Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/passdb-passwd-file.c @ 2942:c7d426f8cb58 HEAD
Added name variable for userdb_module and passdb_module and changed their
initialization a bit.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Mon, 06 Dec 2004 18:39:02 +0200 |
| parents | 54b29901a793 |
| children | 052f3a5743af |
| rev | line source |
|---|---|
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1 /* Copyright (C) 2002-2003 Timo Sirainen */ |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 #include "config.h" |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #undef HAVE_CONFIG_H |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #ifdef PASSDB_PASSWD_FILE |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "common.h" |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 #include "passdb.h" |
|
1192
76321f65960d
Fix realm usage with DIGEST-MD5. Support generating other password schemes
Timo Sirainen <tss@iki.fi>
parents:
1191
diff
changeset
|
10 #include "password-scheme.h" |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
1046
diff
changeset
|
11 #include "db-passwd-file.h" |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 struct passwd_file *passdb_pwf = NULL; |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 |
|
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
15 static void |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
16 passwd_file_verify_plain(struct auth_request *request, const char *password, |
|
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
17 verify_plain_callback_t *callback) |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 { |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 struct passwd_user *pu; |
|
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
20 const char *scheme, *crypted_pass; |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
21 int ret; |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 |
|
2099
eac49325fa23
Logging changes. Make sure we don't write control characters to log and also
Timo Sirainen <tss@iki.fi>
parents:
1361
diff
changeset
|
23 pu = db_passwd_file_lookup(passdb_pwf, request); |
|
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
24 if (pu == NULL) { |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
25 callback(PASSDB_RESULT_USER_UNKNOWN, request); |
|
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
26 return; |
|
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
27 } |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
28 |
|
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
29 crypted_pass = pu->password; |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
30 scheme = password_get_scheme(&crypted_pass); |
|
1339
379509d0c196
default is CRYPT, not DES (which doesn't even exist)
Timo Sirainen <tss@iki.fi>
parents:
1192
diff
changeset
|
31 if (scheme == NULL) scheme = "CRYPT"; |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
32 |
|
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
33 ret = password_verify(password, crypted_pass, scheme, |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
34 request->user); |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
35 if (ret > 0) |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
36 callback(PASSDB_RESULT_OK, request); |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
37 else { |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
38 if (ret < 0) { |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
39 i_error("passwd-file(%s): Unknown password scheme %s", |
|
2099
eac49325fa23
Logging changes. Make sure we don't write control characters to log and also
Timo Sirainen <tss@iki.fi>
parents:
1361
diff
changeset
|
40 get_log_prefix(request), scheme); |
|
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
41 } else if (verbose) { |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
42 i_info("passwd-file(%s): %s password mismatch", |
|
2099
eac49325fa23
Logging changes. Make sure we don't write control characters to log and also
Timo Sirainen <tss@iki.fi>
parents:
1361
diff
changeset
|
43 get_log_prefix(request), scheme); |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 } |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
45 callback(PASSDB_RESULT_PASSWORD_MISMATCH, request); |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
46 } |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
47 } |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
48 |
|
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
49 static void |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
50 passwd_file_lookup_credentials(struct auth_request *request, |
|
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
51 enum passdb_credentials credentials, |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
52 lookup_credentials_callback_t *callback) |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
53 { |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
54 struct passwd_user *pu; |
|
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
55 const char *crypted_pass, *scheme; |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
56 |
|
2099
eac49325fa23
Logging changes. Make sure we don't write control characters to log and also
Timo Sirainen <tss@iki.fi>
parents:
1361
diff
changeset
|
57 pu = db_passwd_file_lookup(passdb_pwf, request); |
|
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
58 if (pu == NULL) { |
|
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
59 callback(NULL, request); |
|
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
60 return; |
|
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
61 } |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
62 |
|
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
63 crypted_pass = pu->password; |
|
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
64 scheme = password_get_scheme(&crypted_pass); |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
65 |
|
2798
54b29901a793
Added simple LRU cache for auth requests. Currently only for sql passdb.
Timo Sirainen <tss@iki.fi>
parents:
2648
diff
changeset
|
66 passdb_handle_credentials(credentials, crypted_pass, |
|
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
67 scheme, callback, request); |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
68 } |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
69 |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
70 static void passwd_file_init(const char *args) |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
71 { |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
72 if (userdb_pwf != NULL && strcmp(userdb_pwf->path, args) == 0) { |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
73 passdb_pwf = userdb_pwf; |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
74 passdb_pwf->refcount++; |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
75 } else { |
|
1361
dc2163fafa70
passwd-file fixes. passdb ignores now fields after password, so it can work
Timo Sirainen <tss@iki.fi>
parents:
1339
diff
changeset
|
76 passdb_pwf = db_passwd_file_parse(args, FALSE); |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
77 } |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 } |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
79 |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
80 static void passwd_file_deinit(void) |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
81 { |
|
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
1046
diff
changeset
|
82 db_passwd_file_unref(passdb_pwf); |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
83 } |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
84 |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
85 struct passdb_module passdb_passwd_file = { |
|
2942
c7d426f8cb58
Added name variable for userdb_module and passdb_module and changed their
Timo Sirainen <tss@iki.fi>
parents:
2798
diff
changeset
|
86 "passwd-file", |
|
c7d426f8cb58
Added name variable for userdb_module and passdb_module and changed their
Timo Sirainen <tss@iki.fi>
parents:
2798
diff
changeset
|
87 |
|
2648
cc2e39912eb3
Added preinit() call to userdb/passdbs, which is called before dropping
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
88 NULL, |
|
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
89 passwd_file_init, |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
90 passwd_file_deinit, |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
91 |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
92 passwd_file_verify_plain, |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
93 passwd_file_lookup_credentials |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
94 }; |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
95 |
|
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
96 #endif |