Mercurial > dovecot > core-2.2
changeset 10310:9bec70f26637 HEAD
auth: Connect to anvil-auth-penalty before dropping root privileges.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Wed, 11 Nov 2009 13:55:49 -0500 |
parents | 49d92c3fa17a |
children | 75b48fa3aec4 |
files | src/auth/auth-request-handler.c src/auth/auth.c src/auth/auth.h |
diffstat | 3 files changed, 11 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-request-handler.c Wed Nov 11 12:51:10 2009 -0500 +++ b/src/auth/auth-request-handler.c Wed Nov 11 13:55:49 2009 -0500 @@ -16,13 +16,11 @@ #include <stdlib.h> #define AUTH_FAILURE_DELAY_CHECK_MSECS 500 -#define AUTH_PENALTY_ANVIL_PATH "anvil-auth-penalty" struct auth_request_handler { int refcount; pool_t pool; struct hash_table *requests; - struct auth_penalty *penalty; struct auth *auth; unsigned int connect_uid, client_pid; @@ -58,7 +56,6 @@ handler->callback = callback; handler->context = context; handler->master_callback = master_callback; - handler->penalty = auth_penalty_init(AUTH_PENALTY_ANVIL_PATH); return handler; } @@ -84,7 +81,6 @@ /* notify parent that we're done with all requests */ handler->callback(NULL, handler->context); - auth_penalty_deinit(&handler->penalty); hash_table_destroy(&handler->requests); pool_unref(&handler->pool); } @@ -193,7 +189,7 @@ request->delayed_failure = TRUE; handler->refcount++; - auth_penalty_update(handler->penalty, request, + auth_penalty_update(request->auth->penalty, request, request->last_penalty + 1); request->last_access = ioloop_time; @@ -231,7 +227,7 @@ if (request->last_penalty != 0) { /* reset penalty */ - auth_penalty_update(handler->penalty, request, 0); + auth_penalty_update(request->auth->penalty, request, 0); } auth_stream_reply_add(reply, "OK", NULL); @@ -421,7 +417,8 @@ handler->refcount++; /* before we start authenticating, see if we need to wait first */ - auth_penalty_lookup(handler->penalty, request, auth_penalty_callback); + auth_penalty_lookup(request->auth->penalty, request, + auth_penalty_callback); return TRUE; }
--- a/src/auth/auth.c Wed Nov 11 12:51:10 2009 -0500 +++ b/src/auth/auth.c Wed Nov 11 13:55:49 2009 -0500 @@ -10,11 +10,14 @@ #include "passdb.h" #include "passdb-cache.h" #include "auth.h" +#include "auth-penalty.h" #include "auth-request-handler.h" #include <stdlib.h> #include <unistd.h> +#define AUTH_PENALTY_ANVIL_PATH "anvil-auth-penalty" + struct auth_userdb_settings userdb_dummy_set = { MEMBER(driver) "static", MEMBER(args) "" @@ -255,6 +258,8 @@ for (; *p != '\0' && p[1] != '\0'; p += 2) auth->username_translation[(int)(uint8_t)*p] = p[1]; } + + auth->penalty = auth_penalty_init(AUTH_PENALTY_ANVIL_PATH); } void auth_deinit(struct auth **_auth) @@ -275,5 +280,6 @@ auth_request_handler_deinit(); passdb_cache_deinit(); + auth_penalty_deinit(&auth->penalty); pool_unref(&auth->pool); }
--- a/src/auth/auth.h Wed Nov 11 12:51:10 2009 -0500 +++ b/src/auth/auth.h Wed Nov 11 13:55:49 2009 -0500 @@ -39,6 +39,7 @@ struct auth_passdb *masterdbs; struct auth_passdb *passdbs; struct auth_userdb *userdbs; + struct auth_penalty *penalty; const char *const *auth_realms; char username_chars[256];