Mercurial > dovecot > core-2.2
changeset 16909:9ef23179892a
auth: Added %{session_pid} variable for userdb lookups in login requests.
session_pid is now always sent to auth process. A new request_auth_token
parameter was added to specify if auth_token should be returned or not.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 02 Nov 2013 13:52:30 +0200 |
parents | 58dfed53ab43 |
children | dbe7c5a0021e |
files | src/auth/auth-request-handler.c src/auth/auth-request.c src/auth/auth-request.h src/lib-master/master-login-auth.c |
diffstat | 4 files changed, 12 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-request-handler.c Sat Nov 02 13:34:17 2013 +0200 +++ b/src/auth/auth-request-handler.c Sat Nov 02 13:52:30 2013 +0200 @@ -669,7 +669,8 @@ str_append(str, "\tanonymous"); } /* generate auth_token when master service provided session_pid */ - if (request->session_pid != (pid_t)-1) { + if (request->request_auth_token && + request->session_pid != (pid_t)-1) { const char *auth_token = auth_token_get(request->service, dec2str(request->session_pid),
--- a/src/auth/auth-request.c Sat Nov 02 13:34:17 2013 +0200 +++ b/src/auth/auth-request.c Sat Nov 02 13:52:30 2013 +0200 @@ -331,7 +331,9 @@ if (strcmp(key, "session_pid") == 0) { if (str_to_pid(value, &pid) == 0) request->session_pid = pid; - } else + } else if (strcmp(key, "request_auth_token") == 0) + request->request_auth_token = TRUE; + else return FALSE; return TRUE; } @@ -1950,6 +1952,7 @@ { '\0', NULL, "domain_first" }, { '\0', NULL, "domain_last" }, { '\0', NULL, "master_user" }, + { '\0', NULL, "session_pid" }, /* be sure to update AUTH_REQUEST_VAR_TAB_COUNT */ { '\0', NULL, NULL } }; @@ -2037,6 +2040,8 @@ tab[24].value = escape_func(tab[24].value+1, auth_request); tab[25].value = auth_request->master_user == NULL ? NULL : escape_func(auth_request->master_user, auth_request); + tab[26].value = auth_request->session_pid == (pid_t)-1 ? NULL : + dec2str(auth_request->session_pid); return ret_tab; }
--- a/src/auth/auth-request.h Sat Nov 02 13:34:17 2013 +0200 +++ b/src/auth/auth-request.h Sat Nov 02 13:52:30 2013 +0200 @@ -108,6 +108,7 @@ unsigned int no_penalty:1; unsigned int valid_client_cert:1; unsigned int cert_username:1; + unsigned int request_auth_token:1; /* success/failure states: */ unsigned int successful:1; @@ -143,7 +144,7 @@ #define AUTH_REQUEST_VAR_TAB_USER_IDX 0 #define AUTH_REQUEST_VAR_TAB_USERNAME_IDX 1 #define AUTH_REQUEST_VAR_TAB_DOMAIN_IDX 2 -#define AUTH_REQUEST_VAR_TAB_COUNT 26 +#define AUTH_REQUEST_VAR_TAB_COUNT 27 extern const struct var_expand_table auth_request_var_expand_static_tab[AUTH_REQUEST_VAR_TAB_COUNT+1];
--- a/src/lib-master/master-login-auth.c Sat Nov 02 13:34:17 2013 +0200 +++ b/src/lib-master/master-login-auth.c Sat Nov 02 13:52:30 2013 +0200 @@ -440,8 +440,9 @@ str_printfa(str, "REQUEST\t%u\t%u\t%u\t", req->id, req->client_pid, req->auth_id); binary_to_hex_append(str, req->cookie, sizeof(req->cookie)); + str_printfa(str, "\tsession_pid=%s", my_pid); if (auth->request_auth_token) - str_printfa(str, "\tsession_pid=%s", my_pid); + str_append(str, "\trequest_auth_token"); str_append_c(str, '\n'); o_stream_nsend(auth->output, str_data(str), str_len(str)); }