Mercurial > dovecot > core-2.2
changeset 9846:cf27080f3fcf HEAD
config: Removed auth sections completely for now.
They might come back in some other more generic form.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 31 Aug 2009 17:21:37 -0400 |
parents | f5dcc960ab7a |
children | ecb05365f520 |
files | doc/example-config/conf.d/auth.conf src/auth/auth-settings.c src/auth/auth-settings.h src/auth/main.c src/config/config-parser.c |
diffstat | 5 files changed, 226 insertions(+), 347 deletions(-) [+] |
line wrap: on
line diff
--- a/doc/example-config/conf.d/auth.conf Mon Aug 31 17:19:56 2009 -0400 +++ b/doc/example-config/conf.d/auth.conf Mon Aug 31 17:21:37 2009 -0400 @@ -76,230 +76,223 @@ # Number of seconds to delay before replying to failed authentications. #auth_failure_delay = 2 -auth default { - # Space separated list of wanted authentication mechanisms: - # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey - # gss-spnego - # NOTE: See also disable_plaintext_auth setting. - auth_mechanisms = plain +# Require a valid SSL client certificate or the authentication fails. +#auth_ssl_require_client_cert = no + +# Take the username from client's SSL certificate, using +# X509_NAME_get_text_by_NID() which returns the subject's DN's +# CommonName. +#auth_ssl_username_from_cert = no - # - # Password database is used to verify user's password (and nothing more). - # You can have multiple passdbs and userdbs. This is useful if you want to - # allow both system users (/etc/passwd) and virtual users to login without - # duplicating the system users into virtual database. - # - # <doc/wiki/PasswordDatabase.txt> - # - # By adding master=yes setting inside a passdb you make the passdb a list - # of "master users", who can log in as anyone else. Unless you're using PAM, - # you probably still want the destination user to be looked up from passdb - # that it really exists. This can be done by adding pass=yes setting to the - # master passdb. <doc/wiki/Authentication.MasterUsers.txt> +# Space separated list of wanted authentication mechanisms: +# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey +# gss-spnego +# NOTE: See also disable_plaintext_auth setting. +auth_mechanisms = plain - # Users can be temporarily disabled by adding a passdb with deny=yes. - # If the user is found from that database, authentication will fail. - # The deny passdb should always be specified before others, so it gets - # checked first. Here's an example: - - #passdb passwd-file { - # File contains a list of usernames, one per line - #args = /etc/dovecot.deny - #deny = yes - #} +## +## Password databases +## - # PAM authentication. Preferred nowadays by most systems. - # Note that PAM can only be used to verify if user's password is correct, - # so it can't be used as userdb. If you don't want to use a separate user - # database (passwd usually), you can use static userdb. - # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM - # authentication to actually work. <doc/wiki/PasswordDatabase.PAM.txt> - passdb pam { - # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>] - # [cache_key=<key>] [<service name>] - # - # session=yes makes Dovecot open and immediately close PAM session. Some - # PAM plugins need this to work, such as pam_mkhomedir. - # - # setcred=yes makes Dovecot establish PAM credentials if some PAM plugins - # need that. They aren't ever deleted though, so this isn't enabled by - # default. - # - # max_requests specifies how many PAM lookups to do in one process before - # recreating the process. The default is 100, because many PAM plugins - # leak memory. - # - # cache_key can be used to enable authentication caching for PAM - # (auth_cache_size also needs to be set). It isn't enabled by default - # because PAM modules can do all kinds of checks besides checking password, - # such as checking IP address. Dovecot can't know about these checks - # without some help. cache_key is simply a list of variables (see - # doc/wiki/Variables.txt) which must match for the cached data to be used. - # Here are some