect to after authentication
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19588
diff
changeset
|
466 post_login_socket = binary->protocol; |
12890
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
467 |
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
468 master_service = master_service_init(login_binary->process_name, |
13539
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
469 service_flags, &argc, &argv, |
19705
9fb16176c200
*-login: Added -l parameter to specify the socket where to connect to after authentication
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19588
diff
changeset
|
470 "Dl:R:S"); |
9348
0c587f108916
lib-master has now a global master_service variable that all binaries use.
Timo Sirainen <tss@iki.fi>
parents:
9283
diff
changeset
|
471 master_service_init_log(master_service, t_strconcat( |
12890
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
472 login_binary->process_name, ": ", NULL)); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
473 |
10119
1e63221f5c83
Moved most of getopt() handling to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
10116
diff
changeset
|
474 while ((c = master_getopt(master_service)) > 0) { |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
475 switch (c) { |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
476 case 'D': |
19565
103896524313
*-login: Changed -D parameter to mean a more generic login_debug option.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19552
diff
changeset
|
477 login_debug = TRUE; |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
478 break; |
19705
9fb16176c200
*-login: Added -l parameter to specify the socket where to connect to after authentication
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19588
diff
changeset
|
479 case 'l': |
9fb16176c200
*-login: Added -l parameter to specify the socket where to connect to after authentication
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19588
diff
changeset
|
480 post_login_socket = optarg; |
9fb16176c200
*-login: Added -l parameter to specify the socket where to connect to after authentication
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19588
diff
changeset
|
481 break; |
13539
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
482 case 'R': |
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
483 login_rawlog_dir = optarg; |
1ff636720b9f
login: Added -R <dir> parameter to write pre-login rawlogs to given directory.
Timo Sirainen <tss@iki.fi>
parents:
12890
diff
changeset
|
484 break; |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
485 case 'S': |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
486 ssl_connections = TRUE; |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
487 break; |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
488 default: |
10119
1e63221f5c83
Moved most of getopt() handling to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
10116
diff
changeset
|
489 return FATAL_DEFAULT; |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
490 } |
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
491 } |
11308
df2599ab2cee
login: Allow command line to override login socket path.
Timo Sirainen <tss@iki.fi>
parents:
11285
diff
changeset
|
492 if (argv[optind] != NULL) |
df2599ab2cee
login: Allow command line to override login socket path.
Timo Sirainen <tss@iki.fi>
parents:
11285
diff
changeset
|
493 login_socket = argv[optind]; |
5887
3f2eb1b9c555
Support listening multiple sockets. SIGHUP also doesn't anymore recreate
Timo Sirainen <tss@iki.fi>
parents:
5845
diff
changeset
|
494 |
12890
6f0396e35fd9
login-common API redesign so that the library doesn't refer to nonexistent variables.
Timo Sirainen <tss@iki.fi>
parents:
12782
diff
changeset
|
495 login_binary->preinit(); |
8820
6131143fef16
login processes: If -D parameter is given, allow dumping core file.
Timo Sirainen <tss@iki.fi>
parents:
8678
diff
changeset
|
496 |
9448
1348d374e574
Increased some memory pool sizes.
Timo Sirainen <tss@iki.fi>
parents:
9348
diff
changeset
|
497 set_pool = pool_alloconly_create("global login settings", 4096); |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
498 global_login_settings = |
10793
bf4822f0846b
lib-master: Added support for caching config lookups.
Timo Sirainen <tss@iki.fi>
parents:
10767
diff
changeset
|
499 login_settings_read(set_pool, NULL, NULL, NULL, |
14728
983c6ff12cc9
Moved ssl_* settings from login-common to lib-master.
Timo Sirainen <tss@iki.fi>
parents:
14368
diff
changeset
|
500 &global_ssl_settings, |
10111
9a71228ea41c
imap-login: If imap_capability is set, use it.
Timo Sirainen <tss@iki.fi>
parents:
10101
diff
changeset
|
501 &global_other_settings); |
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9046
diff
changeset
|
502 |
19565
103896524313
*-login: Changed -D parameter to mean a more generic login_debug option.
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
19552
diff
changeset
|
503 main_preinit(); |
9951
0d5d10a3273c
*-login: fd limit wasn't set correctly.
Timo Sirainen <tss@iki.fi>
parents:
9929
diff
changeset
|
504 master_service_init_finish(master_service); |
11308
df2599ab2cee
login: Allow command line to override login socket path.
Timo Sirainen <tss@iki.fi>
parents:
11285
diff
changeset
|
505 main_init(login_socket); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
506 |
9348
0c587f108916
lib-master has now a global master_service variable that all binaries use.
Timo Sirainen <tss@iki.fi>
parents:
9283
diff
changeset
|
507 master_service_run(master_service, client_connected); |
1275
af685269ead0
login: Wait until we're connected to auth process before executing command
Timo Sirainen <tss@iki.fi>
parents:
1273
diff
changeset
|
508 main_deinit(); |
9283
02721ba17309
login processes: Added initial support for per-connection configuration.
Timo Sirainen <tss@iki.fi>
parents:
9235
diff
changeset
|
509 pool_unref(&set_pool); |
9348
0c587f108916
lib-master has now a global master_service variable that all binaries use.
Timo Sirainen <tss@iki.fi>
parents:
9283
diff
changeset
|
510 master_service_deinit(&master_service); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
511 return 0; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
512 } |