dovecot/original-hg/dovecot-1.2: src/auth/auth-request-handler.c annotate

annotate src/auth/auth-request-handler.c @ 5089:18559c7e3a15 HEAD

Cleanups and minor fixes

author	Timo Sirainen <tss@iki.fi>
date	Fri, 26 Jan 2007 15:58:48 +0200
parents	dd4c4a0c0aae
children	dad0e22b735a

rev	line source
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	1 /* Copyright (C) 2005 Timo Sirainen */
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	2
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	3 #include "common.h"
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	4 #include "ioloop.h"
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	5 #include "buffer.h"
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	6 #include "base64.h"
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	7 #include "hash.h"
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	8 #include "str.h"
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	9 #include "str-sanitize.h"
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	10 #include "auth-request.h"
5038 b2921478f94f Several fixes to handling deinitialization without crashing. Timo Sirainen <tss@iki.fi> parents: 5005 diff changeset	11 #include "auth-master-connection.h"
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	12 #include "auth-request-handler.h"
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	13
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	14 #include <stdlib.h>
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	15
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	16 struct auth_request_handler {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	17 int refcount;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	18 pool_t pool;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	19 struct hash_table *requests;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	20
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	21 struct auth *auth;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	22 unsigned int connect_uid, client_pid;
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	23
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	24 auth_request_callback_t *callback;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	25 void *context;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	26
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	27 auth_request_callback_t *master_callback;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	28 };
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	29
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	30 static buffer_t *auth_failures_buf;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	31 static struct timeout *to_auth_failures;
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	32
4903 204d7edc7cdc Added context parameter type safety checks for most callback APIs. Timo Sirainen <tss@iki.fi> parents: 4880 diff changeset	33 #undef auth_request_handler_create
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	34 struct auth_request_handler *
3518 c444e76648e8 Removed unused code Timo Sirainen <tss@iki.fi> parents: 3432 diff changeset	35 auth_request_handler_create(struct auth *auth,
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	36 auth_request_callback_t callback, void context,
3308 3f090bcaffcc Allow multiple master connections for a single listener. Timo Sirainen <tss@iki.fi> parents: 3171 diff changeset	37 auth_request_callback_t *master_callback)
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	38 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	39 struct auth_request_handler *handler;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	40 pool_t pool;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	41
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	42 pool = pool_alloconly_create("auth request handler", 4096);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	43
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	44 handler = p_new(pool, struct auth_request_handler, 1);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	45 handler->refcount = 1;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	46 handler->pool = pool;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	47 handler->requests = hash_create(default_pool, pool, 0, NULL, NULL);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	48 handler->auth = auth;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	49 handler->callback = callback;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	50 handler->context = context;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	51 handler->master_callback = master_callback;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	52 return handler;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	53 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	54
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	55 void auth_request_handler_unref(struct auth_request_handler **_handler)
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	56 {
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	57 struct auth_request_handler handler = _handler;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	58 struct hash_iterate_context *iter;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	59 void key, value;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	60
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	61 *_handler = NULL;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	62 i_assert(handler->refcount > 0);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	63 if (--handler->refcount > 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	64 return;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	65
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	66 iter = hash_iterate_init(handler->requests);
3952 d7a0354861b8 If authentication client disconnects while it still has pending requests, Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	67 while (hash_iterate(iter, &key, &value)) {
d7a0354861b8 If authentication client disconnects while it still has pending requests, Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	68 struct auth_request *auth_request = value;
d7a0354861b8 If authentication client disconnects while it still has pending requests, Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	69
d7a0354861b8 If authentication client disconnects while it still has pending requests, Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	70 auth_request_unref(&auth_request);
d7a0354861b8 If authentication client disconnects while it still has pending requests, Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	71 }
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	72 hash_iterate_deinit(iter);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	73
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	74 /* notify parent that we're done with all requests */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	75 handler->callback(NULL, handler->context);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	76
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	77 hash_destroy(handler->requests);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	78 pool_unref(handler->pool);
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3074 diff changeset	79 }
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	80
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3074 diff changeset	81 void auth_request_handler_set(struct auth_request_handler *handler,
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3074 diff changeset	82 unsigned int connect_uid,
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3074 diff changeset	83 unsigned int client_pid)
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3074 diff changeset	84 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	85 handler->connect_uid = connect_uid;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	86 handler->client_pid = client_pid;
