Mercurial > dovecot > core-2.2
changeset 11454:df93f0c290ea HEAD
auth: Added passdb static.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Wed, 02 Jun 2010 16:08:07 +0100 |
parents | d8a801d2d3f1 |
children | 50a0c05fb4e7 |
files | configure.in doc/example-config/conf.d/10-auth.conf doc/example-config/conf.d/auth-static.conf.ext src/auth/Makefile.am src/auth/passdb-static.c src/auth/passdb.c |
diffstat | 6 files changed, 130 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/configure.in Wed Jun 02 15:50:37 2010 +0100 +++ b/configure.in Wed Jun 02 16:08:07 2010 +0100 @@ -1745,6 +1745,7 @@ not_userdb="" not_passdb="" +passdb="$passdb static" userdb="$userdb static" if test $want_prefetch_userdb != no; then
--- a/doc/example-config/conf.d/10-auth.conf Wed Jun 02 15:50:37 2010 +0100 +++ b/doc/example-config/conf.d/10-auth.conf Wed Jun 02 16:08:07 2010 +0100 @@ -116,3 +116,4 @@ #!include auth-passwdfile.conf.ext #!include auth-checkpassword.conf.ext #!include auth-vpopmail.conf.ext +#!include auth-static.conf.ext
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/doc/example-config/conf.d/auth-static.conf.ext Wed Jun 02 16:08:07 2010 +0100 @@ -0,0 +1,24 @@ +# Static passdb. Included from auth.conf. + +# This can be used for situations where Dovecot doesn't need to verify the +# username or the password, or if there is a single password for all users: +# +# - proxy frontend, where the backend verifies the password +# - proxy backend, where the frontend already verified the password +# - authentication with SSL certificates +# - simple testing + +#passdb { +# driver = static +# args = proxy=y host=%1Mu.example.com nopassword=y +#} + +#passdb { +# driver = static +# args = password=test +#} + +#userdb { +# driver = static +# args = uid=vmail gid=vmail home=/home/%u +#}
--- a/src/auth/Makefile.am Wed Jun 02 15:50:37 2010 +0100 +++ b/src/auth/Makefile.am Wed Jun 02 16:08:07 2010 +0100 @@ -94,6 +94,7 @@ passdb-sia.c \ passdb-vpopmail.c \ passdb-sql.c \ + passdb-static.c \ userdb.c \ userdb-blocking.c \ userdb-checkpassword.c \
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/auth/passdb-static.c Wed Jun 02 16:08:07 2010 +0100 @@ -0,0 +1,101 @@ +/* Copyright (c) 2010 Dovecot authors, see the included COPYING file */ + +#include "auth-common.h" +#include "array.h" +#include "str.h" +#include "var-expand.h" +#include "passdb.h" + +#define STATIC_PASS_SCHEME "PLAIN" + +struct static_passdb_module { + struct passdb_module module; + ARRAY_TYPE(const_string) tmpl; +}; + +static void +static_verify_plain(struct auth_request *request, const char *password, + verify_plain_callback_t *callback) +{ + struct static_passdb_module *module = + (struct static_passdb_module *)request->passdb->passdb; + const struct var_expand_table *table; + const char *const *args, *static_password = ""; + unsigned int i, count; + string_t *str = t_str_new(128); + int ret; + + auth_request_log_debug(request, "static", "lookup"); + + table = auth_request_get_var_expand_table(request, NULL); + + args = array_get(&module->tmpl, &count); + i_assert((count % 2) == 0); + for (i = 0; i < count; i += 2) { + const char *key = args[i]; + const char *value = args[i+1]; + + if (value != NULL) { + str_truncate(str, 0); + var_expand(str, args[i+1], table); + value = str_c(str); + } + + if (strcmp(key, "password") == 0) + static_password = value; + else { + auth_request_set_field(request, key, value, + STATIC_PASS_SCHEME); + } + } + + ret = auth_request_password_verify(request, password, static_password, + STATIC_PASS_SCHEME, "static"); + if (ret <= 0) { + callback(PASSDB_RESULT_PASSWORD_MISMATCH, request); + return; + } + + callback(PASSDB_RESULT_OK, request); +} + +static struct passdb_module * +static_preinit(pool_t pool, const char *args) +{ + struct static_passdb_module *module; + + module = p_new(pool, struct static_passdb_module, 1); + p_array_init(&module->tmpl, pool, 16); + T_BEGIN { + const char *const *tmp; + + tmp = t_strsplit_spaces(args, " "); + for (; *tmp != NULL; tmp++) { + const char *key = *tmp; + const char *value = strchr(key, '='); + + if (value == NULL) + value = ""; + else + key = t_strdup_until(key, value++); + + key = p_strdup(pool, key); + value = p_strdup(pool, value); + array_append(&module->tmpl, &key, 1); + array_append(&module->tmpl, &value, 1); + } + } T_END; + return &module->module; +} + +struct passdb_module_interface passdb_static = { + "static", + + static_preinit, + NULL, + NULL, + + static_verify_plain, + NULL, + NULL +};
--- a/src/auth/passdb.c Wed Jun 02 15:50:37 2010 +0100 +++ b/src/auth/passdb.c Wed Jun 02 16:08:07 2010 +0100 @@ -259,6 +259,7 @@ extern struct passdb_module_interface passdb_ldap; extern struct passdb_module_interface passdb_sql; extern struct passdb_module_interface passdb_sia; +extern struct passdb_module_interface passdb_static; void passdbs_init(void) { @@ -274,6 +275,7 @@ passdb_register_module(&passdb_ldap); passdb_register_module(&passdb_sql); passdb_register_module(&passdb_sia); + passdb_register_module(&passdb_static); } void passdbs_deinit(void)