Mercurial > dovecot > core-2.2
changeset 19754:2fb8d127acf4
auth: Moved cache_key from passdb_module to auth_passdb.
This is in preparation for the next changeset, which moves
default/override_fields also to auth_passdb.
author | Timo Sirainen <timo.sirainen@dovecot.fi> |
---|---|
date | Thu, 11 Feb 2016 13:21:18 +0200 |
parents | 55511e55540d |
children | 39b5cf0a4d44 |
files | src/auth/auth-request.c src/auth/auth.c src/auth/auth.h src/auth/passdb-bsdauth.c src/auth/passdb-dict.c src/auth/passdb-ldap.c src/auth/passdb-pam.c src/auth/passdb-passwd-file.c src/auth/passdb-passwd.c src/auth/passdb-shadow.c src/auth/passdb-sql.c src/auth/passdb-vpopmail.c src/auth/passdb.c src/auth/passdb.h src/auth/userdb-dict.c src/auth/userdb-ldap.c src/auth/userdb-nss.c src/auth/userdb-passwd-file.c src/auth/userdb-passwd.c src/auth/userdb-sql.c src/auth/userdb-vpopmail.c src/auth/userdb.c src/auth/userdb.h |
diffstat | 23 files changed, 85 insertions(+), 75 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-request.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/auth-request.c Thu Feb 11 13:21:18 2016 +0200 @@ -409,7 +409,7 @@ static void auth_request_save_cache(struct auth_request *request, enum passdb_result result) { - struct passdb_module *passdb = request->passdb->passdb; + struct auth_passdb *passdb = request->passdb; const char *encoded_password; string_t *str; @@ -467,7 +467,7 @@ if (*request->passdb_password != '{') { /* cached passwords must have a known scheme */ str_append_c(str, '{'); - str_append(str, passdb->default_pass_scheme); + str_append(str, passdb->passdb->default_pass_scheme); str_append_c(str, '}'); } str_append_tabescaped(str, request->passdb_password); @@ -706,7 +706,7 @@ void auth_request_verify_plain_callback(enum passdb_result result, struct auth_request *request) { - struct passdb_module *passdb = request->passdb->passdb; + struct auth_passdb *passdb = request->passdb; i_assert(request->state == AUTH_REQUEST_STATE_PASSDB); @@ -767,7 +767,7 @@ const char *password, verify_plain_callback_t *callback) { - struct passdb_module *passdb; + struct auth_passdb *passdb; enum passdb_result result; const char *cache_key; @@ -785,7 +785,7 @@ return; } - passdb = request->passdb->passdb; + passdb = request->passdb; if (request->mech_password == NULL) request->mech_password = p_strdup(request->pool, password); else @@ -802,16 +802,16 @@ auth_request_set_state(request, AUTH_REQUEST_STATE_PASSDB); request->credentials_scheme = NULL; - if (passdb->iface.verify_plain == NULL) { + if (passdb->passdb->iface.verify_plain == NULL) { /* we're deinitializing and just want to get rid of this request */ auth_request_verify_plain_callback( PASSDB_RESULT_INTERNAL_FAILURE, request); - } else if (passdb->blocking) { + } else if (passdb->passdb->blocking) { passdb_blocking_verify_plain(request); } else { - passdb_template_export(passdb->default_fields_tmpl, request); - passdb->iface.verify_plain(request, password, + passdb_template_export(passdb->passdb->default_fields_tmpl, request); + passdb->passdb->iface.verify_plain(request, password, auth_request_verify_plain_callback); } } @@ -871,7 +871,7 @@ size_t size, struct auth_request *request) { - struct passdb_module *passdb = request->passdb->passdb; + struct auth_passdb *passdb = request->passdb; const char *cache_cred, *cache_scheme; i_assert(request->state == AUTH_REQUEST_STATE_PASSDB); @@ -908,7 +908,7 @@ const char *scheme, lookup_credentials_callback_t *callback) { - struct passdb_module *passdb; + struct auth_passdb *passdb; const char *cache_key, *cache_cred, *cache_scheme; enum passdb_result result; @@ -918,7 +918,7 @@ callback(PASSDB_RESULT_USER_UNKNOWN, NULL, 0, request); return; } - passdb = request->passdb->passdb; + passdb = request->passdb; request->credentials_scheme = p_strdup(request->pool, scheme); request->private_callback.lookup_credentials = callback; @@ -938,18 +938,18 @@ auth_request_set_state(request, AUTH_REQUEST_STATE_PASSDB); - if (passdb->iface.lookup_credentials == NULL) { + if (passdb->passdb->iface.lookup_credentials == NULL) { /* this passdb doesn't