Mercurial > dovecot > core-2.2
annotate src/auth/auth-settings.c @ 15691:d60aa734c72d
auth: Added passdb { result_* and skip } settings.
passdb { skip = never | authenticated | unauthenticated } can be used to
skip over a passdb lookup based on previous passdb lookups.
passdb { result_success, result_failure, result_internalfail } can be used
to specify what to do on those conditions. Choices as continue,
continue-ok, continue-fail, return, return-ok, return-fail. The -ok and
-fail variants update the current "success" flag, while continue/return uses
the current flag. The authentication succeeds only if the success flag is
set after the last lookup. The continue variants continue to the next
passdb, while return variants finish the lookup immediately.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Wed, 30 Jan 2013 22:44:48 +0200 |
| parents | 14df6be0111f |
| children | 18661d1d6ed0 |
| rev | line source |
|---|---|
|
14133
ba770cba5598
Updated copyright notices to include year 2012.
Timo Sirainen <tss@iki.fi>
parents:
13958
diff
changeset
|
1 /* Copyright (c) 2005-2012 Dovecot authors, see the included COPYING file */ |
| 9002 | 2 |
| 3 #include "lib.h" | |
| 4 #include "array.h" | |
| 5 #include "settings-parser.h" | |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
6 #include "master-service-private.h" |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
7 #include "master-service-settings.h" |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
8 #include "service-settings.h" |
| 9002 | 9 #include "auth-settings.h" |
| 10 | |
| 11 #include <stddef.h> | |
| 12 | |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
13 static bool auth_settings_check(void *_set, pool_t pool, const char **error_r); |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
14 static bool auth_passdb_settings_check(void *_set, pool_t pool, const char **error_r); |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
15 static bool auth_userdb_settings_check(void *_set, pool_t pool, const char **error_r); |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
16 |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
17 /* <settings checks> */ |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
18 static struct file_listener_settings auth_unix_listeners_array[] = { |
|
11285
1a3c9bd45b11
auth: Separate auth and login connections. Non-login requests are freed immediately after auth finished.
Timo Sirainen <tss@iki.fi>
parents:
11251
diff
changeset
|
19 { "login/login", 0666, "", "" }, |
|
15051
9ad9a79c1747
Use "tokenlogin" socket name (instead of "token-login") after all.
Timo Sirainen <tss@iki.fi>
parents:
15049
diff
changeset
|
20 { "token-login/tokenlogin", 0666, "", "" }, |
|
11330
f15b3aac5443
auth: Create auth-login socket by default where internal user can connect to.
Timo Sirainen <tss@iki.fi>
parents:
11285
diff
changeset
|
21 { "auth-login", 0600, "$default_internal_user", "" }, |
|
10889
653ae02bf8cf
Create auth-client socket by default.
Timo Sirainen <tss@iki.fi>
parents:
10587
diff
changeset
|
22 { "auth-client", 0600, "", "" }, |
|
14461
bda92bf286a0
auth: Changed auth-userdb socket's default user to $default_internal_user.
Timo Sirainen <tss@iki.fi>
parents:
14159
diff
changeset
|
23 { "auth-userdb", 0666, "$default_internal_user", "" }, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
24 { "auth-master", 0600, "", "" } |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
25 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
26 static struct file_listener_settings *auth_unix_listeners[] = { |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
27 &auth_unix_listeners_array[0], |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
28 &auth_unix_listeners_array[1], |
|
10889
653ae02bf8cf
Create auth-client socket by default.
Timo Sirainen <tss@iki.fi>
parents:
10587
diff
changeset
|
29 &auth_unix_listeners_array[2], |
|
11330
f15b3aac5443
auth: Create auth-login socket by default where internal user can connect to.
Timo Sirainen <tss@iki.fi>
parents:
11285
diff
changeset
|
30 &auth_unix_listeners_array[3], |
|
15049
aa6027a0a78e
Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents:
14920
diff
changeset
|
31 &auth_unix_listeners_array[4], |
|
aa6027a0a78e
Added support to perform token-based service process authentication.