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	87 }
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	88
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	89 static void auth_request_handler_remove(struct auth_request_handler *handler,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	90 struct auth_request *request)
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	91 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	92 hash_remove(handler->requests, POINTER_CAST(request->id));
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	93 auth_request_unref(&request);
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	94 }
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	95
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	96 void auth_request_handler_check_timeouts(struct auth_request_handler *handler)
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	97 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	98 struct hash_iterate_context *iter;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	99 void key, value;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	100
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	101 iter = hash_iterate_init(handler->requests);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	102 while (hash_iterate(iter, &key, &value)) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	103 struct auth_request *request = value;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	104
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	105 if (request->created + AUTH_REQUEST_TIMEOUT < ioloop_time)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	106 auth_request_handler_remove(handler, request);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	107 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	108 hash_iterate_deinit(iter);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	109 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	110
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	111 static const char get_client_extra_fields(struct auth_request request)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	112 {
3432 079ec5c2d665 Last change caused user-given passwords to be cached, and later the password Timo Sirainen <tss@iki.fi> parents: 3338 diff changeset	113 string_t *str;
3520 e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	114 const char *fields, extra_fields;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	115 unsigned int src, dest;
4758 2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	116 bool seen_pass = FALSE;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	117
5085 dd4c4a0c0aae code cleanup Timo Sirainen <tss@iki.fi> parents: 5038 diff changeset	118 if (auth_stream_is_empty(request->extra_fields))
dd4c4a0c0aae code cleanup Timo Sirainen <tss@iki.fi> parents: 5038 diff changeset	119 return NULL;
dd4c4a0c0aae code cleanup Timo Sirainen <tss@iki.fi> parents: 5038 diff changeset	120
dd4c4a0c0aae code cleanup Timo Sirainen <tss@iki.fi> parents: 5038 diff changeset	121 extra_fields = auth_stream_reply_export(request->extra_fields);
3520 e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	122
3432 079ec5c2d665 Last change caused user-given passwords to be cached, and later the password Timo Sirainen <tss@iki.fi> parents: 3338 diff changeset	123 if (!request->proxy) {
079ec5c2d665 Last change caused user-given passwords to be cached, and later the password Timo Sirainen <tss@iki.fi> parents: 3338 diff changeset	124 /* we only wish to remove all fields prefixed with "userdb_" */
3520 e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	125 if (strstr(extra_fields, "userdb_") == NULL)
e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	126 return extra_fields;
3432 079ec5c2d665 Last change caused user-given passwords to be cached, and later the password Timo Sirainen <tss@iki.fi> parents: 3338 diff changeset	127 }
079ec5c2d665 Last change caused user-given passwords to be cached, and later the password Timo Sirainen <tss@iki.fi> parents: 3338 diff changeset	128
079ec5c2d665 Last change caused user-given passwords to be cached, and later the password Timo Sirainen <tss@iki.fi> parents: 3338 diff changeset	129 str = t_str_new(128);
4758 2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	130 fields = t_strsplit(extra_fields, "\t");
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	131 for (src = dest = 0; fields[src] != NULL; src++) {
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	132 if (strncmp(fields[src], "userdb_", 7) != 0) {
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	133 if (str_len(str) > 0)
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	134 str_append_c(str, '\t');
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	135 if (!seen_pass && strncmp(fields[src], "pass=", 5) == 0)
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	136 seen_pass = TRUE;
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	137 str_append(str, fields[src]);
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	138 }
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	139 }
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	140
2fc38c1e48c4 Don't send "pass" back if it's already set, or if it's not known. Timo Sirainen <tss@iki.fi> parents: 4739 diff changeset	141 if (request->proxy && !seen_pass && request->mech_password != NULL) {
3432 079ec5c2d665 Last change caused user-given passwords to be cached, and later the password Timo Sirainen <tss@iki.fi> parents: 3338 diff changeset	142 /* we're proxying - send back the password that was
079ec5c2d665 Last change caused user-given passwords to be cached, and later the password Timo Sirainen <tss@iki.fi> parents: 3338 diff changeset	143 sent by user (not the password in passdb). */
4767 f7fa27e435ef Missing TAB before "pass" broke proxying. Timo Sirainen <tss@iki.fi> parents: 4758 diff changeset	144 str_printfa(str, "\tpass=%s", request->mech_password);
3432 079ec5c2d665 Last change caused user-given passwords to be cached, and later the password Timo Sirainen <tss@iki.fi> parents: 3338 diff changeset	145 }
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	146
4739 1d042234c9f9 If passdb returned only userdb_ prefixed extra fields, don't add an extra Timo Sirainen <tss@iki.fi> parents: 4682 diff changeset	147 return str_len(str) == 0 ? NULL : str_c(str);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	148 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	149
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	150 static void auth_callback(struct auth_request *request,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	151 enum auth_client_result result,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	152 const void *reply, size_t reply_size)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	153 {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	154 struct auth_request_handler *handler = request->context;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	155 string_t *str;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	156 const char *fields;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	157
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	158 t_push();
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	159
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	160 str = t_str_new(128 + MAX_BASE64_ENCODED_SIZE(reply_size));
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	161 switch (result) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	162 case AUTH_CLIENT_RESULT_CONTINUE:
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	163 str_printfa(str, "CONT\t%u\t", request->id);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	164 base64_encode(reply, reply_size, str);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	165 request->accept_input = TRUE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	166 handler->callback(str_c(str), handler->context);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	167 break;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	168 case AUTH_CLIENT_RESULT_SUCCESS:
