Mercurial > dovecot > core-2.2

changeset 10310:9bec70f26637 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
auth: Connect to anvil-auth-penalty before dropping root privileges.
author Timo Sirainen <tss@iki.fi>
date Wed, 11 Nov 2009 13:55:49 -0500
parents 49d92c3fa17a
children 75b48fa3aec4
files src/auth/auth-request-handler.c src/auth/auth.c src/auth/auth.h
diffstat 3 files changed, 11 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/src/auth/auth-request-handler.c	Wed Nov 11 12:51:10 2009 -0500
+++ b/src/auth/auth-request-handler.c	Wed Nov 11 13:55:49 2009 -0500
@@ -16,13 +16,11 @@
 #include <stdlib.h>
 
 #define AUTH_FAILURE_DELAY_CHECK_MSECS 500
-#define AUTH_PENALTY_ANVIL_PATH "anvil-auth-penalty"
 
 struct auth_request_handler {
 	int refcount;
 	pool_t pool;
 	struct hash_table *requests;
-	struct auth_penalty *penalty;
 
         struct auth *auth;
         unsigned int connect_uid, client_pid;
@@ -58,7 +56,6 @@
 	handler->callback = callback;
 	handler->context = context;
 	handler->master_callback = master_callback;
-	handler->penalty = auth_penalty_init(AUTH_PENALTY_ANVIL_PATH);
 	return handler;
 }
 
@@ -84,7 +81,6 @@
 	/* notify parent that we're done with all requests */
 	handler->callback(NULL, handler->context);
 
-	auth_penalty_deinit(&handler->penalty);
 	hash_table_destroy(&handler->requests);
 	pool_unref(&handler->pool);
 }
@@ -193,7 +189,7 @@
 	request->delayed_failure = TRUE;
 	handler->refcount++;
 
-	auth_penalty_update(handler->penalty, request,
+	auth_penalty_update(request->auth->penalty, request,
 			    request->last_penalty + 1);
 
 	request->last_access = ioloop_time;
@@ -231,7 +227,7 @@
 
 		if (request->last_penalty != 0) {
 			/* reset penalty */
-			auth_penalty_update(handler->penalty, request, 0);
+			auth_penalty_update(request->auth->penalty, request, 0);
 		}
 
 		auth_stream_reply_add(reply, "OK", NULL);
@@ -421,7 +417,8 @@
 	handler->refcount++;
 
 	/* before we start authenticating, see if we need to wait first */
-	auth_penalty_lookup(handler->penalty, request, auth_penalty_callback);
+	auth_penalty_lookup(request->auth->penalty, request,
+			    auth_penalty_callback);
 	return TRUE;
 }
 
--- a/src/auth/auth.c	Wed Nov 11 12:51:10 2009 -0500
+++ b/src/auth/auth.c	Wed Nov 11 13:55:49 2009 -0500
@@ -10,11 +10,14 @@
 #include "passdb.h"
 #include "passdb-cache.h"
 #include "auth.h"
+#include "auth-penalty.h"
 #include "auth-request-handler.h"
 
 #include <stdlib.h>
 #include <unistd.h>
 
+#define AUTH_PENALTY_ANVIL_PATH "anvil-auth-penalty"
+
 struct auth_userdb_settings userdb_dummy_set = {
 	MEMBER(driver) "static",
 	MEMBER(args) ""
@@ -255,6 +258,8 @@
 		for (; *p != '\0' && p[1] != '\0'; p += 2)
 			auth->username_translation[(int)(uint8_t)*p] = p[1];
 	}
+
+	auth->penalty = auth_penalty_init(AUTH_PENALTY_ANVIL_PATH);
 }
 
 void auth_deinit(struct auth **_auth)
@@ -275,5 +280,6 @@
 	auth_request_handler_deinit();
 	passdb_cache_deinit();
 
+	auth_penalty_deinit(&auth->penalty);
 	pool_unref(&auth->pool);
 }
--- a/src/auth/auth.h	Wed Nov 11 12:51:10 2009 -0500
+++ b/src/auth/auth.h	Wed Nov 11 13:55:49 2009 -0500
@@ -39,6 +39,7 @@
 	struct auth_passdb *masterdbs;
 	struct auth_passdb *passdbs;
 	struct auth_userdb *userdbs;
+	struct auth_penalty *penalty;
 
 	const char *const *auth_realms;
 	char username_chars[256];