Stephan Bosch <stephan@rename-it.nl>
parents:
14920
diff
changeset
|
32 &auth_unix_listeners_array[5] |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
33 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
34 static buffer_t auth_unix_listeners_buf = { |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
35 auth_unix_listeners, sizeof(auth_unix_listeners), { 0, } |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
36 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
37 /* </settings checks> */ |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
38 |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
39 struct service_settings auth_service_settings = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
40 .name = "auth", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
41 .protocol = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
42 .type = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
43 .executable = "auth", |
|
10910
858ad8aa7f8b
auth: Auth master process is now running as default_internal_user by default.
Timo Sirainen <tss@iki.fi>
parents:
10905
diff
changeset
|
44 .user = "$default_internal_user", |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
45 .group = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
46 .privileged_group = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
47 .extra_groups = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
48 .chroot = "", |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
49 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
50 .drop_priv_before_exec = FALSE, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
51 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
52 .process_min_avail = 0, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
53 .process_limit = 1, |
|
13785
8c8dd04b8496
auth: Dropped default client_limit back to default_client_limit.
Timo Sirainen <tss@iki.fi>
parents:
13760
diff
changeset
|
54 .client_limit = 0, |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
55 .service_count = 0, |
|
11631
d41694c931d0
Added support for per-service idle kill timeout.
Timo Sirainen <tss@iki.fi>
parents:
11330
diff
changeset
|
56 .idle_kill = 0, |
|
12432
8793036f6de8
Services' default vsz_limit wasn't actually using default_vsz_limit but rather 4 GB.
Timo Sirainen <tss@iki.fi>
parents:
12328
diff
changeset
|
57 .vsz_limit = (uoff_t)-1, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
58 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
59 .unix_listeners = { { &auth_unix_listeners_buf, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
60 sizeof(auth_unix_listeners[0]) } }, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
61 .fifo_listeners = ARRAY_INIT, |
|
12166
ce75971127a2
Fail at startup if process_limit>1 for services that don't support it.
Timo Sirainen <tss@iki.fi>
parents:
12089
diff
changeset
|
62 .inet_listeners = ARRAY_INIT, |
|
ce75971127a2
Fail at startup if process_limit>1 for services that don't support it.
Timo Sirainen <tss@iki.fi>
parents:
12089
diff
changeset
|
63 |
|
ce75971127a2
Fail at startup if process_limit>1 for services that don't support it.
Timo Sirainen <tss@iki.fi>
parents:
12089
diff
changeset
|
64 .process_limit_1 = TRUE |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
65 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
66 |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
67 /* <settings checks> */ |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
68 static struct file_listener_settings auth_worker_unix_listeners_array[] = { |
|
10910
858ad8aa7f8b
auth: Auth master process is now running as default_internal_user by default.
Timo Sirainen <tss@iki.fi>
parents:
10905
diff
changeset
|
69 { "auth-worker", 0600, "$default_internal_user", "" } |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
70 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
71 static struct file_listener_settings *auth_worker_unix_listeners[] = { |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
72 &auth_worker_unix_listeners_array[0] |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
73 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
74 static buffer_t auth_worker_unix_listeners_buf = { |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
75 auth_worker_unix_listeners, sizeof(auth_worker_unix_listeners), { 0, } |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
76 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
77 /* </settings checks> */ |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
78 |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
79 struct service_settings auth_worker_service_settings = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
80 .name = "auth-worker", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
81 .protocol = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
82 .type = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
83 .executable = "auth -w", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
84 .user = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
85 .group = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
86 .privileged_group = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
87 .extra_groups = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
88 .chroot = "", |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
89 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
90 .drop_priv_before_exec = FALSE, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
91 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
92 .process_min_avail = 0, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
93 .process_limit = 0, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
94 .client_limit = 1, |
|
10921
87c462c463cc
auth: Changed worker process to die after auth server closes its connection.
Timo Sirainen <tss@iki.fi>
parents:
10910
diff
changeset
|
95 .service_count = 1, |
|
11631
d41694c931d0
Added support for per-service idle kill timeout.
Timo Sirainen <tss@iki.fi>
parents:
11330
diff
changeset
|
96 .idle_kill = 0, |
|
12432
8793036f6de8
Services' default vsz_limit wasn't actually using default_vsz_limit but rather 4 GB.