support credentials */ auth_request_log_debug(request, AUTH_SUBSYS_DB, "passdb doesn't support credential lookups"); auth_request_lookup_credentials_callback( PASSDB_RESULT_SCHEME_NOT_AVAILABLE, &uchar_nul, 0, request); - } else if (passdb->blocking) { + } else if (passdb->passdb->blocking) { passdb_blocking_lookup_credentials(request); } else { - passdb_template_export(passdb->default_fields_tmpl, request); - passdb->iface.lookup_credentials(request, + passdb_template_export(passdb->passdb->default_fields_tmpl, request); + passdb->passdb->iface.lookup_credentials(request, auth_request_lookup_credentials_callback); } } @@ -958,7 +958,7 @@ const char *scheme, const char *data, set_credentials_callback_t *callback) { - struct passdb_module *passdb = request->passdb->passdb; + struct auth_passdb *passdb = request->passdb; const char *cache_key, *new_credentials; cache_key = passdb_cache == NULL ? NULL : passdb->cache_key; @@ -968,11 +968,11 @@ request->private_callback.set_credentials = callback; new_credentials = t_strdup_printf("{%s}%s", scheme, data); - if (passdb->blocking) + if (passdb->passdb->blocking) passdb_blocking_set_credentials(request, new_credentials); - else if (passdb->iface.set_credentials != NULL) { - passdb->iface.set_credentials(request, new_credentials, - callback); + else if (passdb->passdb->iface.set_credentials != NULL) { + passdb->passdb->iface.set_credentials(request, new_credentials, + callback); } else { /* this passdb doesn't support credentials update */ callback(FALSE, request); @@ -982,7 +982,7 @@ static void auth_request_userdb_save_cache(struct auth_request *request, enum userdb_result result) { - struct userdb_module *userdb = request->userdb->userdb; + struct auth_userdb *userdb = request->userdb; string_t *str; const char *cache_value; @@ -1060,22 +1060,22 @@ void auth_request_userdb_callback(enum userdb_result result, struct auth_request *request) { - struct userdb_module *userdb = request->userdb->userdb; + struct auth_userdb *userdb = request->userdb; struct auth_userdb *next_userdb; enum auth_db_rule result_rule; bool userdb_continue = FALSE; switch (result) { case USERDB_RESULT_OK: - result_rule = request->userdb->result_success; + result_rule = userdb->result_success; break; case USERDB_RESULT_INTERNAL_FAILURE: auth_request_stats_add_tempfail(request); - result_rule = request->userdb->result_internalfail; + result_rule = userdb->result_internalfail; break; case USERDB_RESULT_USER_UNKNOWN: default: - result_rule = request->userdb->result_failure; + result_rule = userdb->result_failure; break; } @@ -1101,7 +1101,7 @@ break; } - next_userdb = request->userdb->next; + next_userdb = userdb->next; while (next_userdb != NULL && auth_request_want_skip_userdb(request, next_userdb)) next_userdb = next_userdb->next; @@ -1114,7 +1114,7 @@ if (result == USERDB_RESULT_OK) { /* this userdb lookup succeeded, preserve its extra fields */ - userdb_template_export(userdb->override_fields_tmpl, request); + userdb_template_export(userdb->userdb->override_fields_tmpl, request); auth_fields_snapshot(request->userdb_reply); } else { /* this userdb lookup failed, remove any extra fields @@ -1129,7 +1129,7 @@ } if (request->userdb_success) - userdb_template_export(userdb->override_fields_tmpl, request); + userdb_template_export(userdb->userdb->override_fields_tmpl, request); else if (request->userdbs_seen_internal_failure || result == USERDB_RESULT_INTERNAL_FAILURE) { /* one of the userdb lookups failed. the user might have been @@ -1170,7 +1170,7 @@ void auth_request_lookup_user(struct auth_request *request, userdb_callback_t *callback) { - struct userdb_module *userdb = request->userdb->userdb; + struct auth_userdb *userdb = request->userdb; const char *cache_key; request->private_callback.userdb = callback; @@ -1181,7 +1181,7 @@ /* we still want to set default_fields. these override any existing fields set by previous userdbs (because if that is unwanted, ":protected" can be used). */ - userdb_template_export(userdb->default_fields_tmpl, request); + userdb_template_export(userdb->userdb->default_fields_tmpl, request); } /* (for now) auth_cache is shared between passdb and userdb */ @@ -1196,14 +1196,14 @@ } } - if (userdb->iface->lookup == NULL) { + if (userdb->userdb->iface->lookup == NULL) { /* we are deinitializing */ auth_request_userdb_callback(USERDB_RESULT_INTERNAL_FAILURE, request); - } else if (userdb->blocking) + } else if (userdb->userdb->blocking) userdb_blocking_lookup(request); else - userdb->iface->lookup(request, auth_request_userdb_callback); + userdb->userdb->iface->lookup(request, auth_request_userdb_callback); } static char *