examples: - # %u - Username must match. Probably sufficient for most uses. - # %u%r - Username and remote IP address must match. - # %u%s - Username and service (ie. IMAP, POP3) must match. - # - # The service name can contain variables, for example %Ls expands to - # pop3 or imap. - # - # Some examples: - # args = session=yes %Ls - # args = cache_key=%u dovecot - #args = dovecot - } +# +# Password database is used to verify user's password (and nothing more). +# You can have multiple passdbs and userdbs. This is useful if you want to +# allow both system users (/etc/passwd) and virtual users to login without +# duplicating the system users into virtual database. +# +# <doc/wiki/PasswordDatabase.txt> +# +# By adding master=yes setting inside a passdb you make the passdb a list +# of "master users", who can log in as anyone else. Unless you're using PAM, +# you probably still want the destination user to be looked up from passdb +# that it really exists. This can be done by adding pass=yes setting to the +# master passdb. <doc/wiki/Authentication.MasterUsers.txt> - # System users (NSS, /etc/passwd, or similiar) - # In many systems nowadays this uses Name Service Switch, which is - # configured in /etc/nsswitch.conf. <doc/wiki/AuthDatabase.Passwd.txt> - #passdb passwd { - # [blocking=yes] - See userdb passwd for explanation - #args = - #} - - # Shadow passwords for system users (NSS, /etc/shadow or similiar). - # Deprecated by PAM nowadays. - # <doc/wiki/PasswordDatabase.Shadow.txt> - #passdb shadow { - # [blocking=yes] - See userdb passwd for explanation - #args = - #} - - # PAM-like authentication for OpenBSD. - # <doc/wiki/PasswordDatabase.BSDAuth.txt> - #passdb bsdauth { - # [cache_key=<key>] - See cache_key in PAM for explanation. - #args = - #} - - # passwd-like file with specified location - # <doc/wiki/AuthDatabase.PasswdFile.txt> - #passdb passwd-file { - # [scheme=<default password scheme>] [username_format=<format>] - # <Path for passwd-file> - #args = - #} +# Users can be temporarily disabled by adding a passdb with deny=yes. +# If the user is found from that database, authentication will fail. +# The deny passdb should always be specified before others, so it gets +# checked first. Here's an example: - # checkpassword executable authentication - # NOTE: You will probably want to use "userdb prefetch" with this. - # <doc/wiki/AuthDatabase.CheckPassword.txt> - #passdb checkpassword { - # Path for checkpassword binary - #args = - #} - - # SQL database <doc/wiki/AuthDatabase.SQL.txt> - #passdb sql { - # Path for SQL configuration file, see doc/dovecot-sql-example.conf - #args = - #} - - # LDAP database <doc/wiki/AuthDatabase.LDAP.txt> - #passdb ldap { - # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf - #args = - #} - - # vpopmail authentication <doc/wiki/AuthDatabase.VPopMail.txt> - #passdb vpopmail { - # [cache_key=<key>] - See cache_key in PAM for explanation. - # [quota_template=<template>] - %q expands to Maildir++ quota - # (eg. quota_template=quota_rule=*:backend=%q) - #args = - #} - - # - # User database specifies where mails are located and what user/group IDs - # own them. For single-UID configuration use "static". - # - # <doc/wiki/UserDatabase.txt> - # - - # "prefetch" user database means that the passdb already provided the - # needed information and there's no need to do a separate userdb lookup. - # This can be made to work with SQL and LDAP databases, see their example - # configuration files for more information how to do it. - # <doc/wiki/UserDatabase.Prefetch.txt> - #userdb prefetch { - #} - - # System users (NSS, /etc/passwd, or similiar). In many systems nowadays this - # uses Name Service Switch, which is configured in /etc/nsswitch.conf. - # <doc/wiki/AuthDatabase.Passwd.txt> - userdb passwd { - # [blocking=yes] - By default the lookups are done in the main dovecot-auth - # process. This setting causes the lookups to be done in auth worker - # proceses. Useful with remote NSS lookups that may block. - # NOTE: Be sure to use this setting with nss_ldap or users might