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	169 str_printfa(str, "OK\t%u\tuser=%s", request->id, request->user);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	170 if (reply_size > 0) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	171 str_append(str, "\tresp=");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	172 base64_encode(reply, reply_size, str);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	173 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	174 fields = get_client_extra_fields(request);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	175 if (fields != NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	176 str_append_c(str, '\t');
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	177 str_append(str, fields);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	178 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	179
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	180 if (request->no_login \|\| handler->master_callback == NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	181 /* this request doesn't have to wait for master
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	182 process to pick it up. delete it */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	183 auth_request_handler_remove(handler, request);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	184 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	185 handler->callback(str_c(str), handler->context);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	186 break;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	187 case AUTH_CLIENT_RESULT_FAILURE:
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	188 str_printfa(str, "FAIL\t%u", request->id);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	189 if (request->user != NULL)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	190 str_printfa(str, "\tuser=%s", request->user);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	191 if (request->internal_failure)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	192 str_append(str, "\ttemp");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	193 fields = get_client_extra_fields(request);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	194 if (fields != NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	195 str_append_c(str, '\t');
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	196 str_append(str, fields);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	197 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	198
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	199 if (request->delayed_failure) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	200 /* we came here from flush_failures() */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	201 handler->callback(str_c(str), handler->context);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	202 break;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	203 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	204
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	205 /* remove the request from requests-list */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	206 auth_request_ref(request);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	207 auth_request_handler_remove(handler, request);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	208
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	209 if (request->no_failure_delay) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	210 /* passdb specifically requested not to delay the
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	211 reply. */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	212 handler->callback(str_c(str), handler->context);
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	213 auth_request_unref(&request);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	214 } else {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	215 /* failure. don't announce it immediately to avoid
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	216 a) timing attacks, b) flooding */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	217 request->delayed_failure = TRUE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	218 handler->refcount++;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	219 buffer_append(auth_failures_buf,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	220 &request, sizeof(request));
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	221 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	222 break;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	223 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	224 /* NOTE: request may be destroyed now */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	225
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	226 auth_request_handler_unref(&handler);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	227
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	228 t_pop();
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	229 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	230
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	231 static void auth_request_handler_auth_fail(struct auth_request_handler *handler,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	232 struct auth_request *request,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	233 const char *reason)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	234 {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	235 string_t *reply = t_str_new(64);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	236
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	237 auth_request_log_info(request, request->mech->mech_name, "%s", reason);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	238
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	239 str_printfa(reply, "FAIL\t%u\treason=%s", request->id, reason);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	240 handler->callback(str_c(reply), handler->context);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	241
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	242 auth_request_handler_remove(handler, request);
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	243 }
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	244
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3520 diff changeset	245 bool auth_request_handler_auth_begin(struct auth_request_handler *handler,
55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3520 diff changeset	246 const char *args)
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	247 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	248 struct mech_module *mech;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	249 struct auth_request *request;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	250 const char const list, name, arg, *initial_resp;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	251 const void *initial_resp_data;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	252 size_t initial_resp_len;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	253 unsigned int id;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	254 buffer_t *buf;
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3520 diff changeset	255 bool valid_client_cert;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	256
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	257 /* <id> <mechanism> [...] */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	258 list = t_strsplit(args, "\t");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	259 if (list[0] == NULL \|\| list[1] == NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	260 i_error("BUG: Authentication client %u "