--- a/src/auth/auth.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/auth.c Thu Feb 11 13:21:18 2016 +0200 @@ -87,6 +87,10 @@ *dest = auth_passdb; auth_passdb->passdb = passdb_preinit(auth->pool, set); + /* make sure any %variables in default_fields exist in cache_key */ + auth_passdb->cache_key = + p_strconcat(auth->pool, auth_passdb->passdb->default_cache_key, + set->default_fields, NULL); } static void @@ -108,6 +112,10 @@ *dest = auth_userdb; auth_userdb->userdb = userdb_preinit(auth->pool, set); + /* make sure any %variables in default_fields exist in cache_key */ + auth_userdb->cache_key = + p_strconcat(auth->pool, auth_userdb->userdb->default_cache_key, + set->default_fields, NULL); } static bool auth_passdb_list_have_verify_plain(const struct auth *auth) @@ -264,15 +272,23 @@ return auth; } +static void auth_passdb_init(struct auth_passdb *passdb) +{ + passdb_init(passdb->passdb); + + i_assert(passdb->passdb->default_pass_scheme != NULL || + passdb->cache_key == NULL); +} + static void auth_init(struct auth *auth) { struct auth_passdb *passdb; struct auth_userdb *userdb; for (passdb = auth->masterdbs; passdb != NULL; passdb = passdb->next) - passdb_init(passdb->passdb); + auth_passdb_init(passdb); for (passdb = auth->passdbs; passdb != NULL; passdb = passdb->next) - passdb_init(passdb->passdb); + auth_passdb_init(passdb); for (userdb = auth->userdbs; userdb != NULL; userdb = userdb->next) userdb_init(userdb->userdb); }
--- a/src/auth/auth.h Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/auth.h Thu Feb 11 13:21:18 2016 +0200 @@ -32,6 +32,9 @@ const struct auth_passdb_settings *set; struct passdb_module *passdb; + /* The caching key for this passdb, or NULL if caching isn't wanted. */ + const char *cache_key; + enum auth_passdb_skip skip; enum auth_db_rule result_success; enum auth_db_rule result_failure; @@ -44,6 +47,9 @@ const struct auth_userdb_settings *set; struct userdb_module *userdb; + /* The caching key for this userdb, or NULL if caching isn't wanted. */ + const char *cache_key; + enum auth_userdb_skip skip; enum auth_db_rule result_success; enum auth_db_rule result_failure;
--- a/src/auth/passdb-bsdauth.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb-bsdauth.c Thu Feb 11 13:21:18 2016 +0200 @@ -67,7 +67,7 @@ if (strcmp(args, "blocking=no") == 0) module->blocking = FALSE; else if (strncmp(args, "cache_key=", 10) == 0) - module->cache_key = auth_cache_parse_key(pool, args + 10); + module->default_cache_key = auth_cache_parse_key(pool, args + 10); else if (*args != '\0') i_fatal("passdb bsdauth: Unknown setting: %s", args); return module;
--- a/src/auth/passdb-dict.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb-dict.c Thu Feb 11 13:21:18 2016 +0200 @@ -159,7 +159,7 @@ module->conn = conn = db_dict_init(args); module->module.blocking = TRUE; - module->module.cache_key = auth_cache_parse_key(pool, + module->module.default_cache_key = auth_cache_parse_key(pool, db_dict_parse_cache_key(&conn->set.keys, &conn->set.passdb_fields, &conn->set.parsed_passdb_objects)); module->module.default_pass_scheme = conn->set.default_pass_scheme;
--- a/src/auth/passdb-ldap.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb-ldap.c Thu Feb 11 13:21:18 2016 +0200 @@ -436,7 +436,7 @@ &conn->pass_attr_map, conn->set.auth_bind ? "password" : NULL); module->module.blocking = conn->set.blocking; - module->module.cache_key = + module->module.default_cache_key = auth_cache_parse_key(pool, t_strconcat(conn->set.base, conn->set.pass_attrs,