get - # logged in as each others! - #args = - } +#passdb passwd-file { + # File contains a list of usernames, one per line + #args = /etc/dovecot.deny + #deny = yes +#} - # passwd-like file with specified location - # <doc/wiki/AuthDatabase.PasswdFile.txt> - #userdb passwd-file { - # [username_format=<format>] <Path for passwd-file> - #args = - #} - - # checkpassword executable user database lookup - # <doc/wiki/AuthDatabase.CheckPassword.txt> - #userdb checkpassword { - # Path for checkpassword binary - #args = - #} - - # static settings generated from template <doc/wiki/UserDatabase.Static.txt> - #userdb static { - # Template for the fields. Can return anything a userdb could normally - # return. For example: - # - # args = uid=500 gid=500 home=/var/mail/%u - # - # If you use deliver, it needs to look up users only from the userdb. This - # of course doesn't work with static because there is no list of users. - # Normally static userdb handles this by doing a passdb lookup. This works - # with most passdbs, with PAM being the most notable exception. If you do - # the user verification another way, you can add allow_all_users=yes to - # the args in which case the passdb lookup is skipped. - # - #args = - #} - - # SQL database <doc/wiki/AuthDatabase.SQL.txt> - #userdb sql { - # Path for SQL configuration file, see doc/dovecot-sql-example.conf - #args = - #} - - # LDAP database <doc/wiki/AuthDatabase.LDAP.txt> - #userdb ldap { - # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf - #args = - #} - - # vpopmail <doc/wiki/AuthDatabase.VPopMail.txt> - #userdb vpopmail { - #} - - # Require a valid SSL client certificate or the authentication fails. - #auth_ssl_require_client_cert = no - - # Take the username from client's SSL certificate, using - # X509_NAME_get_text_by_NID() which returns the subject's DN's - # CommonName. - #auth_ssl_username_from_cert = no +# PAM authentication. Preferred nowadays by most systems. +# Note that PAM can only be used to verify if user's password is correct, +# so it can't be used as userdb. If you don't want to use a separate user +# database (passwd usually), you can use static userdb. +# REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM +# authentication to actually work. <doc/wiki/PasswordDatabase.PAM.txt> +passdb pam { + # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>] + # [cache_key=<key>] [<service name>] + # + # session=yes makes Dovecot open and immediately close PAM session. Some + # PAM plugins need this to work, such as pam_mkhomedir. + # + # setcred=yes makes Dovecot establish PAM credentials if some PAM plugins + # need that. They aren't ever deleted though, so this isn't enabled by + # default. + # + # max_requests specifies how many PAM lookups to do in one process before + # recreating the process. The default is 100, because many PAM plugins + # leak memory. + # + # cache_key can be used to enable authentication caching for PAM + # (auth_cache_size also needs to be set). It isn't enabled by default + # because PAM modules can do all kinds of checks besides checking password, + # such as checking IP address. Dovecot can't know about these checks + # without some help. cache_key is simply a list of variables (see + # doc/wiki/Variables.txt) which must match for the cached data to be used. + # Here are some examples: + # %u - Username must match. Probably sufficient for most uses. + # %u%r - Username and remote IP address must match. + # %u%s - Username and service (ie. IMAP, POP3) must match. + # + # The service name can contain variables, for example %Ls expands to + # pop3 or imap. + # + # Some examples: + # args = session=yes %Ls + # args = cache_key=%u dovecot + #args = dovecot } -# If you wish to use another authentication server than dovecot-auth, you can -# use connect sockets. They are assumed to be already running, Dovecot's master -# process only tries to connect to them. They don't need any other settings -# than the path for the master socket, as the configuration is done elsewhere. -# Note that the client sockets must exist in