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	261 "sent broken AUTH request", handler->client_pid);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	262 return FALSE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	263 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	264
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	265 id = (unsigned int)strtoul(list[0], NULL, 10);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	266
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	267 mech = mech_module_find(list[1]);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	268 if (mech == NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	269 /* unsupported mechanism */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	270 i_error("BUG: Authentication client %u requested unsupported "
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	271 "authentication mechanism %s", handler->client_pid,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	272 str_sanitize(list[1], MAX_MECH_NAME_LEN));
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	273 return FALSE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	274 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	275
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	276 request = auth_request_new(handler->auth, mech, auth_callback, handler);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	277 request->connect_uid = handler->connect_uid;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	278 request->client_pid = handler->client_pid;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	279 request->id = id;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	280
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	281 /* parse optional parameters */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	282 initial_resp = NULL;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	283 valid_client_cert = FALSE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	284 for (list += 2; *list != NULL; list++) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	285 arg = strchr(*list, '=');
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	286 if (arg == NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	287 name = *list;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	288 arg = "";
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	289 } else {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	290 name = t_strdup_until(*list, arg);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	291 arg++;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	292 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	293
3338 e5ce49c8524a USER auth command requires now service parameter and supports also others Timo Sirainen <tss@iki.fi> parents: 3308 diff changeset	294 if (auth_request_import(request, name, arg))
e5ce49c8524a USER auth command requires now service parameter and supports also others Timo Sirainen <tss@iki.fi> parents: 3308 diff changeset	295 ;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	296 else if (strcmp(name, "valid-client-cert") == 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	297 valid_client_cert = TRUE;
4682 bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	298 else if (strcmp(name, "resp") == 0) {
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	299 initial_resp = arg;
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	300 /* this must be the last parameter */
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	301 list++;
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	302 break;
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	303 }
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	304 }
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	305
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	306 if (*list != NULL) {
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	307 i_error("BUG: Authentication client %u "
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	308 "sent AUTH parameters after 'resp'",
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	309 handler->client_pid);
bc071307fc2a Require that the "resp" parameter for AUTH command is the last. Timo Sirainen <tss@iki.fi> parents: 4532 diff changeset	310 return FALSE;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	311 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	312
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	313 if (request->service == NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	314 i_error("BUG: Authentication client %u "
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	315 "didn't specify service in request",
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	316 handler->client_pid);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	317 return FALSE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	318 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	319
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	320 hash_insert(handler->requests, POINTER_CAST(id), request);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	321
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	322 if (request->auth->ssl_require_client_cert && !valid_client_cert) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	323 /* we fail without valid certificate */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	324 auth_request_handler_auth_fail(handler, request,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	325 "Client didn't present valid SSL certificate");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	326 return TRUE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	327 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	328
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	329 if (initial_resp == NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	330 initial_resp_data = NULL;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	331 initial_resp_len = 0;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	332 } else {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	333 size_t len = strlen(initial_resp);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	334 buf = buffer_create_dynamic(pool_datastack_create(),
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	335 MAX_BASE64_DECODED_SIZE(len));
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	336 if (base64_decode(initial_resp, len, NULL, buf) < 0) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	337 auth_request_handler_auth_fail(handler, request,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	338 "Invalid base64 data in initial response");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	339 return TRUE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	340 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	341 initial_resp_data = buf->data;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	342 initial_resp_len = buf->used;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	343 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	344
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	345 /* handler is referenced until auth_callback is called. */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	346 handler->refcount++;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	347 auth_request_initial(request, initial_resp_data, initial_resp_len);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	348 return TRUE;
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	349 }
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	350
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3520 diff changeset	351 bool auth_request_handler_auth_continue(struct auth_request_handler *handler,
55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3520 diff changeset	352 const char *args)