Timo Sirainen <tss@iki.fi>
parents:
12328
diff
changeset
|
97 .vsz_limit = (uoff_t)-1, |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
98 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
99 .unix_listeners = { { &auth_worker_unix_listeners_buf, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
100 sizeof(auth_worker_unix_listeners[0]) } }, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
101 .fifo_listeners = ARRAY_INIT, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
102 .inet_listeners = ARRAY_INIT |
|
10179
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
103 }; |
|
afe52d60989c
Moved default service settings from master.conf to source code.
Timo Sirainen <tss@iki.fi>
parents:
10177
diff
changeset
|
104 |
| 9002 | 105 #undef DEF |
| 106 #define DEF(type, name) \ | |
| 107 { type, #name, offsetof(struct auth_passdb_settings, name), NULL } | |
| 108 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
109 static const struct setting_define auth_passdb_setting_defines[] = { |
| 9002 | 110 DEF(SET_STR, driver), |
| 111 DEF(SET_STR, args), | |
|
13330
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
112 DEF(SET_STR, default_fields), |
|
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
113 DEF(SET_STR, override_fields), |
|
15691
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
114 DEF(SET_ENUM, skip), |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
115 DEF(SET_ENUM, result_success), |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
116 DEF(SET_ENUM, result_failure), |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
117 DEF(SET_ENUM, result_internalfail), |
| 9002 | 118 DEF(SET_BOOL, deny), |
|
10576
9c80cc65def8
auth: passdb { pass and master } settings weren't working.
Timo Sirainen <tss@iki.fi>
parents:
10410
diff
changeset
|
119 DEF(SET_BOOL, pass), |
|
9c80cc65def8
auth: passdb { pass and master } settings weren't working.
Timo Sirainen <tss@iki.fi>
parents:
10410
diff
changeset
|
120 DEF(SET_BOOL, master), |
| 9002 | 121 |
| 122 SETTING_DEFINE_LIST_END | |
| 123 }; | |
| 124 | |
|
10905
cb26518a7e51
auth: Fixed compiling config binary.
Timo Sirainen <tss@iki.fi>
parents:
10903
diff
changeset
|
125 static const struct auth_passdb_settings auth_passdb_default_settings = { |
|
10897
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
126 .driver = "", |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
127 .args = "", |
|
13330
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
128 .default_fields = "", |
|
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
129 .override_fields = "", |
|
15691
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
130 .skip = "never:authenticated:unauthenticated", |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
131 .result_success = "return-ok:return:return-fail:continue:continue-ok:continue-fail", |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
132 .result_failure = "continue:return:return-ok:return-fail:continue-ok:continue-fail", |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
133 .result_internalfail = "continue:return:return-ok:return-fail:continue-ok:continue-fail", |
|
10897
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
134 .deny = FALSE, |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
135 .pass = FALSE, |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
136 .master = FALSE |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
137 }; |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
138 |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
139 const struct setting_parser_info auth_passdb_setting_parser_info = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
140 .defines = auth_passdb_setting_defines, |
|
10905
cb26518a7e51
auth: Fixed compiling config binary.
Timo Sirainen <tss@iki.fi>
parents:
10903
diff
changeset
|
141 .defaults = &auth_passdb_default_settings, |
| 9002 | 142 |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
143 .type_offset = (size_t)-1, |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
144 .struct_size = sizeof(struct auth_passdb_settings), |
| 9002 | 145 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
146 .parent_offset = (size_t)-1, |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
147 .parent = &auth_setting_parser_info, |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
148 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
149 .check_func = auth_passdb_settings_check |
| 9002 | 150 }; |
| 151 | |
| 152 #undef DEF | |
| 153 #define DEF(type, name) \ | |
| 154 { type, #name, offsetof(struct auth_userdb_settings, name), NULL } | |
| 155 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
156 static const struct setting_define auth_userdb_setting_defines[] = { |
| 9002 | 157 DEF(SET_STR, driver), |
| 158 DEF(SET_STR, args), | |
|
13330
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
159 DEF(SET_STR, default_fields), |
|
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
160 DEF(SET_STR, override_fields), |
| 9002 | 161 |
| 162 SETTING_DEFINE_LIST_END | |
| 163 }; | |
| 164 | |
|
10905
cb26518a7e51
auth: Fixed compiling config binary.