the login_dir. -#auth external { -# socket connect { -# master { -# path = /var/run/dovecot/auth-master -# } -# } +# System users (NSS, /etc/passwd, or similiar) +# In many systems nowadays this uses Name Service Switch, which is +# configured in /etc/nsswitch.conf. <doc/wiki/AuthDatabase.Passwd.txt> +#passdb passwd { + # [blocking=yes] - See userdb passwd for explanation + #args = +#} + +# Shadow passwords for system users (NSS, /etc/shadow or similiar). +# Deprecated by PAM nowadays. +# <doc/wiki/PasswordDatabase.Shadow.txt> +#passdb shadow { + # [blocking=yes] - See userdb passwd for explanation + #args = +#} + +# PAM-like authentication for OpenBSD. +# <doc/wiki/PasswordDatabase.BSDAuth.txt> +#passdb bsdauth { + # [cache_key=<key>] - See cache_key in PAM for explanation. + #args = +#} + +# passwd-like file with specified location +# <doc/wiki/AuthDatabase.PasswdFile.txt> +#passdb passwd-file { + # [scheme=<default password scheme>] [username_format=<format>] + # <Path for passwd-file> + #args = +#} + +# checkpassword executable authentication +# NOTE: You will probably want to use "userdb prefetch" with this. +# <doc/wiki/AuthDatabase.CheckPassword.txt> +#passdb checkpassword { + # Path for checkpassword binary + #args = +#} + +# SQL database <doc/wiki/AuthDatabase.SQL.txt> +#passdb sql { + # Path for SQL configuration file, see doc/dovecot-sql-example.conf + #args = +#} + +# LDAP database <doc/wiki/AuthDatabase.LDAP.txt> +#passdb ldap { + # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf + #args = +#} + +# vpopmail authentication <doc/wiki/AuthDatabase.VPopMail.txt> +#passdb vpopmail { + # [cache_key=<key>] - See cache_key in PAM for explanation. + # [quota_template=<template>] - %q expands to Maildir++ quota + # (eg. quota_template=quota_rule=*:backend=%q) + #args = #} + +## +## User databases +## + +# +# User database specifies where mails are located and what user/group IDs +# own them. For single-UID configuration use "static". +# +# <doc/wiki/UserDatabase.txt> +# + +# "prefetch" user database means that the passdb already provided the +# needed information and there's no need to do a separate userdb lookup. +# This can be made to work with SQL and LDAP databases, see their example +# configuration files for more information how to do it. +# <doc/wiki/UserDatabase.Prefetch.txt> +#userdb prefetch { +#} + +# System users (NSS, /etc/passwd, or similiar). In many systems nowadays this +# uses Name Service Switch, which is configured in /etc/nsswitch.conf. +# <doc/wiki/AuthDatabase.Passwd.txt> +userdb passwd { + # [blocking=yes] - By default the lookups are done in the main dovecot-auth + # process. This setting causes the lookups to be done in auth worker + # proceses. Useful with remote NSS lookups that may block. + # NOTE: Be sure to use this setting with nss_ldap or users might get + # logged in as each others! + #args = +} + +# passwd-like file with specified location +# <doc/wiki/AuthDatabase.PasswdFile.txt> +#userdb passwd-file { + # [username_format=<format>] <Path for passwd-file> + #args = +#} + +# checkpassword executable user database lookup +# <doc/wiki/AuthDatabase.CheckPassword.txt> +#userdb checkpassword { + # Path for checkpassword binary + #args = +#} + +# static settings generated from template <doc/wiki/UserDatabase.Static.txt> +#userdb static { + # Template for the fields. Can return anything a userdb could normally + # return. For example: + # + # args = uid=500 gid=500 home=/var/mail/%u + # + # If you use deliver, it needs to look up users only from the userdb. This + # of course doesn't work with static because there is no list of users. + # Normally static userdb handles this by doing a passdb lookup. This works + # with most passdbs, with PAM being the most notable exception. If you do + # the user verification another way, you can add allow_all_users=yes to + # the args in which case the passdb lookup is skipped. + # + #args = +#} + +# SQL database <doc/wiki/AuthDatabase.SQL.txt> +#userdb sql { + # Path for SQL configuration file, see doc/dovecot-sql-example.conf + #args = +#} + +# LDAP database <doc/wiki/AuthDatabase.LDAP.txt> +#userdb ldap { + # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf + #args = +#} + +# vpopmail <doc/wiki/AuthDatabase.VPopMail.txt> +#userdb vpopmail { +#}