--- a/src/auth/passdb-pam.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb-pam.c Thu Feb 11 13:21:18 2016 +0200 @@ -352,7 +352,7 @@ else if (strcmp(t_args[i], "setcred=yes") == 0) module->pam_setcred = TRUE; else if (strncmp(t_args[i], "cache_key=", 10) == 0) { - module->module.cache_key = + module->module.default_cache_key = auth_cache_parse_key(pool, t_args[i] + 10); } else if (strcmp(t_args[i], "blocking=yes") == 0) { /* ignore, for backwards compatibility */
--- a/src/auth/passdb-passwd-file.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb-passwd-file.c Thu Feb 11 13:21:18 2016 +0200 @@ -152,9 +152,9 @@ module->username_format = format; if (!module->pwf->vars) - module->module.cache_key = format; + module->module.default_cache_key = format; else { - module->module.cache_key = auth_cache_parse_key(pool, + module->module.default_cache_key = auth_cache_parse_key(pool, t_strconcat(format, module->pwf->path, NULL)); }
--- a/src/auth/passdb-passwd.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb-passwd.c Thu Feb 11 13:21:18 2016 +0200 @@ -99,7 +99,7 @@ else if (*args != '\0') i_fatal("passdb passwd: Unknown setting: %s", args); - module->cache_key = PASSWD_CACHE_KEY; + module->default_cache_key = PASSWD_CACHE_KEY; module->default_pass_scheme = PASSWD_PASS_SCHEME; return module; }
--- a/src/auth/passdb-shadow.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb-shadow.c Thu Feb 11 13:21:18 2016 +0200 @@ -97,7 +97,7 @@ else if (*args != '\0') i_fatal("passdb shadow: Unknown setting: %s", args); - module->cache_key = SHADOW_CACHE_KEY; + module->default_cache_key = SHADOW_CACHE_KEY; module->default_pass_scheme = SHADOW_PASS_SCHEME; return module; }
--- a/src/auth/passdb-sql.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb-sql.c Thu Feb 11 13:21:18 2016 +0200 @@ -254,7 +254,7 @@ module = p_new(pool, struct sql_passdb_module, 1); module->conn = conn = db_sql_init(args, FALSE); - module->module.cache_key = + module->module.default_cache_key = auth_cache_parse_key(pool, conn->set.password_query); module->module.default_pass_scheme = conn->set.default_pass_scheme; return &module->module;
--- a/src/auth/passdb-vpopmail.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb-vpopmail.c Thu Feb 11 13:21:18 2016 +0200 @@ -184,7 +184,7 @@ tmp = t_strsplit_spaces(args, " "); for (; *tmp != NULL; tmp++) { if (strncmp(*tmp, "cache_key=", 10) == 0) { - module->module.cache_key = + module->module.default_cache_key = auth_cache_parse_key(pool, *tmp + 10); } else if (strncmp(*tmp, "webmail=", 8) == 0) { if (net_addr2ip(*tmp + 8, &module->webmail_ip) < 0)
--- a/src/auth/passdb.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb.c Thu Feb 11 13:21:18 2016 +0200 @@ -227,13 +227,6 @@ passdb_template_build(pool, set->default_fields); passdb->override_fields_tmpl = passdb_template_build(pool, set->override_fields); - if (passdb->cache_key != NULL && - !passdb_template_is_empty(passdb->default_fields_tmpl)) { - /* make sure any %variables in default_fields exist - in cache_key */ - passdb->cache_key = p_strconcat(pool, passdb->cache_key, - set->default_fields, NULL); - } array_append(&passdb_modules, &passdb, 1); return passdb; @@ -244,9 +237,6 @@ if (passdb->iface.init != NULL && passdb->init_refcount == 0) passdb->iface.init(passdb); passdb->init_refcount++; - - i_assert(passdb->default_pass_scheme != NULL || - passdb->cache_key == NULL); } void passdb_deinit(struct passdb_module *passdb)
--- a/src/auth/passdb.h Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/passdb.h Thu Feb 11 13:21:18 2016 +0200 @@ -54,8 +54,10 @@ struct passdb_module { const char *args; - /* The caching key for this module, or NULL if caching isn't wanted. */ - const char *cache_key; + /* The default caching key for this module, or NULL if caching isn't + wanted. This is updated by settings in auth_passdb. */ +#define default_cache_key cache_key /* FIXME: remove in v2.3 - for API backwards compatibility */ + const char *default_cache_key; /* Default password scheme for this module. If cache_key is set, must not be NULL. */ const char *default_pass_scheme;