Timo Sirainen <tss@iki.fi>
parents:
10903
diff
changeset
|
165 static const struct auth_userdb_settings auth_userdb_default_settings = { |
|
10897
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
166 .driver = "", |
|
13330
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
167 .args = "", |
|
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
168 .default_fields = "", |
|
83ac50d3b76f
auth: Added default_fields and override_fields settings to all passdbs and userdbs.
Timo Sirainen <tss@iki.fi>
parents:
12983
diff
changeset
|
169 .override_fields = "" |
|
10897
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
170 }; |
|
52eb8317514f
auth: Cleaned up struct auth_passdb/auth_userdb.
Timo Sirainen <tss@iki.fi>
parents:
10896
diff
changeset
|
171 |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
172 const struct setting_parser_info auth_userdb_setting_parser_info = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
173 .defines = auth_userdb_setting_defines, |
|
10905
cb26518a7e51
auth: Fixed compiling config binary.
Timo Sirainen <tss@iki.fi>
parents:
10903
diff
changeset
|
174 .defaults = &auth_userdb_default_settings, |
| 9002 | 175 |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
176 .type_offset = (size_t)-1, |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
177 .struct_size = sizeof(struct auth_userdb_settings), |
| 9002 | 178 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
179 .parent_offset = (size_t)-1, |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
180 .parent = &auth_setting_parser_info, |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
181 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
182 .check_func = auth_userdb_settings_check |
| 9002 | 183 }; |
| 184 | |
|
9834
3f4d796db5fd
config: Auth settings now require the "auth_" prefix also inside auth blocks.
Timo Sirainen <tss@iki.fi>
parents:
9451
diff
changeset
|
185 /* we're kind of kludging here to avoid "auth_" prefix in the struct fields */ |
| 9002 | 186 #undef DEF |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
187 #undef DEF_NOPREFIX |
| 9002 | 188 #undef DEFLIST |
| 189 #define DEF(type, name) \ | |
|
9834
3f4d796db5fd
config: Auth settings now require the "auth_" prefix also inside auth blocks.
Timo Sirainen <tss@iki.fi>
parents:
9451
diff
changeset
|
190 { type, "auth_"#name, offsetof(struct auth_settings, name), NULL } |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
191 #define DEF_NOPREFIX(type, name) \ |
|
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
192 { type, #name, offsetof(struct auth_settings, name), NULL } |
| 9002 | 193 #define DEFLIST(field, name, defines) \ |
| 194 { SET_DEFLIST, name, offsetof(struct auth_settings, field), defines } | |
| 195 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
196 static const struct setting_define auth_setting_defines[] = { |
| 9002 | 197 DEF(SET_STR, mechanisms), |
| 198 DEF(SET_STR, realms), | |
| 199 DEF(SET_STR, default_realm), | |
|
10281
4b663b9e63af
Added "size" setting type, which supports B/k/M/G/T suffixes.
Timo Sirainen <tss@iki.fi>
parents:
10179
diff
changeset
|
200 DEF(SET_SIZE, cache_size), |
|
10282
7215f4142901
Added "time" (interval) setting type, which supports s/m/h/d/w suffixes.
Timo Sirainen <tss@iki.fi>
parents:
10281
diff
changeset
|
201 DEF(SET_TIME, cache_ttl), |
|
7215f4142901
Added "time" (interval) setting type, which supports s/m/h/d/w suffixes.
Timo Sirainen <tss@iki.fi>
parents:
10281
diff
changeset
|
202 DEF(SET_TIME, cache_negative_ttl), |
| 9002 | 203 DEF(SET_STR, username_chars), |
| 204 DEF(SET_STR, username_translation), | |
| 205 DEF(SET_STR, username_format), | |
| 206 DEF(SET_STR, master_user_separator), | |
| 207 DEF(SET_STR, anonymous_username), | |
| 208 DEF(SET_STR, krb5_keytab), | |
| 209 DEF(SET_STR, gssapi_hostname), | |
| 210 DEF(SET_STR, winbind_helper_path), | |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
211 DEF(SET_STR, proxy_self), |
|
10282
7215f4142901
Added "time" (interval) setting type, which supports s/m/h/d/w suffixes.
