Mercurial > dovecot > core-2.2
changeset 11256:e08dd68309a9 HEAD
auth/login related timeouts are now in one place and they make more sense.
Most importantly now auth client doesn't abort lookup before server does.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 04 May 2010 01:33:20 +0300 |
parents | 90410a8f3786 |
children | c5e5f18e7685 |
files | src/auth/auth-request-handler.c src/lib-auth/Makefile.am src/lib-auth/auth-client-interface.h src/lib-auth/auth-master.c src/lib-master/master-interface.h src/lib-master/master-login-auth.c src/login-common/client-common.h |
diffstat | 7 files changed, 18 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-request-handler.c Tue May 04 01:31:54 2010 +0300 +++ b/src/auth/auth-request-handler.c Tue May 04 01:33:20 2010 +0300 @@ -8,6 +8,7 @@ #include "hash.h" #include "str.h" #include "str-sanitize.h" +#include "master-interface.h" #include "auth-penalty.h" #include "auth-request.h" #include "auth-master-connection.h" @@ -393,7 +394,7 @@ } auth_request_init(request); - request->to_abort = timeout_add(AUTH_REQUEST_TIMEOUT * 1000, + request->to_abort = timeout_add(MASTER_AUTH_SERVER_TIMEOUT_SECS * 1000, auth_request_timeout, request); hash_table_insert(handler->requests, POINTER_CAST(id), request);
--- a/src/lib-auth/Makefile.am Tue May 04 01:31:54 2010 +0300 +++ b/src/lib-auth/Makefile.am Tue May 04 01:33:20 2010 +0300 @@ -1,7 +1,8 @@ noinst_LTLIBRARIES = libauth.la AM_CPPFLAGS = \ - -I$(top_srcdir)/src/lib + -I$(top_srcdir)/src/lib \ + -I$(top_srcdir)/src/lib-master libauth_la_SOURCES = \ auth-client.c \
--- a/src/lib-auth/auth-client-interface.h Tue May 04 01:31:54 2010 +0300 +++ b/src/lib-auth/auth-client-interface.h Tue May 04 01:33:20 2010 +0300 @@ -8,8 +8,6 @@ /* GSSAPI can use quite large packets */ #define AUTH_CLIENT_MAX_LINE_LENGTH 16384 -/* Use a bit smaller than login process timeout */ -#define AUTH_REQUEST_TIMEOUT (3*60 - 30) enum mech_security_flags { /* Don't advertise this as available SASL mechanism (eg. APOP) */
--- a/src/lib-auth/auth-master.c Tue May 04 01:31:54 2010 +0300 +++ b/src/lib-auth/auth-master.c Tue May 04 01:33:20 2010 +0300 @@ -9,6 +9,7 @@ #include "istream.h" #include "ostream.h" #include "str.h" +#include "master-interface.h" #include "auth-master.h" #include <stdlib.h> @@ -17,7 +18,6 @@ #define AUTH_PROTOCOL_MAJOR 1 #define AUTH_PROTOCOL_MINOR 0 -#define AUTH_REQUEST_TIMEOUT_SECS 30 #define AUTH_MASTER_IDLE_SECS 60 #define MAX_INBUF_SIZE 8192 @@ -301,7 +301,7 @@ conn->input = i_stream_create_fd(conn->fd, MAX_INBUF_SIZE, FALSE); conn->output = o_stream_create_fd(conn->fd, MAX_OUTBUF_SIZE, FALSE); conn->io = io_add(conn->fd, IO_READ, auth_input, conn); - conn->to = timeout_add(1000*AUTH_REQUEST_TIMEOUT_SECS, + conn->to = timeout_add(1000*MASTER_AUTH_LOOKUP_TIMEOUT_SECS, auth_request_timeout, conn); lib_signals_reset_ioloop(); }
--- a/src/lib-master/master-interface.h Tue May 04 01:31:54 2010 +0300 +++ b/src/lib-master/master-interface.h Tue May 04 01:33:20 2010 +0300 @@ -71,4 +71,12 @@ new child processes when needed. */ #define MASTER_LISTEN_FD_FIRST 6 +/* Timeouts: base everything on how long we can wait for login clients. */ +#define MASTER_LOGIN_TIMEOUT_SECS (3*60) +/* auth server should abort auth requests before that happens */ +#define MASTER_AUTH_SERVER_TIMEOUT_SECS (MASTER_LOGIN_TIMEOUT_SECS - 30) +/* auth clients should abort auth lookups after server was supposed to have + done that */ +#define MASTER_AUTH_LOOKUP_TIMEOUT_SECS (MASTER_AUTH_SERVER_TIMEOUT_SECS + 5) + #endif
--- a/src/lib-master/master-login-auth.c Tue May 04 01:31:54 2010 +0300 +++ b/src/lib-master/master-login-auth.c Tue May 04 01:33:20 2010 +0300 @@ -9,13 +9,13 @@ #include "hex-binary.h" #include "hash.h" #include "str.h" +#include "master-interface.h" #include "master-auth.h" #include "master-login-auth.h" #include <stdlib.h> #define AUTH_MAX_INBUF_SIZE 8192 -#define AUTH_REQUEST_TIMEOUT_SECS (2*60) struct master_login_auth_request { struct master_login_auth_request *prev, *next; @@ -120,7 +120,8 @@ { time_t expires; - expires = auth->request_head->create_stamp + AUTH_REQUEST_TIMEOUT_SECS; + expires = auth->request_head->create_stamp + + MASTER_AUTH_LOOKUP_TIMEOUT_SECS; return expires <= ioloop_time ? 0 : expires - ioloop_time; }
--- a/src/login-common/client-common.h Tue May 04 01:31:54 2010 +0300 +++ b/src/login-common/client-common.h Tue May 04 01:33:20 2010 +0300 @@ -17,7 +17,7 @@ /* Disconnect client after this many milliseconds if it hasn't managed to log in yet. */ -#define CLIENT_LOGIN_TIMEOUT_MSECS (3*60*1000) +#define CLIENT_LOGIN_TIMEOUT_MSECS (MASTER_LOGIN_TIMEOUT_SECS*1000) #define AUTH_SERVER_WAITING_MSG \ "Waiting for authentication process to respond.."