Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/passdb-blocking.c @ 3171:8a3b57385eca HEAD
Added state variable for auth_request and several assertions to make sure
the state is always valid. Fixed assert crash when a user having cached
passdb entry expired tried to authenticate.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 05 Mar 2005 13:48:13 +0200 |
parents | 62f8366cb89c |
children | 16ea551957ed |
rev | line source |
---|---|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1 /* Copyright (C) 2005 Timo Sirainen */ |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 #include "common.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #include "str.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 #include "auth-worker-server.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #include "password-scheme.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 #include "passdb.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "passdb-blocking.h" |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include <stdlib.h> |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 static enum passdb_result |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 check_failure(struct auth_request *request, const char **reply) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 /* OK / FAIL */ |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
16 if (strncmp(*reply, "OK\t", 3) == 0) { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
17 *reply += 3; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 return PASSDB_RESULT_OK; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
21 /* FAIL \t result */ |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 if (strncmp(*reply, "FAIL\t", 5) != 0) { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
23 auth_request_log_error(request, "blocking", |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
24 "Received unknown reply from worker: %s", *reply); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
25 return PASSDB_RESULT_INTERNAL_FAILURE; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
26 } else { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
27 return atoi(*reply + 5); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
28 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
29 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
30 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
31 static int get_pass_reply(struct auth_request *request, const char *reply, |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
32 const char **password_r, const char **scheme_r) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
33 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
34 const char *p; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
35 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
36 p = strchr(reply, '\t'); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
37 if (p == NULL) { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
38 *password_r = NULL; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
39 *scheme_r = NULL; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
40 return 0; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
41 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
42 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
43 *password_r = t_strdup_until(reply, p); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 reply = p + 1; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
45 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
46 if (**password_r == '\0') { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
47 *password_r = NULL; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
48 *scheme_r = NULL; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
49 } else { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
50 request->passdb_password = |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
51 p_strdup(request->pool, *password_r); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
52 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
53 *scheme_r = password_get_scheme(password_r); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
54 if (*scheme_r == NULL) { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
55 auth_request_log_error(request, "blocking", |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
56 "Received reply from worker without " |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
57 "password scheme"); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
58 return -1; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
59 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
60 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
61 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
62 if (*reply != '\0') { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
63 i_assert(request->extra_fields == NULL); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
64 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
65 request->extra_fields = str_new(request->pool, 128); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
66 str_append(request->extra_fields, reply); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
67 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
68 return 0; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
69 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
70 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
71 static void |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
72 verify_plain_callback(struct auth_request *request, const char *reply) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
73 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
74 enum passdb_result result; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
75 const char *password, *scheme; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
76 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
77 result = check_failure(request, &reply); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 if (result >= 0) { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
79 if (get_pass_reply(request, reply, &password, &scheme) < 0) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
80 result = PASSDB_RESULT_INTERNAL_FAILURE; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
81 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
82 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
83 auth_request_verify_plain_callback(result, request); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
84 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
85 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
86 void passdb_blocking_verify_plain(struct auth_request *request) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
87 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
88 string_t *str; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
89 |
3171
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
90 i_assert(request->extra_fields == NULL); |
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
91 |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
92 str = t_str_new(64); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
93 str_append(str, "PASSV\t"); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
94 str_append(str, request->mech_password); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
95 str_append_c(str, '\t'); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
96 auth_request_export(request, str); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
97 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
98 auth_worker_call(request, str_c(str), verify_plain_callback); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
99 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
100 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
101 static void |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
102 lookup_credentials_callback(struct auth_request *request, const char *reply) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
103 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
104 enum passdb_result result; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
105 const char *password, *scheme; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
106 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
107 result = check_failure(request, &reply); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
108 if (result >= 0) { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
109 if (get_pass_reply(request, reply, &password, &scheme) < 0) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
110 result = PASSDB_RESULT_INTERNAL_FAILURE; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
111 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
112 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
113 passdb_handle_credentials(result, request->credentials, |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
114 password, scheme, |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
115 auth_request_lookup_credentials_callback, |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
116 request); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
117 } |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
118 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
119 void passdb_blocking_lookup_credentials(struct auth_request *request) |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
120 { |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
121 string_t *str; |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
122 |
3171
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
123 i_assert(request->extra_fields == NULL); |
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
124 |
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
125 str = t_str_new(64); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
126 str_printfa(str, "PASSL\t%d\t", request->credentials); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
127 auth_request_export(request, str); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
128 |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
129 auth_worker_call(request, str_c(str), lookup_credentials_callback); |
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
130 } |