Timo Sirainen <tss@iki.fi>
parents:
10281
diff
changeset
|
212 DEF(SET_TIME, failure_delay), |
|
12328
745ef289b0ea
auth: userdb passwd iteration now lists only users within first_valid_uid..last_valid_uid range.
Timo Sirainen <tss@iki.fi>
parents:
12298
diff
changeset
|
213 DEF(SET_UINT, first_valid_uid), |
|
745ef289b0ea
auth: userdb passwd iteration now lists only users within first_valid_uid..last_valid_uid range.
Timo Sirainen <tss@iki.fi>
parents:
12298
diff
changeset
|
214 DEF(SET_UINT, last_valid_uid), |
| 9002 | 215 |
| 216 DEF(SET_BOOL, verbose), | |
| 217 DEF(SET_BOOL, debug), | |
| 218 DEF(SET_BOOL, debug_passwords), | |
|
10585
941511db13c3
Added auth_verbose_passwords = no|plain|sha1.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
219 DEF(SET_ENUM, verbose_passwords), |
| 9002 | 220 DEF(SET_BOOL, ssl_require_client_cert), |
| 221 DEF(SET_BOOL, ssl_username_from_cert), | |
| 222 DEF(SET_BOOL, use_winbind), | |
| 223 | |
| 224 DEF(SET_UINT, worker_max_count), | |
| 225 | |
| 226 DEFLIST(passdbs, "passdb", &auth_passdb_setting_parser_info), | |
| 227 DEFLIST(userdbs, "userdb", &auth_userdb_setting_parser_info), | |
| 228 | |
|
13555
fe89e95867a4
auth: Added passdb imap plugin.
Timo Sirainen <tss@iki.fi>
parents:
13330
diff
changeset
|
229 DEF_NOPREFIX(SET_STR, base_dir), |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
230 DEF_NOPREFIX(SET_BOOL, verbose_proctitle), |
|
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
231 |
| 9002 | 232 SETTING_DEFINE_LIST_END |
| 233 }; | |
| 234 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
235 static const struct auth_settings auth_default_settings = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
236 .mechanisms = "plain", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
237 .realms = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
238 .default_realm = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
239 .cache_size = 0, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
240 .cache_ttl = 60*60, |
|
12298
94608c2debe2
auth: Default for auth_cache_negative_ttl was supposed to be 1 hour, not disabled.
Timo Sirainen <tss@iki.fi>
parents:
12166
diff
changeset
|
241 .cache_negative_ttl = 60*60, |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
242 .username_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
243 .username_translation = "", |
|
12983
c0b40ebc527d
auth_username_format default changed to %Lu
Timo Sirainen <tss@iki.fi>
parents:
12889
diff
changeset
|
244 .username_format = "%Lu", |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
245 .master_user_separator = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
246 .anonymous_username = "anonymous", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
247 .krb5_keytab = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
248 .gssapi_hostname = "", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
249 .winbind_helper_path = "/usr/bin/ntlm_auth", |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
250 .proxy_self = "", |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
251 .failure_delay = 2, |
|
12328
745ef289b0ea
auth: userdb passwd iteration now lists only users within first_valid_uid..last_valid_uid range.
Timo Sirainen <tss@iki.fi>
parents:
12298
diff
changeset
|
252 .first_valid_uid = 500, |
|
745ef289b0ea
auth: userdb passwd iteration now lists only users within first_valid_uid..last_valid_uid range.
Timo Sirainen <tss@iki.fi>
parents:
12298
diff
changeset
|
253 .last_valid_uid = 0, |
| 9002 | 254 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
255 .verbose = FALSE, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
256 .debug = FALSE, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
257 .debug_passwords = FALSE, |
|
10585
941511db13c3
Added auth_verbose_passwords = no|plain|sha1.
Timo Sirainen <tss@iki.fi>
parents:
10582
diff
changeset
|
258 .verbose_passwords = "no:plain:sha1", |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
259 .ssl_require_client_cert = FALSE, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
260 .ssl_username_from_cert = FALSE, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
261 .use_winbind = FALSE, |
| 9002 | 262 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
263 .worker_max_count = 30, |
| 9002 | 264 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
265 .passdbs = ARRAY_INIT, |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
266 .userdbs = ARRAY_INIT, |
|
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
267 |
|
13555
fe89e95867a4
auth: Added passdb imap plugin.
