ba770cba5598 Updated copyright notices to include year 2012.

parents: 13956

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

97cdfeb57129 Renamed headers to prevent collision if they were flattened on an install.

parents: 9015

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

941511db13c3 Added auth_verbose_passwords = no|plain|sha1.

parents: 10582

971050640e3b All password schemes can now be encoded with base64 or hex. The encoding is

parents: 5593

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

3f27bf7832a2 Added auth_username_format setting.

parents: 4164

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

f0cc5486696e Authentication cache caches now also userdb data. Code by Tommi Saviranta.

parents: 4914

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

3ef582c3fb72 auth: Aborting pending async requests on deinit caused crashes.

parents: 11255

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

83ac50d3b76f auth: Added default_fields and override_fields settings to all passdbs and userdbs.

parents: 12977

83ac50d3b76f auth: Added default_fields and override_fields settings to all passdbs and userdbs.

parents: 12977

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

83ac50d3b76f auth: Added default_fields and override_fields settings to all passdbs and userdbs.

parents: 12977

40a461d554e6 Added auth_debug_passwords setting. If it's not enabled, hide all password

parents: 3879

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

f7cdede45a88 If uidgid_file=<template_path> is set, the uid and gid are looked up by

parents: 5872

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

90410a8f3786 auth: Minor code fix/cleanup.

parents: 11251

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

941511db13c3 Added auth_verbose_passwords = no|plain|sha1.

parents: 10582

941511db13c3 Added auth_verbose_passwords = no|plain|sha1.

parents: 10582

941511db13c3 Added auth_verbose_passwords = no|plain|sha1.

parents: 10582

289a98ba5d95 Another try with API cleanup.

parents: 3071

94f78f415811 auth: Removed unnecessary auth_request callback and context uses.

parents: 11490

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

dad0e22b735a Changed auth_request->created to last_access and update it a bit more often.

parents: 5585

3feb38ff17f5 Moving code around.

parents: 3072

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

289a98ba5d95 Another try with API cleanup.

parents: 3071

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

289a98ba5d95 Another try with API cleanup.

parents: 3071

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

3089083e1d47 Handle USER requests from master connections.

parents: 3183

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

4f8598b0ca62 Use a bit larger initial pool sizes

parents: 3687

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

3089083e1d47 Handle USER requests from master connections.

parents: 3183

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

3089083e1d47 Handle USER requests from master connections.

parents: 3183

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

3089083e1d47 Handle USER requests from master connections.

parents: 3183

3089083e1d47 Handle USER requests from master connections.

parents: 3183

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

5050e2eb1bfe auth: Previous change broke non-master logins..

parents: 10960

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

265655f270df Added "allow_nets" extra field. If set, the user can log in only from

parents: 4054

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

94f78f415811 auth: Removed unnecessary auth_request callback and context uses.

parents: 11490

94f78f415811 auth: Removed unnecessary auth_request callback and context uses.

parents: 11490

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

94f78f415811 auth: Removed unnecessary auth_request callback and context uses.

parents: 11490

94f78f415811 auth: Removed unnecessary auth_request callback and context uses.

parents: 11490

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to

parents: 3863

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

e4b84d82c685 Master connection's USER command was leaking memory (with deliver binary).

parents: 3338

e4b84d82c685 Master connection's USER command was leaking memory (with deliver binary).

parents: 3338

e4b84d82c685 Master connection's USER command was leaking memory (with deliver binary).

parents: 3338

7cad076906eb pool_unref() now takes ** pointer.

parents: 6411

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

2d33734b16d5 Split auth_request* functions from mech.c to auth-request.c

parents:

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

9f66028a1089 Pass original_username to auth-workers.

parents: 8320

fc5683975951 auth: original_username should never be NULL, removed all code that checks for it.

parents: 8346

fc5683975951 auth: original_username should never be NULL, removed all code that checks for it.

parents: 8346

3ba227176cde auth: Pass requested_login_user to auth worker processes.

parents: 12005

3ba227176cde auth: Pass requested_login_user to auth worker processes.