--- a/src/auth/userdb-dict.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/userdb-dict.c Thu Feb 11 13:21:18 2016 +0200 @@ -162,7 +162,7 @@ module->conn = conn = db_dict_init(args); module->module.blocking = TRUE; - module->module.cache_key = auth_cache_parse_key(pool, + module->module.default_cache_key = auth_cache_parse_key(pool, db_dict_parse_cache_key(&conn->set.keys, &conn->set.userdb_fields, &conn->set.parsed_userdb_objects)); return &module->module;
--- a/src/auth/userdb-ldap.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/userdb-ldap.c Thu Feb 11 13:21:18 2016 +0200 @@ -266,7 +266,7 @@ &conn->iterate_attr_names, &conn->iterate_attr_map, NULL); module->module.blocking = conn->set.blocking; - module->module.cache_key = + module->module.default_cache_key = auth_cache_parse_key(pool, t_strconcat(conn->set.base, conn->set.user_attrs,
--- a/src/auth/userdb-nss.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/userdb-nss.c Thu Feb 11 13:21:18 2016 +0200 @@ -127,7 +127,7 @@ i_fatal("userdb nss: Missing service"); userdb_nss_load_module(module, pool); - module->module.cache_key = USER_CACHE_KEY; + module->module.default_cache_key = USER_CACHE_KEY; return &module->module; }
--- a/src/auth/userdb-passwd-file.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/userdb-passwd-file.c Thu Feb 11 13:21:18 2016 +0200 @@ -193,9 +193,9 @@ module->username_format = format; if (!module->pwf->vars) - module->module.cache_key = PASSWD_FILE_CACHE_KEY; + module->module.default_cache_key = PASSWD_FILE_CACHE_KEY; else { - module->module.cache_key = + module->module.default_cache_key = auth_cache_parse_key(pool, t_strconcat(PASSWD_FILE_CACHE_KEY, module->pwf->path,
--- a/src/auth/userdb-passwd.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/userdb-passwd.c Thu Feb 11 13:21:18 2016 +0200 @@ -207,7 +207,7 @@ const char *value; module = p_new(pool, struct passwd_userdb_module, 1); - module->module.cache_key = USER_CACHE_KEY; + module->module.default_cache_key = USER_CACHE_KEY; module->tmpl = userdb_template_build(pool, "passwd", args); module->module.blocking = TRUE;
--- a/src/auth/userdb-sql.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/userdb-sql.c Thu Feb 11 13:21:18 2016 +0200 @@ -257,7 +257,7 @@ module = p_new(pool, struct sql_userdb_module, 1); module->conn = db_sql_init(args, TRUE); - module->module.cache_key = + module->module.default_cache_key = auth_cache_parse_key(pool, module->conn->set.user_query); return &module->module; }
--- a/src/auth/userdb-vpopmail.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/userdb-vpopmail.c Thu Feb 11 13:21:18 2016 +0200 @@ -146,7 +146,8 @@ for (tmp = t_strsplit(args, " "); *tmp != NULL; tmp++) { if (strncmp(*tmp, "cache_key=", 10) == 0) - module->module.cache_key = p_strdup(pool, *tmp + 10); + module->module.default_cache_key = + p_strdup(pool, *tmp + 10); else if (strncmp(*tmp, "quota_template=", 15) == 0) { p = strchr(*tmp + 15, '='); if (p == NULL) {
--- a/src/auth/userdb.c Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/userdb.c Thu Feb 11 13:21:18 2016 +0200 @@ -171,13 +171,6 @@ userdb->override_fields_tmpl = userdb_template_build(pool, set->driver, set->override_fields); - if (userdb->cache_key != NULL && - !userdb_template_is_empty(userdb->default_fields_tmpl)) { - /* make sure any %variables in default_fields exist - in cache_key */ - userdb->cache_key = p_strconcat(pool, userdb->cache_key, - set->default_fields, NULL); - } array_append(&userdb_modules, &userdb, 1); return userdb;
--- a/src/auth/userdb.h Thu Feb 11 13:58:54 2016 +0200 +++ b/src/auth/userdb.h Thu Feb 11 13:21:18 2016 +0200 @@ -22,8 +22,10 @@ struct userdb_module { const char *args; - /* The caching key for this module, or NULL if caching isn't wanted. */ - const char *cache_key; + /* The default caching key for this module, or NULL if caching isn't + wanted. This is updated by settings in auth_userdb. */ +#define default_cache_key cache_key /* FIXME: remove in v2.3 - for API backwards compatibility */ + const char *default_cache_key; /* If blocking is set to TRUE, use child processes to access this userdb. */