Timo Sirainen <tss@iki.fi>
parents:
13330
diff
changeset
|
268 .base_dir = PKG_RUNDIR, |
|
11251
6243376eff60
auth: If verbose_proctitle=yes, show auth request counts in ps.
Timo Sirainen <tss@iki.fi>
parents:
10978
diff
changeset
|
269 .verbose_proctitle = FALSE |
| 9002 | 270 }; |
| 271 | |
|
10177
d589d568a19d
Changed all settings related structs to const and changed APIs to make it work.
Timo Sirainen <tss@iki.fi>
parents:
10107
diff
changeset
|
272 const struct setting_parser_info auth_setting_parser_info = { |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
273 .module_name = "auth", |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
274 .defines = auth_setting_defines, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
275 .defaults = &auth_default_settings, |
| 9002 | 276 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
277 .type_offset = (size_t)-1, |
|
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
278 .struct_size = sizeof(struct auth_settings), |
| 9002 | 279 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
280 .parent_offset = (size_t)-1, |
|
10106
5a25b4ec5694
Reordered struct setting_parser_info fields to make using them easier.
Timo Sirainen <tss@iki.fi>
parents:
9846
diff
changeset
|
281 |
|
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
10282
diff
changeset
|
282 .check_func = auth_settings_check |
| 9002 | 283 }; |
| 284 | |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
285 /* <settings checks> */ |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
286 static bool |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
287 auth_settings_set_self_ips(struct auth_settings *set, pool_t pool, |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
288 const char **error_r) |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
289 { |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
290 const char *const *tmp; |
|
14920
a097ef0a9d6d
Array API changed: ARRAY_DEFINE(name, type) -> ARRAY(type) name
Timo Sirainen <tss@iki.fi>
parents:
14726
diff
changeset
|
291 ARRAY(struct ip_addr) ips_array; |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
292 struct ip_addr *ips; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
293 unsigned int ips_count; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
294 int ret; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
295 |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
296 if (*set->proxy_self == '\0') { |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
297 set->proxy_self_ips = p_new(pool, struct ip_addr, 1); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
298 return TRUE; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
299 } |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
300 |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
301 p_array_init(&ips_array, pool, 4); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
302 tmp = t_strsplit_spaces(set->proxy_self, " "); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
303 for (; *tmp != NULL; tmp++) { |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
304 ret = net_gethostbyname(*tmp, &ips, &ips_count); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
305 if (ret != 0) { |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
306 *error_r = t_strdup_printf("auth_proxy_self_ips: " |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
307 "gethostbyname(%s) failed: %s", |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
308 *tmp, net_gethosterror(ret)); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
309 } |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
310 array_append(&ips_array, ips, ips_count); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
311 } |
|
14686
9ff19c1d5f69
Added array_append_zero() to write a zero-filled record to an array.
Timo Sirainen <tss@iki.fi>
parents:
14461
diff
changeset
|
312 array_append_zero(&ips_array); |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
313 set->proxy_self_ips = array_idx(&ips_array, 0); |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
314 return TRUE; |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
315 } |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
316 |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
317 static bool auth_settings_check(void *_set, pool_t pool, |
|
12087
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
318 const char **error_r) |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
319 { |
|
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
320 struct auth_settings *set = _set; |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
321 const char *p; |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
322 |
|
9451
d86490ef27bd
auth: Fixed auth_debug_password -> auth_debug -> auth_Verbose cascading.
Timo Sirainen <tss@iki.fi>
parents:
9267
diff
changeset
|
323 if (set->debug_passwords) |
|
d86490ef27bd
auth: Fixed auth_debug_password -> auth_debug -> auth_Verbose cascading.
Timo Sirainen <tss@iki.fi>
parents:
9267
diff
changeset
|
324 set->debug = TRUE; |
|
d86490ef27bd
auth: Fixed auth_debug_password -> auth_debug -> auth_Verbose cascading.
Timo Sirainen <tss@iki.fi>
parents:
9267
diff
changeset
|
325 if (set->debug) |
|
d86490ef27bd
auth: Fixed auth_debug_password -> auth_debug -> auth_Verbose cascading.
