Mercurial > dovecot > core-2.2
changeset 19755:39b5cf0a4d44
auth: Moved all passdb/userdb template handling to auth_passdb/userdb.
This is because passdb_find() and userdb_find() attempts to avoid
duplicating passdbs and userdbs when they have identical driver+args.
This deduplication is useful when using multiple protocol { .. } blocks
that duplicate some passdb/userdb backends. For example we might want
to have only a single SQL connection regardless of how the protocol-specific
passdbs and userdbs are being set up. All the default/override_fields and
result_* settings aren't relevant to the passdb/userdb backends, so removing
them will again allow the deduplication to work correctly.
author | Timo Sirainen <timo.sirainen@dovecot.fi> |
---|---|
date | Thu, 11 Feb 2016 13:25:28 +0200 |
parents | 2fb8d127acf4 |
children | 7bad1104baf0 |
files | src/auth/auth-request.c src/auth/auth.c src/auth/auth.h src/auth/passdb.c src/auth/passdb.h src/auth/userdb.c src/auth/userdb.h |
diffstat | 7 files changed, 34 insertions(+), 30 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-request.c Thu Feb 11 13:21:18 2016 +0200 +++ b/src/auth/auth-request.c Thu Feb 11 13:25:28 2016 +0200 @@ -690,7 +690,7 @@ auth_request_verify_plain_callback_finish(enum passdb_result result, struct auth_request *request) { - passdb_template_export(request->passdb->passdb->override_fields_tmpl, request); + passdb_template_export(request->passdb->override_fields_tmpl, request); if (!auth_request_handle_passdb_callback(&result, request)) { /* try next passdb */ auth_request_verify_plain(request, request->mech_password, @@ -810,7 +810,7 @@ } else if (passdb->passdb->blocking) { passdb_blocking_verify_plain(request); } else { - passdb_template_export(passdb->passdb->default_fields_tmpl, request); + passdb_template_export(passdb->default_fields_tmpl, request); passdb->passdb->iface.verify_plain(request, password, auth_request_verify_plain_callback); } @@ -822,7 +822,7 @@ size_t size, struct auth_request *request) { - passdb_template_export(request->passdb->passdb->override_fields_tmpl, request); + passdb_template_export(request->passdb->override_fields_tmpl, request); if (!auth_request_handle_passdb_callback(&result, request)) { /* try next passdb */ if (request->skip_password_check && @@ -948,7 +948,7 @@ } else if (passdb->passdb->blocking) { passdb_blocking_lookup_credentials(request); } else { - passdb_template_export(passdb->passdb->default_fields_tmpl, request); + passdb_template_export(passdb->default_fields_tmpl, request); passdb->passdb->iface.lookup_credentials(request, auth_request_lookup_credentials_callback); } @@ -1114,7 +1114,7 @@ if (result == USERDB_RESULT_OK) { /* this userdb lookup succeeded, preserve its extra fields */ - userdb_template_export(userdb->userdb->override_fields_tmpl, request); + userdb_template_export(userdb->override_fields_tmpl, request); auth_fields_snapshot(request->userdb_reply); } else { /* this userdb lookup failed, remove any extra fields @@ -1129,7 +1129,7 @@ } if (request->userdb_success) - userdb_template_export(userdb->userdb->override_fields_tmpl, request); + userdb_template_export(userdb->override_fields_tmpl, request); else if (request->userdbs_seen_internal_failure || result == USERDB_RESULT_INTERNAL_FAILURE) { /* one of the userdb lookups failed. the user might have been @@ -1181,7 +1181,7 @@ /* we still want to set default_fields. these override any existing fields set by previous userdbs (because if that is unwanted, ":protected" can be used). */ - userdb_template_export(userdb->userdb->default_fields_tmpl, request); + userdb_template_export(userdb->default_fields_tmpl, request); } /* (for now) auth_cache is shared between passdb and userdb */ @@ -1604,10 +1604,8 @@ void auth_request_init_userdb_reply(struct auth_request *request) { - struct userdb_module *module = request->userdb->userdb; - request->userdb_reply = auth_fields_init(request->pool); - userdb_template_export(module->default_fields_tmpl, request); + userdb_template_export(request->userdb->default_fields_tmpl, request); } static void auth_request_set_uidgid_file(struct auth_request *request,