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	353 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	354 struct auth_request *request;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	355 const char *data;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	356 size_t data_len;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	357 buffer_t *buf;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	358 unsigned int id;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	359
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	360 data = strchr(args, '\t');
5089 18559c7e3a15 Cleanups and minor fixes Timo Sirainen <tss@iki.fi> parents: 5085 diff changeset	361 if (data == NULL) {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	362 i_error("BUG: Authentication client sent broken CONT request");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	363 return FALSE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	364 }
5089 18559c7e3a15 Cleanups and minor fixes Timo Sirainen <tss@iki.fi> parents: 5085 diff changeset	365 data++;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	366
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	367 id = (unsigned int)strtoul(args, NULL, 10);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	368
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	369 request = hash_lookup(handler->requests, POINTER_CAST(id));
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	370 if (request == NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	371 string_t *reply = t_str_new(64);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	372
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	373 str_printfa(reply, "FAIL\t%u\treason=Timeouted", id);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	374 handler->callback(str_c(reply), handler->context);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	375 return TRUE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	376 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	377
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	378 /* accept input only once after mechanism has sent a CONT reply */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	379 if (!request->accept_input) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	380 auth_request_handler_auth_fail(handler, request,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	381 "Unexpected continuation");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	382 return TRUE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	383 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	384 request->accept_input = FALSE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	385
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	386 data_len = strlen(data);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	387 buf = buffer_create_dynamic(pool_datastack_create(),
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	388 MAX_BASE64_DECODED_SIZE(data_len));
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	389 if (base64_decode(data, data_len, NULL, buf) < 0) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	390 auth_request_handler_auth_fail(handler, request,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	391 "Invalid base64 data in continued response");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	392 return TRUE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	393 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	394
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	395 /* handler is referenced until auth_callback is called. */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	396 handler->refcount++;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	397 auth_request_continue(request, buf->data, buf->used);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	398 return TRUE;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	399 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	400
4880 4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	401 static void userdb_callback(enum userdb_result result,
4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	402 struct auth_stream_reply *reply,
3520 e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	403 struct auth_request *request)
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	404 {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	405 struct auth_request_handler *handler = request->context;
3520 e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	406 string_t *str;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	407
3171 8a3b57385eca Added state variable for auth_request and several assertions to make sure Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	408 i_assert(request->state == AUTH_REQUEST_STATE_USERDB);
8a3b57385eca Added state variable for auth_request and several assertions to make sure Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	409
8a3b57385eca Added state variable for auth_request and several assertions to make sure Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	410 request->state = AUTH_REQUEST_STATE_FINISHED;
8a3b57385eca Added state variable for auth_request and several assertions to make sure Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	411
3520 e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	412 str = t_str_new(256);
4880 4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	413 switch (result) {
4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	414 case USERDB_RESULT_INTERNAL_FAILURE:
4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	415 str_printfa(str, "FAIL\t%u", request->id);
4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	416 break;
4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	417 case USERDB_RESULT_USER_UNKNOWN:
3520 e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	418 str_printfa(str, "NOTFOUND\t%u", request->id);
4880 4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	419 break;
4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	420 case USERDB_RESULT_OK:
4532 d83f2a6e1f45 When logging in as master user, send it as "master_user" field to master Timo Sirainen <tss@iki.fi> parents: 4451 diff changeset	421 if (request->master_user != NULL) {
d83f2a6e1f45 When logging in as master user, send it as "master_user" field to master Timo Sirainen <tss@iki.fi> parents: 4451 diff changeset	422 auth_stream_reply_add(reply, "master_user",
d83f2a6e1f45 When logging in as master user, send it as "master_user" field to master Timo Sirainen <tss@iki.fi> parents: 4451 diff changeset	423 request->master_user);
d83f2a6e1f45 When logging in as master user, send it as "master_user" field to master Timo Sirainen <tss@iki.fi> parents: 4451 diff changeset	424 }
3520 e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	425 str_printfa(str, "USER\t%u\t", request->id);
e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	426 str_append(str, auth_stream_reply_export(reply));
4880 4ec6a4def05b We treated internal userdb lookup errors as "user unknown" errors. In such Timo Sirainen <tss@iki.fi> parents: 4767 diff changeset	427 break;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	428 }
3520 e2fe8222449d s/occured/occurred/ Timo Sirainen <tss@iki.fi> parents: 3518 diff changeset	429 handler->master_callback(str_c(str), request->master);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	430
5038 b2921478f94f Several fixes to handling deinitialization without crashing. Timo Sirainen <tss@iki.fi> parents: 5005 diff changeset	431 auth_master_connection_unref(&request->master);
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	432 auth_request_unref(&request);
928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	433 auth_request_handler_unref(&handler);
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	434 }
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	435
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	436 void auth_request_handler_master_request(struct auth_request_handler *handler,