Timo Sirainen <tss@iki.fi>
parents:
9267
diff
changeset
|
326 set->verbose = TRUE; |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
327 |
|
13958
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
328 if (set->worker_max_count == 0) { |
|
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
329 *error_r = "auth_worker_max_count must be above zero"; |
|
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
330 return FALSE; |
|
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
331 } |
|
7175320feafc
auth: Throttle SQL auth worker process creation if they can't connect to database.
Timo Sirainen <tss@iki.fi>
parents:
13785
diff
changeset
|
332 |
|
12089
52e197994a55
Don't fail with auth_cache_size=0
Timo Sirainen <tss@iki.fi>
parents:
12087
diff
changeset
|
333 if (set->cache_size > 0 && set->cache_size < 1024) { |
|
12087
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
334 /* probably a configuration error. |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
335 older versions used megabyte numbers */ |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
336 *error_r = t_strdup_printf("auth_cache_size value is too small " |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
337 "(%"PRIuUOFF_T" bytes)", |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
338 set->cache_size); |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
339 return FALSE; |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
340 } |
|
27d235096cca
auth: Fail if auth_cache_size value is too small.
Timo Sirainen <tss@iki.fi>
parents:
11631
diff
changeset
|
341 |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
342 if (*set->username_chars == '\0') { |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
343 /* all chars are allowed */ |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
344 memset(set->username_chars_map, 1, |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
345 sizeof(set->username_chars_map)); |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
346 } else { |
|
10896
f93195ae4bed
auth: Recent changes broke auth_username_chars checking.
Timo Sirainen <tss@iki.fi>
parents:
10893
diff
changeset
|
347 for (p = set->username_chars; *p != '\0'; p++) |
|
10892
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
348 set->username_chars_map[(int)(uint8_t)*p] = 1; |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
349 } |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
350 |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
351 if (*set->username_translation != '\0') { |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
352 p = set->username_translation; |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
353 for (; *p != '\0' && p[1] != '\0'; p += 2) |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
354 set->username_translation_map[(int)(uint8_t)*p] = p[1]; |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
355 } |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
356 set->realms_arr = |
|
9675d9a54ac9
auth: Moved some variables generated from settings to struct auth_settings.
Timo Sirainen <tss@iki.fi>
parents:
10889
diff
changeset
|
357 (const char *const *)p_strsplit_spaces(pool, set->realms, " "); |
|
14159
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
358 |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
359 if (!auth_settings_set_self_ips(set, pool, error_r)) |
|
98d696965c91
auth: Added auth_proxy_self setting to specify IPs that are considered as "self" for proxy_maybe.
Timo Sirainen <tss@iki.fi>
parents:
14133
diff
changeset
|
360 return FALSE; |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
361 return TRUE; |
|
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
362 } |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
363 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
364 static bool |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
365 auth_passdb_settings_check(void *_set, pool_t pool ATTR_UNUSED, |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
366 const char **error_r) |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
367 { |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
368 struct auth_passdb_settings *set = _set; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
369 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
370 if (set->driver == NULL || *set->driver == '\0') { |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
371 *error_r = "passdb is missing driver"; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
372 return FALSE; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
373 } |
|
15691
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
374 if (set->pass && strcmp(set->result_success, "return-ok") != 0) { |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
375 *error_r = "Obsolete pass=yes setting mixed with non-default result_success"; |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
376 return FALSE; |
|
d60aa734c72d
auth: Added passdb { result_* and skip } settings.
Timo Sirainen <tss@iki.fi>
parents:
15088
diff
changeset
|
377 } |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
378 return TRUE; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
379 } |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
380 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
381 static bool |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
382 auth_userdb_settings_check(void *_set, pool_t pool ATTR_UNUSED, |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
383 const char **error_r) |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
384 { |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
385 struct auth_userdb_settings *set = _set; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
386 |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
387 if (set->driver == NULL || *set->driver == '\0') { |
|
10587
bea4b2d1f27f
auth: Fixed "userdb is missing driver" error.
Timo Sirainen <tss@iki.fi>
parents:
10585
diff
changeset
|
388 *error_r = "userdb is missing driver"; |
|
10578
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
389 return FALSE; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
390 } |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
391 return TRUE; |
|
a2ed5c020cfa
auth: Don't use section names for passdb/userdb driver names.
