Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/passdb-blocking.c @ 5105:342429974bf5 HEAD
Assert-crashfixes
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 06 Feb 2007 11:49:46 +0200 |
parents | 7a8f68b0cc31 |
children | 83f361144a8a |
rev | line source |
---|---|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1 /* Copyright (C) 2005 Timo Sirainen */ |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 #include "common.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #include "str.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 #include "auth-worker-server.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #include "password-scheme.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 #include "passdb.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "passdb-blocking.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include <stdlib.h> |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 static enum passdb_result |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 check_failure(struct auth_request *request, const char **reply) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 { |
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
15 enum passdb_result ret; |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
16 const char *p; |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
17 |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 /* OK / FAIL */ |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 if (strncmp(*reply, "OK\t", 3) == 0) { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 *reply += 3; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
21 return PASSDB_RESULT_OK; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
23 |
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
24 /* FAIL \t result \t password */ |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
25 if (strncmp(*reply, "FAIL\t", 5) == 0) { |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
26 *reply += 5; |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
27 ret = atoi(t_strcut(*reply, '\t')); |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
28 |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
29 p = strchr(*reply, '\t'); |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
30 if (p == NULL) |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
31 *reply += strlen(*reply); |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
32 else |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
33 *reply = p + 1; |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
34 if (ret != PASSDB_RESULT_OK) |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
35 return ret; |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
36 |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
37 auth_request_log_error(request, "blocking", |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
38 "Received invalid FAIL result from worker: %d", ret); |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
39 return PASSDB_RESULT_INTERNAL_FAILURE; |
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
40 } else { |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
41 auth_request_log_error(request, "blocking", |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
42 "Received unknown reply from worker: %s", *reply); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
43 return PASSDB_RESULT_INTERNAL_FAILURE; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
45 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
46 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
47 static int get_pass_reply(struct auth_request *request, const char *reply, |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
48 const char **password_r, const char **scheme_r) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
49 { |
3666
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
50 const char *p, *p2, **tmp; |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
51 |
3257
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
52 /* user \t {scheme}password [\t extra] */ |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
53 p = strchr(reply, '\t'); |
4692
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
54 |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
55 /* username may have changed, update it */ |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
56 auth_request_set_field(request, "user", p == NULL ? reply : |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
57 t_strdup_until(reply, p), NULL); |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
58 if (p == NULL) { |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
59 /* we didn't get a password. */ |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
60 *password_r = NULL; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
61 *scheme_r = NULL; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
62 return 0; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
63 } |
4692
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
64 p2 = strchr(++p, '\t'); |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
65 if (p2 == NULL) { |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
66 *password_r = p; |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
67 reply = ""; |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
68 } else { |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
69 *password_r = t_strdup_until(p, p2); |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
70 reply = p2 + 1; |
7728291a7f52
If blocking passdb (ie. MySQL) didn't return any extra fields, we didn't
Timo Sirainen <tss@iki.fi>
parents:
4030
diff
changeset
|
71 } |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
72 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
73 if (**password_r == '\0') { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
74 *password_r = NULL; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
75 *scheme_r = NULL; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
76 } else { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
77 request->passdb_password = |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 p_strdup(request->pool, *password_r); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
79 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
80 *scheme_r = password_get_scheme(password_r); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
81 if (*scheme_r == NULL) { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
82 auth_request_log_error(request, "blocking", |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
83 "Received reply from worker without " |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
84 "password scheme"); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
85 return -1; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
86 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
87 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
88 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
89 if (*reply != '\0') { |
5105 | 90 i_assert(auth_stream_is_empty(request->extra_fields) || |
91 request->master_user != NULL); | |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
92 |
3666
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
93 for (tmp = t_strsplit(reply, "\t"); *tmp != NULL; tmp++) { |
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
94 p = strchr(*tmp, '='); |
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
95 if (p == NULL) |
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
96 p = ""; |
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
97 else { |
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
98 *tmp = t_strdup_until(*tmp, p); |
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