--- a/src/auth/auth.c Thu Feb 11 13:21:18 2016 +0200 +++ b/src/auth/auth.c Thu Feb 11 13:25:28 2016 +0200 @@ -7,6 +7,8 @@ #include "mech.h" #include "userdb.h" #include "passdb.h" +#include "passdb-template.h" +#include "userdb-template.h" #include "auth.h" static const struct auth_userdb_settings userdb_dummy_set = { @@ -79,6 +81,11 @@ auth_passdb->result_internalfail = auth_db_rule_parse(set->result_internalfail); + auth_passdb->default_fields_tmpl = + passdb_template_build(auth->pool, set->default_fields); + auth_passdb->override_fields_tmpl = + passdb_template_build(auth->pool, set->override_fields); + /* for backwards compatibility: */ if (set->pass) auth_passdb->result_success = AUTH_DB_RULE_CONTINUE; @@ -108,6 +115,13 @@ auth_userdb->result_internalfail = auth_db_rule_parse(set->result_internalfail); + auth_userdb->default_fields_tmpl = + userdb_template_build(auth->pool, set->driver, + set->default_fields); + auth_userdb->override_fields_tmpl = + userdb_template_build(auth->pool, set->driver, + set->override_fields); + for (dest = &auth->userdbs; *dest != NULL; dest = &(*dest)->next) ; *dest = auth_userdb;
--- a/src/auth/auth.h Thu Feb 11 13:21:18 2016 +0200 +++ b/src/auth/auth.h Thu Feb 11 13:25:28 2016 +0200 @@ -35,6 +35,9 @@ /* The caching key for this passdb, or NULL if caching isn't wanted. */ const char *cache_key; + struct passdb_template *default_fields_tmpl; + struct passdb_template *override_fields_tmpl; + enum auth_passdb_skip skip; enum auth_db_rule result_success; enum auth_db_rule result_failure; @@ -50,6 +53,9 @@ /* The caching key for this userdb, or NULL if caching isn't wanted. */ const char *cache_key; + struct userdb_template *default_fields_tmpl; + struct userdb_template *override_fields_tmpl; + enum auth_userdb_skip skip; enum auth_db_rule result_success; enum auth_db_rule result_failure;
--- a/src/auth/passdb.c Thu Feb 11 13:21:18 2016 +0200 +++ b/src/auth/passdb.c Thu Feb 11 13:25:28 2016 +0200 @@ -4,10 +4,8 @@ #include "array.h" #include "password-scheme.h" #include "auth-worker-server.h" -#include "passdb-template.h" #include "passdb.h" - static ARRAY(struct passdb_module_interface *) passdb_interfaces; static ARRAY(struct passdb_module *) passdb_modules; @@ -223,11 +221,6 @@ passdb->iface = *iface; passdb->args = p_strdup(pool, set->args); - passdb->default_fields_tmpl = - passdb_template_build(pool, set->default_fields); - passdb->override_fields_tmpl = - passdb_template_build(pool, set->override_fields); - array_append(&passdb_modules, &passdb, 1); return passdb; }
--- a/src/auth/passdb.h Thu Feb 11 13:21:18 2016 +0200 +++ b/src/auth/passdb.h Thu Feb 11 13:25:28 2016 +0200 @@ -70,8 +70,9 @@ /* number of time init() has been called */ int init_refcount; - struct passdb_template *default_fields_tmpl; - struct passdb_template *override_fields_tmpl; + /* WARNING: avoid adding anything here that isn't based on args. + if you do, you need to change passdb.c:passdb_find() also to avoid + accidentally merging wrong passdbs. */ struct passdb_module_interface iface; };
--- a/src/auth/userdb.c Thu Feb 11 13:21:18 2016 +0200 +++ b/src/auth/userdb.c Thu Feb 11 13:25:28 2016 +0200 @@ -4,10 +4,8 @@ #include "array.h" #include "ipwd.h" #include "auth-worker-server.h" -#include "userdb-template.h" #include "userdb.h" - static ARRAY(struct userdb_module_interface *) userdb_interfaces; static ARRAY(struct userdb_module *) userdb_modules; @@ -165,13 +163,6 @@ userdb->iface = iface; userdb->args = p_strdup(pool, set->args); - userdb->default_fields_tmpl = - userdb_template_build(pool, set->driver, - set->default_fields); - userdb->override_fields_tmpl = - userdb_template_build(pool, set->driver, - set->override_fields); - array_append(&userdb_modules, &userdb, 1); return userdb; }
--- a/src/auth/userdb.h Thu Feb 11 13:21:18 2016 +0200 +++ b/src/auth/userdb.h Thu Feb 11 13:25:28 2016 +0200 @@ -36,8 +36,9 @@ /* number of time init() has been called */ int init_refcount; - struct userdb_template *default_fields_tmpl; - struct userdb_template *override_fields_tmpl; + /* WARNING: avoid adding anything here that isn't based on args. + if you do, you need to change userdb.c:userdb_find() also to avoid + accidentally merging wrong userdbs. */ const struct userdb_module_interface *iface; };