parents: 12005

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

e33158bc72b0 %c wasn't exported to auth worker processes. Patch by Andrey Panin

parents: 5475

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

be991f857c70 Fixed pass=yes with blocking passdbs. Also master_user wasn't exported

parents: 7278

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

d49aa6720fb2 Added %k variable to display valid-client-cert status. It expands to "valid" or empty.

parents: 8163

d49aa6720fb2 Added %k variable to display valid-client-cert status. It expands to "valid" or empty.

parents: 8163

bf6749d4db08 auth: Allow clients to specify that they want to skip auth penalty check.

parents: 12794

bf6749d4db08 auth: Allow clients to specify that they want to skip auth penalty check.

parents: 12794

bbcef91eac7e auth: Export/import auth_request->successful for auth workers.

parents: 12915

bbcef91eac7e auth: Export/import auth_request->successful for auth workers.

parents: 12915

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

40ce533c88f9 Send local/remote ports to dovecot-auth. They're now in %a and %b variables.

parents: 5879

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

0d72eb2ed8af Added %c variable which expands to "secured" with SSL/TLS/localhost.

parents: 5251

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

9a6aa717bc46 auth: Don't allow auth clients to set internal auth request fields.

parents: 13566

1bd8b17bfabe If AUTH has "nologin" parameter, the request is freed when authentication is

parents: 7086

1bd8b17bfabe If AUTH has "nologin" parameter, the request is freed when authentication is

parents: 7086

bbcef91eac7e auth: Export/import auth_request->successful for auth workers.

parents: 12915

bbcef91eac7e auth: Export/import auth_request->successful for auth workers.

parents: 12915

be991f857c70 Fixed pass=yes with blocking passdbs. Also master_user wasn't exported

parents: 7278

be991f857c70 Fixed pass=yes with blocking passdbs. Also master_user wasn't exported

parents: 7278

be991f857c70 Fixed pass=yes with blocking passdbs. Also master_user wasn't exported

parents: 7278

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

d49bdda63506 auth: %m variable didn't work with blocking passdbs

parents: 7919

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e5ce49c8524a USER auth command requires now service parameter and supports also others

parents: 3318

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

b01a8fa09f94 Cleanups.

parents: 3065

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

fbff8ca77d2e auth: Added auth failure penalty tracking based on remote IP address.

parents: 10082

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

c7db6b291daa API cleanup

parents: 3069

b01a8fa09f94 Cleanups.

parents: 3065

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

8a3b57385eca Added state variable for auth_request and several assertions to make sure

parents: 3167

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

f2608c3a64ee auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1

parents: 13728

d3697efd18f3 auth: Don't loop through active requests every 5 seconds, looking for timeouts.

parents: 10689

c7db6b291daa API cleanup

parents: 3069

b01a8fa09f94 Cleanups.

parents: 3065

b01a8fa09f94 Cleanups.

parents: 3065

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give

parents: 3171

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

96fd7a3f9bfe If password is expired, give "Password expired" error. Currently works only

parents: 4295

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

e2fe8222449d s/occured/occurred/

parents: 3432

e2fe8222449d s/occured/occurred/

parents: 3432

079ec5c2d665 Last change caused user-given passwords to be cached, and later the password

parents: 3431

075963b71b94 auth: Disable auth caching entirely for master users.

parents: 12297

075963b71b94 auth: Disable auth caching entirely for master users.

parents: 12297

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

3b49b9ec87dc auth_cache: Try to handle changing passwords automatically: If password

parents: 4575

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.

parents: 3655

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

46ae2e53d688 auth: When caching user-given passwords, cache their SHA1, not the plaintext.

parents: 10585

81180ca12997 We were caching failed blocking requests wrong.

parents: 3635

81180ca12997 We were caching failed blocking requests wrong.

parents: 3635

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

e2fe8222449d s/occured/occurred/

parents: 3432

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

09b5e002ad8a If passdb returned NULL password (ie. no password needed), it wasn't cached

parents: 3668

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually

parents: 3164

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

e2fe8222449d s/occured/occurred/

parents: 3432

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

9b1a90eddfd0 Special extra_fields weren't saved to auth cache. This was especially

parents: 5069

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

3b49b9ec87dc auth_cache: Try to handle changing passwords automatically: If password

parents: 4575

3b49b9ec87dc auth_cache: Try to handle changing passwords automatically: If password

parents: 4575

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

dee19849654b If master login failed because of non-password failure (eg. allow_nets)

parents: 4533

dee19849654b If master login failed because of non-password failure (eg. allow_nets)

parents: 4533

dee19849654b If master login failed because of non-password failure (eg. allow_nets)

parents: 4533

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

f9d34d929c3f auth: Master user login + prefetch userdb changed username to master user.

parents: 12489

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

52eb8317514f auth: Cleaned up struct auth_passdb/auth_userdb.

parents: 10893

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

6e639833c3fc auth: Initial support for per-protocol auth settings.

parents: 10897

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

f451ffa51772 auth: Give a better error message if pass=yes can't be used in master passdb.

parents: 12006

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool.

parents: 3771

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

97f53e0cce63 Fallback to using expired records from auth cache if database lookups fail.

parents: 3166

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

52eb8317514f auth: Cleaned up struct auth_passdb/auth_userdb.

parents: 10893

52eb8317514f auth: Cleaned up struct auth_passdb/auth_userdb.

parents: 10893

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

52eb8317514f auth: Cleaned up struct auth_passdb/auth_userdb.

parents: 10893

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

8846e6be0e02 If multiple passdbs were configured and we tried to authenticate as user

parents: 4374

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do

parents: 4078

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

96fd7a3f9bfe If password is expired, give "Password expired" error. Currently works only

parents: 4295

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

08d31d752893 Use auth-stream API to build all TAB-delimited strings to make sure strings

parents: 7318

96fd7a3f9bfe If password is expired, give "Password expired" error. Currently works only

parents: 4295

96fd7a3f9bfe If password is expired, give "Password expired" error. Currently works only

parents: 4295

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give

parents: 3171

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

627aeadb0955 auth: passdb credentials lookup fix when using multiple passdbs.

parents: 12363

627aeadb0955 auth: passdb credentials lookup fix when using multiple passdbs.

parents: 12363

627aeadb0955 auth: passdb credentials lookup fix when using multiple passdbs.

parents: 12363

627aeadb0955 auth: passdb credentials lookup fix when using multiple passdbs.

parents: 12363

627aeadb0955 auth: passdb credentials lookup fix when using multiple passdbs.

parents: 12363

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

8a8352cda514 If passdb lookup fails with internal error, try other passdbs anyway before

parents: 3520

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

769aaaee6821 Reverted accidental commit. This code isn't ready yet.

parents: 5462

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

faf83f3e19b5 Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.

parents: 4017

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

83ac50d3b76f auth: Added default_fields and override_fields settings to all passdbs and userdbs.

parents: 12977

83ac50d3b76f auth: Added default_fields and override_fields settings to all passdbs and userdbs.

parents: 12977

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

6243376eff60 auth: If verbose_proctitle=yes, show auth request counts in ps.

parents: 11151

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

83ac50d3b76f auth: Added default_fields and override_fields settings to all passdbs and userdbs.

parents: 12977

83ac50d3b76f auth: Added default_fields and override_fields settings to all passdbs and userdbs.

parents: 12977

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

83ac50d3b76f auth: Added default_fields and override_fields settings to all passdbs and userdbs.

parents: 12977

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

83ac50d3b76f auth: Added default_fields and override_fields settings to all passdbs and userdbs.

parents: 12977

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

ee7b18b1fc00 s/Fallbacking/Falling back/

parents: 13910

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

62fc6883faeb Fixes and cleanups to credentials handling. Also fixed auth caching to work

parents: 3645

ba802ac3b743 auth cache didn't work properly with multiple passdbs.

parents: 4685

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

6a3254e3c3de Moved cache handling from sql/ldap-specific code to generic auth-request

parents: 3158

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we

parents: 7388

1125d2d59e82 If trying to log in with password having illegal characters, make sure we