Mercurial > dovecot > core-2.2
diff src/auth/auth-settings.c @ 15691:d60aa734c72d
auth: Added passdb { result_* and skip } settings.
passdb { skip = never | authenticated | unauthenticated } can be used to
skip over a passdb lookup based on previous passdb lookups.
passdb { result_success, result_failure, result_internalfail } can be used
to specify what to do on those conditions. Choices as continue,
continue-ok, continue-fail, return, return-ok, return-fail. The -ok and
-fail variants update the current "success" flag, while continue/return uses
the current flag. The authentication succeeds only if the success flag is
set after the last lookup. The continue variants continue to the next
passdb, while return variants finish the lookup immediately.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Wed, 30 Jan 2013 22:44:48 +0200 |
| parents | 14df6be0111f |
| children | 18661d1d6ed0 |
line wrap: on
line diff
--- a/src/auth/auth-settings.c Wed Jan 30 22:23:09 2013 +0200 +++ b/src/auth/auth-settings.c Wed Jan 30 22:44:48 2013 +0200 @@ -111,6 +111,10 @@ DEF(SET_STR, args), DEF(SET_STR, default_fields), DEF(SET_STR, override_fields), + DEF(SET_ENUM, skip), + DEF(SET_ENUM, result_success), + DEF(SET_ENUM, result_failure), + DEF(SET_ENUM, result_internalfail), DEF(SET_BOOL, deny), DEF(SET_BOOL, pass), DEF(SET_BOOL, master), @@ -123,6 +127,10 @@ .args = "", .default_fields = "", .override_fields = "", + .skip = "never:authenticated:unauthenticated", + .result_success = "return-ok:return:return-fail:continue:continue-ok:continue-fail", + .result_failure = "continue:return:return-ok:return-fail:continue-ok:continue-fail", + .result_internalfail = "continue:return:return-ok:return-fail:continue-ok:continue-fail", .deny = FALSE, .pass = FALSE, .master = FALSE @@ -363,6 +371,10 @@ *error_r = "passdb is missing driver"; return FALSE; } + if (set->pass && strcmp(set->result_success, "return-ok") != 0) { + *error_r = "Obsolete pass=yes setting mixed with non-default result_success"; + return FALSE; + } return TRUE; }