99 p++; |
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
100 } |
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
101 auth_request_set_field(request, *tmp, p, NULL); |
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
102 } |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
103 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
104 return 0; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
105 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
106 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
107 static void |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
108 verify_plain_callback(struct auth_request *request, const char *reply) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
109 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
110 enum passdb_result result; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
111 const char *password, *scheme; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
112 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
113 result = check_failure(request, &reply); |
4704
3bfd724bb37a
Fixes to handling blocking passdb (ie. MySQL) failures. It ignored any
Timo Sirainen <tss@iki.fi>
parents:
4692
diff
changeset
|
114 if (result > 0) { |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
115 if (get_pass_reply(request, reply, &password, &scheme) < 0) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
116 result = PASSDB_RESULT_INTERNAL_FAILURE; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
117 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
118 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
119 auth_request_verify_plain_callback(result, request); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
120 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
121 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
122 void passdb_blocking_verify_plain(struct auth_request *request) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
123 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
124 string_t *str; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
125 |
5105 | 126 i_assert(auth_stream_is_empty(request->extra_fields) || |
127 request->master_user != NULL); | |
3171
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
128 |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
129 str = t_str_new(64); |
4030
faf83f3e19b5
Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3666
diff
changeset
|
130 str_printfa(str, "PASSV\t%u\t", request->passdb->id); |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
131 str_append(str, request->mech_password); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
132 str_append_c(str, '\t'); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
133 auth_request_export(request, str); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
134 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
135 auth_worker_call(request, str_c(str), verify_plain_callback); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
136 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
137 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
138 static void |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
139 lookup_credentials_callback(struct auth_request *request, const char *reply) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
140 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
141 enum passdb_result result; |
4704
3bfd724bb37a
Fixes to handling blocking passdb (ie. MySQL) failures. It ignored any
Timo Sirainen <tss@iki.fi>
parents:
4692
diff
changeset
|
142 const char *password = NULL, *scheme = NULL; |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
143 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
144 result = check_failure(request, &reply); |
4704
3bfd724bb37a
Fixes to handling blocking passdb (ie. MySQL) failures. It ignored any
Timo Sirainen <tss@iki.fi>
parents:
4692
diff
changeset
|
145 if (result > 0) { |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
146 if (get_pass_reply(request, reply, &password, &scheme) < 0) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
147 result = PASSDB_RESULT_INTERNAL_FAILURE; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
148 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
149 |
3655
62fc6883faeb
Fixes and cleanups to credentials handling. Also fixed auth caching to work
Timo Sirainen <tss@iki.fi>
parents:
3635
diff
changeset
|
150 passdb_handle_credentials(result, password, scheme, |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
151 auth_request_lookup_credentials_callback, |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
152 request); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
153 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
154 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
155 void passdb_blocking_lookup_credentials(struct auth_request *request) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
156 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
157 string_t *str; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
158 |
5105 | 159 i_assert(auth_stream_is_empty(request->extra_fields) || |
160 request->master_user != NULL); | |
3171
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
161 |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
162 str = t_str_new(64); |
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
163 str_printfa(str, "PASSL\t%u\t%d\t", |
4030
faf83f3e19b5
Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3666
diff
changeset
|
164 request->passdb->id, request->credentials); |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
165 auth_request_export(request, str); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
166 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
167 auth_worker_call(request, str_c(str), lookup_credentials_callback); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
168 } |
4782
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
169 |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
170 static void |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
171 set_credentials_callback(struct auth_request *request, const char *reply) |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
172 { |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
173 enum passdb_result result = check_failure(request, &reply); |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
174 |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
175 request->private_callback.set_credentials(result, request); |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
176 } |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
177 |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
178 void passdb_blocking_set_credentials(struct auth_request *request, |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
179 const char *new_credentials) |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
180 { |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
181 string_t *str; |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
182 |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
183 str = t_str_new(64); |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
184 str_printfa(str, "SETCRED\t%u\t%s\t", |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
185 request->passdb->id, new_credentials); |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
186 auth_request_export(request, str); |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
187 |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
188 auth_worker_call(request, str_c(str), set_credentials_callback); |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4704
diff
changeset
|
189 } |