3308 3f090bcaffcc Allow multiple master connections for a single listener. Timo Sirainen <tss@iki.fi> parents: 3171 diff changeset	437 struct auth_master_connection *master,
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	438 unsigned int id,
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	439 unsigned int client_id)
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	440 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	441 struct auth_request *request;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	442 string_t *reply;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	443
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	444 reply = t_str_new(64);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	445
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	446 request = hash_lookup(handler->requests, POINTER_CAST(client_id));
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	447 if (request == NULL) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	448 i_error("Master request %u.%u not found",
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	449 handler->client_pid, client_id);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	450 str_printfa(reply, "NOTFOUND\t%u", id);
3308 3f090bcaffcc Allow multiple master connections for a single listener. Timo Sirainen <tss@iki.fi> parents: 3171 diff changeset	451 handler->master_callback(str_c(reply), master);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	452 return;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	453 }
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	454
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	455 auth_request_ref(request);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	456 auth_request_handler_remove(handler, request);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	457
3171 8a3b57385eca Added state variable for auth_request and several assertions to make sure Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	458 if (request->state != AUTH_REQUEST_STATE_FINISHED \|\|
8a3b57385eca Added state variable for auth_request and several assertions to make sure Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	459 !request->successful) {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	460 i_error("Master requested unfinished authentication request "
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	461 "%u.%u", handler->client_pid, client_id);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	462 str_printfa(reply, "NOTFOUND\t%u", id);
3308 3f090bcaffcc Allow multiple master connections for a single listener. Timo Sirainen <tss@iki.fi> parents: 3171 diff changeset	463 handler->master_callback(str_c(reply), master);
4401 10cdcfe98cfc Fixed memory leak in error handling. Timo Sirainen <tss@iki.fi> parents: 3952 diff changeset	464 auth_request_unref(&request);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	465 } else {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	466 /* the request isn't being referenced anywhere anymore,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	467 so we can do a bit of kludging.. replace the request's
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	468 old client_id with master's id. */
3171 8a3b57385eca Added state variable for auth_request and several assertions to make sure Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	469 request->state = AUTH_REQUEST_STATE_USERDB;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	470 request->id = id;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	471 request->context = handler;
3308 3f090bcaffcc Allow multiple master connections for a single listener. Timo Sirainen <tss@iki.fi> parents: 3171 diff changeset	472 request->master = master;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	473
5038 b2921478f94f Several fixes to handling deinitialization without crashing. Timo Sirainen <tss@iki.fi> parents: 5005 diff changeset	474 /* master and handler are referenced until userdb_callback i
b2921478f94f Several fixes to handling deinitialization without crashing. Timo Sirainen <tss@iki.fi> parents: 5005 diff changeset	475 s called. */
b2921478f94f Several fixes to handling deinitialization without crashing. Timo Sirainen <tss@iki.fi> parents: 5005 diff changeset	476 auth_master_connection_ref(master);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	477 handler->refcount++;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	478 auth_request_lookup_user(request, userdb_callback);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	479 }
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	480 }
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	481
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	482 void auth_request_handler_flush_failures(void)
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	483 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	484 struct auth_request **auth_request;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	485 size_t i, size;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	486
4451 1a35d53c18fc Array API redesigned to work using unions. It now provides type safety Timo Sirainen <tss@iki.fi> parents: 4401 diff changeset	487 auth_request = buffer_get_modifiable_data(auth_failures_buf, &size);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	488 size /= sizeof(*auth_request);
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	489
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	490 for (i = 0; i < size; i++) {
3171 8a3b57385eca Added state variable for auth_request and several assertions to make sure Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	491 i_assert(auth_request[i]->state == AUTH_REQUEST_STATE_FINISHED);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	492 auth_request[i]->callback(auth_request[i],
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	493 AUTH_CLIENT_RESULT_FAILURE, NULL, 0);
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	494 auth_request_unref(&auth_request[i]);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	495 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	496 buffer_set_used_size(auth_failures_buf, 0);
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	497 }
3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	498
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	499 static void auth_failure_timeout(void *context __attr_unused__)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	500 {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	501 auth_request_handler_flush_failures();
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	502 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	503
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	504 void auth_request_handler_init(void)
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	505 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	506 auth_failures_buf = buffer_create_dynamic(default_pool, 1024);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	507 to_auth_failures = timeout_add(2000, auth_failure_timeout, NULL);
3074 3feb38ff17f5 Moving code around. Timo Sirainen <tss@iki.fi> parents: diff changeset	508 }
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	509
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	510 void auth_request_handler_deinit(void)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	511 {
5038 b2921478f94f Several fixes to handling deinitialization without crashing. Timo Sirainen <tss@iki.fi> parents: 5005 diff changeset	512 auth_request_handler_flush_failures();
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	513 buffer_free(auth_failures_buf);
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	514 timeout_remove(&to_auth_failures);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	515 }

Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/auth/auth-request-handler.c @ 5089:18559c7e3a15 HEAD