--- a/src/auth/auth-settings.c Mon Aug 31 17:19:56 2009 -0400 +++ b/src/auth/auth-settings.c Mon Aug 31 17:21:37 2009 -0400 @@ -69,7 +69,6 @@ { SET_DEFLIST, name, offsetof(struct auth_settings, field), defines } static struct setting_define auth_setting_defines[] = { - { SET_STR, "name", offsetof(struct auth_settings, name), NULL }, DEF(SET_STR, mechanisms), DEF(SET_STR, realms), DEF(SET_STR, default_realm), @@ -102,9 +101,6 @@ }; static struct auth_settings auth_default_settings = { - MEMBER(name) NULL, - MEMBER(root) NULL, - MEMBER(mechanisms) "plain", MEMBER(realms) "", MEMBER(default_realm) "", @@ -138,47 +134,18 @@ MEMBER(defines) auth_setting_defines, MEMBER(defaults) &auth_default_settings, - MEMBER(parent) &auth_root_setting_parser_info, - MEMBER(dynamic_parsers) NULL, - - MEMBER(parent_offset) offsetof(struct auth_settings, root), - MEMBER(type_offset) offsetof(struct auth_settings, name), - MEMBER(struct_size) sizeof(struct auth_settings), - MEMBER(check_func) auth_settings_check -}; - -#undef DEF -#undef DEFLIST -#define DEF(type, name) \ - { type, #name, offsetof(struct auth_root_settings, name), NULL } -#define DEFLIST(field, name, defines) \ - { SET_DEFLIST, name, offsetof(struct auth_root_settings, field), defines } - -static struct setting_define auth_root_setting_defines[] = { - DEFLIST(auths, "auth", &auth_setting_parser_info), - - SETTING_DEFINE_LIST_END -}; - -static struct auth_root_settings auth_root_default_settings = { - MEMBER(auths) ARRAY_INIT -}; - -struct setting_parser_info auth_root_setting_parser_info = { - MEMBER(defines) auth_root_setting_defines, - MEMBER(defaults) &auth_root_default_settings, - MEMBER(parent) NULL, MEMBER(dynamic_parsers) NULL, MEMBER(parent_offset) (size_t)-1, MEMBER(type_offset) (size_t)-1, - MEMBER(struct_size) sizeof(struct auth_root_settings) + MEMBER(struct_size) sizeof(struct auth_settings), + MEMBER(check_func) auth_settings_check }; /* <settings checks> */ static bool auth_settings_check(void *_set, pool_t pool ATTR_UNUSED, - const char **error_r) + const char **error_r ATTR_UNUSED) { struct auth_settings *set = _set; @@ -186,40 +153,23 @@ set->debug = TRUE; if (set->debug) set->verbose = TRUE; - - if (set->name == NULL) { - *error_r = "auth section is missing name"; - return FALSE; - } return TRUE; } /* </settings checks> */ struct auth_settings * -auth_settings_read(struct master_service *service, const char *name) +auth_settings_read(struct master_service *service) { static const struct setting_parser_info *set_roots[] = { - &auth_root_setting_parser_info, + &auth_setting_parser_info, NULL }; const char *error; void **sets; - struct auth_settings *const *auths; - struct auth_root_settings *set; - unsigned int i, count; if (master_service_settings_read_simple(service, set_roots, &error) < 0) i_fatal("Error reading configuration: %s", error); sets = master_service_settings_get_others(service); - set = sets[0]; - - if (array_is_created(&set->auths)) { - auths = array_get(&set->auths, &count); - for (i = 0; i < count; i++) { - if (strcmp(auths[i]->name, name) == 0) - return auths[i]; - } - } - i_fatal("Error reading configuration: No auth section: %s", name); + return sets[0]; }
--- a/src/auth/auth-settings.h Mon Aug 31 17:19:56 2009 -0400 +++ b/src/auth/auth-settings.h Mon Aug 31 17:21:37 2009 -0400 @@ -17,9 +17,6 @@ }; struct auth_settings { - const char *name; - struct auth_root_settings *root; - const char *mechanisms; const char *realms; const char *default_realm; @@ -47,11 +44,6 @@ ARRAY_DEFINE(userdbs, struct auth_userdb_settings *); }; -struct auth_root_settings { - ARRAY_DEFINE(auths, struct auth_settings *); -}; - -struct auth_settings * -auth_settings_read(struct master_service *service, const char *name); +struct auth_settings *auth_settings_read(struct master_service *service); #endif