Timo Sirainen <tss@iki.fi>
parents:
10576
diff
changeset
|
392 } |
|
9261
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
393 /* </settings checks> */ |
|
5e80d667a827
auth settings: Make sure we have a section name defined.
Timo Sirainen <tss@iki.fi>
parents:
9244
diff
changeset
|
394 |
|
10893
1a4c2e4bff75
auth: auth_userdb and auth_passdb no longer has pointer to struct auth.
Timo Sirainen <tss@iki.fi>
parents:
10892
diff
changeset
|
395 struct auth_settings *global_auth_settings; |
|
1a4c2e4bff75
auth: auth_userdb and auth_passdb no longer has pointer to struct auth.
Timo Sirainen <tss@iki.fi>
parents:
10892
diff
changeset
|
396 |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
397 struct auth_settings * |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
398 auth_settings_read(const char *service, pool_t pool, |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
399 struct master_service_settings_output *output_r) |
| 9002 | 400 { |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
401 static const struct setting_parser_info *set_roots[] = { |
|
9846
cf27080f3fcf
config: Removed auth sections completely for now.
Timo Sirainen <tss@iki.fi>
parents:
9834
diff
changeset
|
402 &auth_setting_parser_info, |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
403 NULL |
|
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
404 }; |
|
10903
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
405 struct master_service_settings_input input; |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
406 struct setting_parser_context *set_parser; |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
407 const char *error; |
|
15088
14df6be0111f
Read SSL settings only if service has SSL sockets or MASTER_SERVICE_FLAG_USE_SSL_SETTINGS.
Timo Sirainen <tss@iki.fi>
parents:
15051
diff
changeset
|
408 void **sets; |
| 9002 | 409 |
|
10903
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
410 memset(&input, 0, sizeof(input)); |
|
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
411 input.roots = set_roots; |
|
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
412 input.module = "auth"; |
|
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
413 input.service = service; |
|
6e639833c3fc
auth: Initial support for per-protocol auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10897
diff
changeset
|
414 if (master_service_settings_read(master_service, &input, |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
415 output_r, &error) < 0) |
|
9159
6324a79d3ee1
Initial commit for v2.0 master rewrite. Several features are still missing.
Timo Sirainen <tss@iki.fi>
parents:
9057
diff
changeset
|
416 i_fatal("Error reading configuration: %s", error); |
| 9002 | 417 |
|
13760
acfe332f9aeb
auth: Support passing regular %variables to sql/ldap iterate queries.
Timo Sirainen <tss@iki.fi>
parents:
13555
diff
changeset
|
418 pool_ref(pool); |
|
10953
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
419 set_parser = settings_parser_dup(master_service->set_parser, pool); |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
420 if (!settings_parser_check(set_parser, pool, &error)) |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
421 i_unreached(); |
|
bdef690d41d5
auth: Fixed support for per-service auth settings.
Timo Sirainen <tss@iki.fi>
parents:
10921
diff
changeset
|
422 |
|
15088
14df6be0111f
Read SSL settings only if service has SSL sockets or MASTER_SERVICE_FLAG_USE_SSL_SETTINGS.
Timo Sirainen <tss@iki.fi>
parents:
15051
diff
changeset
|
423 sets = master_service_settings_parser_get_others(master_service, |
|
14df6be0111f
Read SSL settings only if service has SSL sockets or MASTER_SERVICE_FLAG_USE_SSL_SETTINGS.
Timo Sirainen <tss@iki.fi>
parents:
15051
diff
changeset
|
424 set_parser); |
|
13760
acfe332f9aeb
auth: Support passing regular %variables to sql/ldap iterate queries.
Timo Sirainen <tss@iki.fi>
parents:
13555
diff
changeset
|
425 settings_parser_deinit(&set_parser); |
|
15088
14df6be0111f
Read SSL settings only if service has SSL sockets or MASTER_SERVICE_FLAG_USE_SSL_SETTINGS.
Timo Sirainen <tss@iki.fi>
parents:
15051
diff
changeset
|
426 return sets[0]; |
| 9002 | 427 } |