--- a/src/auth/main.c Mon Aug 31 17:19:56 2009 -0400 +++ b/src/auth/main.c Mon Aug 31 17:21:37 2009 -0400 @@ -164,7 +164,7 @@ int main(int argc, char *argv[]) { - const char *getopt_str, *auth_name = "default"; + const char *getopt_str; int c; master_service = master_service_init("auth", 0, argc, argv); @@ -173,9 +173,6 @@ getopt_str = t_strconcat("w", master_service_getopt_string(), NULL); while ((c = getopt(argc, argv, getopt_str)) > 0) { switch (c) { - case 'a': - auth_name = optarg; - break; case 'w': worker = TRUE; break; @@ -187,7 +184,7 @@ } } - main_preinit(auth_settings_read(master_service, auth_name)); + main_preinit(auth_settings_read(master_service)); master_service_init_finish(master_service); main_init();
--- a/src/config/config-parser.c Mon Aug 31 17:19:56 2009 -0400 +++ b/src/config/config-parser.c Mon Aug 31 17:21:37 2009 -0400 @@ -494,12 +494,11 @@ enum settings_parser_flags parser_flags = SETTINGS_PARSER_FLAG_IGNORE_UNKNOWN_KEYS; struct input_stack root; - ARRAY_TYPE(const_string) auth_defaults; struct config_setting_parser_list *const *parsers; struct parser_context ctx; unsigned int pathlen = 0; - unsigned int i, count, counter = 0, auth_counter = 0, cur_counter; - const char *errormsg, *key, *value, *section, *p; + unsigned int i, count, counter = 0, cur_counter; + const char *errormsg, *key, *value, *section; string_t *str, *full_line; enum config_line_type type; char *line; @@ -526,18 +525,12 @@ parser_flags); } - t_array_init(&auth_defaults, 32); t_array_init(&ctx.cur_parsers, 128); p_array_init(&ctx.all_parsers, ctx.pool, 128); ctx.cur_filter = p_new(ctx.pool, struct config_filter_stack, 1); config_add_new_parser(&ctx); parsers = config_update_cur_parsers(&ctx); - (void)config_apply_line(parsers, "0", "auth=0", NULL, &errormsg); - i_assert(errormsg == NULL); - (void)config_apply_line(parsers, "name", "auth/0/name=default", NULL, &errormsg); - i_assert(errormsg == NULL); - memset(&root, 0, sizeof(root)); root.path = path; ctx.cur_input = &root; @@ -569,25 +562,7 @@ /* file reading failed */ break; } - - if (config_apply_line(parsers, key, str_c(str), NULL, &errormsg) < 0 && - pathlen == 0 && strncmp(str_c(str), "auth_", 5) == 0) { - /* get auth_* settings working outside auth - sections. we'll verify that the setting is - valid, but delay actually adding it */ - const char *s = t_strdup(str_c(str)); - - str_truncate(str, 0); - str_printfa(str, "auth/0/%s=", key); - if (*value != '<' || !expand_files) - str_append(str, value); - else - str_append_file(str, key, value+1, &errormsg); - - if (config_apply_line(parsers, key, str_c(str), NULL, &errormsg) < 0) - break; - array_append(&auth_defaults, &s, 1); - } + (void)config_apply_line(parsers, key, str_c(str), NULL, &errormsg); break; case CONFIG_LINE_TYPE_SECTION_BEGIN: config_add_new_filter(&ctx); @@ -613,47 +588,19 @@ str_truncate(str, pathlen); str_append(str, key); pathlen = str_len(str); - - if (strcmp(key, "auth") == 0) { - cur_counter = auth_counter++; - if (cur_counter == 0 && strcmp(section, "default") != 0) - cur_counter = auth_counter++; - } else { - cur_counter = counter++; - } + cur_counter = counter++; str_append_c(str, '='); str_printfa(str, "%u", cur_counter); - if (cur_counter == 0 && strcmp(key, "auth") == 0) { - /* already added this */ - } else { - if (config_apply_line(parsers, key, str_c(str), section, &errormsg) < 0) - break; - } + if (config_apply_line(parsers, key, str_c(str), section, &errormsg) < 0) + break; str_truncate(str, pathlen); str_append_c(str, SETTINGS_SEPARATOR); str_printfa(str, "%u", cur_counter); str_append_c(str, SETTINGS_SEPARATOR); pathlen = str_len(str); - - if (strcmp(key, "auth") == 0) { - /* add auth default settings */ - const char *const *lines; - unsigned int i, count; - - lines = array_get(&auth_defaults, &count); - for (i = 0; i < count; i++) { - str_truncate(str, pathlen); - - p = strchr(lines[i], '='); - str_append(str, lines[i]); - - if (config_apply_line(parsers, t_strdup_until(lines[i], p), str_c(str), NULL, &errormsg) < 0) - i_unreached(); - } - } } break; case CONFIG_LINE_TYPE_SECTION_END: