dovecot/original-hg/dovecot-1.2: src/master/auth-process.c annotate

annotate src/master/auth-process.c @ 9259:ea2eed32d59e HEAD

cache file: If offset isn't 32bit aligned, assume it's corrupted.

author	Timo Sirainen <tss@iki.fi>
date	Sun, 26 Jul 2009 22:40:02 -0400
parents	774b0e8138bd
children	366a327b028b

rev	line source
8590 b9faf4db2a9f Updated copyright notices to include year 2009. Timo Sirainen <tss@iki.fi> parents: 8573 diff changeset	1 /* Copyright (c) 2002-2009 Dovecot authors, see the included COPYING file */
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	2
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	3 #include "common.h"
5843 f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses Timo Sirainen <tss@iki.fi> parents: 5706 diff changeset	4 #include "hash.h"
532 3b53dd1280c6 I/O buffers now use real blocking instead of setting up a sub-ioloop to Timo Sirainen <tss@iki.fi> parents: 410 diff changeset	5 #include "ioloop.h"
697 7814b29d0862 Created env_put() and env_clean() for a bit easier handling of environment Timo Sirainen <tss@iki.fi> parents: 683 diff changeset	6 #include "env-util.h"
727 8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the Timo Sirainen <tss@iki.fi> parents: 723 diff changeset	7 #include "fd-close-on-exec.h"
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	8 #include "unix-socket-create.h"
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	9 #include "network.h"
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	10 #include "istream.h"
764 f57c52738f90 Renamed IBuffer and OBuffer to IStream and OStream which describes their Timo Sirainen <tss@iki.fi> parents: 727 diff changeset	11 #include "ostream.h"
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	12 #include "str.h"
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	13 #include "restrict-access.h"
722 0438621d25ff Added virtual memory size limits to processes. Default values are pretty Timo Sirainen <tss@iki.fi> parents: 713 diff changeset	14 #include "restrict-process-size.h"
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	15 #include "auth-process.h"
5843 f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses Timo Sirainen <tss@iki.fi> parents: 5706 diff changeset	16 #include "child-process.h"
2776 150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	17 #include "../auth/auth-master-interface.h"
2000 c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	18 #include "log.h"
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	19
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	20 #include <stdlib.h>
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	21 #include <unistd.h>
8301 d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	22 #include <fcntl.h>
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	23 #include <pwd.h>
801 86224ff16bf6 Drop root privileges earlier. Close syslog more later in imap-master when Timo Sirainen <tss@iki.fi> parents: 791 diff changeset	24 #include <syslog.h>
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	25
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	26 #define MAX_INBUF_SIZE 8192
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	27 #define MAX_OUTBUF_SIZE 65536
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	28
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	29 struct auth_process_group {
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	30 struct auth_process_group *next;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	31
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	32 int listen_fd;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	33 struct auth_settings *set;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	34
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	35 unsigned int process_count;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	36 struct auth_process *processes;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	37 };
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	38
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	39 struct auth_process {
fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	40 struct auth_process *next;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	41
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	42 struct auth_process_group *group;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	43 pid_t pid;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	44 int fd;
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	45 struct io *io;
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	46 struct istream *input;
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	47 struct ostream *output;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	48
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	49 int worker_listen_fd;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	50 struct io *worker_io;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	51
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	52 struct hash_table *requests;
925 2e649dec0f09 Auth and login processes send an "we're ok" reply at the end of Timo Sirainen <tss@iki.fi> parents: 907 diff changeset	53
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	54 unsigned int external:1;
2791 b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	55 unsigned int version_received:1;
925 2e649dec0f09 Auth and login processes send an "we're ok" reply at the end of Timo Sirainen <tss@iki.fi> parents: 907 diff changeset	56 unsigned int initialized:1;
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	57 unsigned int in_auth_reply:1;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	58 };
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	59
5136 86625faa49b5 Start auth processes immediately at startup, not after one second delay. Timo Sirainen <tss@iki.fi> parents: 4907 diff changeset	60 bool have_initialized_auth_processes = FALSE;
86625faa49b5 Start auth processes immediately at startup, not after one second delay. Timo Sirainen <tss@iki.fi> parents: 4907 diff changeset	61
5843 f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses Timo Sirainen <tss@iki.fi> parents: 5706 diff changeset	62 static struct child_process auth_child_process =
8628 e85c7cb22ad7 If login process crashes, log the IP address that (maybe) caused it. Timo Sirainen <tss@iki.fi> parents: 8593 diff changeset	63 { MEMBER(type) PROCESS_TYPE_AUTH };
5843 f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses Timo Sirainen <tss@iki.fi> parents: 5706 diff changeset	64 static struct child_process auth_worker_child_process =
8628 e85c7cb22ad7 If login process crashes, log the IP address that (maybe) caused it. Timo Sirainen <tss@iki.fi> parents: 8593 diff changeset	65 { MEMBER(type) PROCESS_TYPE_AUTH_WORKER };
5843 f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses Timo Sirainen <tss@iki.fi> parents: 5706 diff changeset	66
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	67 static struct timeout *to;
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	68 static unsigned int auth_tag;
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	69 static struct auth_process_group *process_groups;
4148 f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	70 static bool auth_stalled = FALSE;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	71
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	72 static void auth_process_destroy(struct auth_process *p);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	73 static int create_auth_worker(struct auth_process *process, int fd);
4148 f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	74 static void auth_processes_start_missing(void *context);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	75
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	76 void auth_process_request(struct auth_process *process, unsigned int login_pid,
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	77 unsigned int login_id,
5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	78 struct login_auth_request *request)
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	79 {
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	80 string_t *str;
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	81 ssize_t ret;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	82
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	83 str = t_str_new(256);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	84 str_printfa(str, "REQUEST\t%u\t%u\t%u\n",
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	85 ++auth_tag, login_pid, login_id);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	86
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	87 ret = o_stream_send(process->output, str_data(str), str_len(str));
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	88 if (ret != (ssize_t)str_len(str)) {
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	89 if (ret >= 0) {
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	90 /* FIXME: well .. I'm not sure if it'd be better to
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	91 just block here. I don't think this condition should
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	92 happen often, so this could mean that the auth
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	93 process is stuck. Or that the computer is just
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	94 too heavily loaded. Possibility to block infinitely
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	95 is annoying though, so for now don't do it. */
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	96 i_warning("Auth process %s transmit buffer full, "
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	97 "killing..", dec2str(process->pid));
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	98 }
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	99 auth_process_destroy(process);
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	100 } else {
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	101 hash_table_insert(process->requests,
f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	102 POINTER_CAST(auth_tag), request);
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	103 }
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	104 }
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	105
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3853 diff changeset	106 static bool
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	107 auth_process_input_user(struct auth_process process, const char args)
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	108 {
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	109 struct login_auth_request *request;
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	110 const char const list;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	111 unsigned int id;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	112
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	113 /* <id> <userid> [..] */
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	114
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	115 list = t_strsplit(args, "\t");
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	116 if (list[0] == NULL \|\| list[1] == NULL) {
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	117 i_error("BUG: Auth process %s sent corrupted USER line",
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	118 dec2str(process->pid));
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	119 return FALSE;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	120 }
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	121 id = (unsigned int)strtoul(list[0], NULL, 10);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	122
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	123 request = hash_table_lookup(process->requests, POINTER_CAST(id));
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	124 if (request == NULL) {
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	125 i_error("BUG: Auth process %s sent unrequested reply with ID "
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	126 "%u", dec2str(process->pid), id);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	127 return FALSE;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	128 }
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	129
8301 d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	130 if (!auth_success_written) {
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	131 int fd;
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	132
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	133 fd = creat(AUTH_SUCCESS_PATH, 0666);
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	134 if (fd == -1)
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	135 i_error("creat(%s) failed: %m", AUTH_SUCCESS_PATH);
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	136 else
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	137 (void)close(fd);
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	138 auth_success_written = TRUE;
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	139 }
d46579bb7a3c Print a help message about authentication at startup until the first successful authentication. Timo Sirainen <tss@iki.fi> parents: 8095 diff changeset	140
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	141 auth_master_callback(list[1], list + 2, request);
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	142 hash_table_remove(process->requests, POINTER_CAST(id));
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	143 return TRUE;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	144 }
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	145
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3853 diff changeset	146 static bool
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	147 auth_process_input_notfound(struct auth_process process, const char args)
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	148 {
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	149 struct login_auth_request *request;
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	150 unsigned int id;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	151
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	152 id = (unsigned int)strtoul(args, NULL, 10);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	153
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	154 request = hash_table_lookup(process->requests, POINTER_CAST(id));
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	155 if (request == NULL) {
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	156 i_error("BUG: Auth process %s sent unrequested reply with ID "
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	157 "%u", dec2str(process->pid), id);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	158 return FALSE;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	159 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	160
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	161 auth_master_callback(NULL, NULL, request);
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	162 hash_table_remove(process->requests, POINTER_CAST(id));
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	163 return TRUE;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	164 }
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	165
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3853 diff changeset	166 static bool
2791 b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	167 auth_process_input_spid(struct auth_process process, const char args)
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	168 {
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	169 unsigned int pid;
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	170
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	171 if (process->initialized) {
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	172 i_error("BUG: Authentication server re-handshaking");
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	173 return FALSE;
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	174 }
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	175
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	176 pid = (unsigned int)strtoul(args, NULL, 10);
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	177 if (pid == 0) {
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	178 i_error("BUG: Authentication server said it's PID 0");
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	179 return FALSE;
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	180 }
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	181
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	182 if (process->pid != 0 && process->pid != (pid_t)pid) {
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	183 i_error("BUG: Authentication server sent invalid SPID "
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	184 "(%u != %s)", pid, dec2str(process->pid));
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	185 return FALSE;
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	186 }
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	187
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	188 process->pid = pid;
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	189 process->initialized = TRUE;
5136 86625faa49b5 Start auth processes immediately at startup, not after one second delay. Timo Sirainen <tss@iki.fi> parents: 4907 diff changeset	190
86625faa49b5 Start auth processes immediately at startup, not after one second delay. Timo Sirainen <tss@iki.fi> parents: 4907 diff changeset	191 have_initialized_auth_processes = TRUE;
2791 b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	192 return TRUE;
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	193 }
b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	194
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3853 diff changeset	195 static bool
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	196 auth_process_input_fail(struct auth_process process, const char args)
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	197 {
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	198 struct login_auth_request *request;
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	199 const char *error;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	200 unsigned int id;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	201
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	202 error = strchr(args, '\t');
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	203 if (error != NULL)
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	204 error++;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	205
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	206 id = (unsigned int)strtoul(args, NULL, 10);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	207
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	208 request = hash_table_lookup(process->requests, POINTER_CAST(id));
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	209 if (request == NULL) {
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	210 i_error("BUG: Auth process %s sent unrequested reply with ID "
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	211 "%u", dec2str(process->pid), id);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	212 return FALSE;
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	213 }
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	214
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	215 auth_master_callback(NULL, NULL, request);
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	216 hash_table_remove(process->requests, POINTER_CAST(id));
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	217 return TRUE;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	218 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	219
6940 414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	220 static bool
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	221 auth_process_input_line(struct auth_process process, const char line)
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	222 {
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	223 if (strncmp(line, "USER\t", 5) == 0)
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	224 return auth_process_input_user(process, line + 5);
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	225 else if (strncmp(line, "NOTFOUND\t", 9) == 0)
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	226 return auth_process_input_notfound(process, line + 9);
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	227 else if (strncmp(line, "FAIL\t", 5) == 0)
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	228 return auth_process_input_fail(process, line + 5);
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	229 else if (strncmp(line, "SPID\t", 5) == 0)
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	230 return auth_process_input_spid(process, line + 5);
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	231 else
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	232 return TRUE;
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	233 }
414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	234
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	235 static void auth_process_input(struct auth_process *process)
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	236 {
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	237 const char *line;
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3853 diff changeset	238 bool ret;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	239
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	240 switch (i_stream_read(process->input)) {
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	241 case 0:
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	242 return;
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	243 case -1:
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	244 /* disconnected */
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	245 auth_process_destroy(process);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	246 return;
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	247 case -2:
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	248 /* buffer full */
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	249 i_error("BUG: Auth process %s sent us more than %d "
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	250 "bytes of data", dec2str(process->pid),
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	251 (int)MAX_INBUF_SIZE);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	252 auth_process_destroy(process);
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	253 return;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	254 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	255
2791 b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	256 if (!process->version_received) {
2776 150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	257 line = i_stream_next_line(process->input);
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	258 if (line == NULL)
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	259 return;
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	260
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	261 /* make sure the major version matches */
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	262 if (strncmp(line, "VERSION\t", 8) != 0 \|\|
2809 0b1bef51f207 Separate major/minor version with TAB instead of dot in VERSION. Timo Sirainen <tss@iki.fi> parents: 2798 diff changeset	263 atoi(t_strcut(line + 8, '\t')) !=
2776 150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	264 AUTH_MASTER_PROTOCOL_MAJOR_VERSION) {
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	265 i_error("Auth process %s not compatible with master "
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	266 "process (mixed old and new binaries?)",
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	267 dec2str(process->pid));
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	268 auth_process_destroy(process);
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	269 return;
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	270 }
2791 b12e61e55c01 Put SPID back, it's needed for standalone dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2778 diff changeset	271 process->version_received = TRUE;
2776 150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	272 }
150f8151c971 Added VERSION command and checking to authentication protocol. Timo Sirainen <tss@iki.fi> parents: 2752 diff changeset	273
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	274 while ((line = i_stream_next_line(process->input)) != NULL) {
7226 e6693a0ec8e1 Renamed T_FRAME_BEGIN/END to T_BEGIN/END. Removed T_FRAME() macro and Timo Sirainen <tss@iki.fi> parents: 7109 diff changeset	275 T_BEGIN {
6940 414c9d631a81 Replaced t_push/t_pop calls with T_FRAME() macros. Timo Sirainen <tss@iki.fi>* parents: 6542 diff changeset	276 ret = auth_process_input_line(process, line);
7226 e6693a0ec8e1 Renamed T_FRAME_BEGIN/END to T_BEGIN/END. Removed T_FRAME() macro and Timo Sirainen <tss@iki.fi> parents: 7109 diff changeset	277 } T_END;
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	278 if (!ret) {
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2717 diff changeset	279 auth_process_destroy(process);
1131 817718515e5f Auth process communication was a bit broken Timo Sirainen <tss@iki.fi> parents: 1124 diff changeset	280 break;
817718515e5f Auth process communication was a bit broken Timo Sirainen <tss@iki.fi> parents: 1124 diff changeset	281 }
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	282 }
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	283 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	284
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4472 diff changeset	285 static void auth_worker_input(struct auth_process *p)
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	286 {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	287 int fd;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	288
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	289 fd = net_accept(p->worker_listen_fd, NULL, NULL);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	290 if (fd < 0) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	291 if (fd == -2)
5358 a977ad033903 net_listen_unix() API changed a bit. -1 is now returned for errors that can Timo Sirainen <tss@iki.fi> parents: 5137 diff changeset	292 i_error("accept(worker) failed: %m");
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	293 return;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	294 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	295
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	296 net_set_nonblock(fd, TRUE);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	297 fd_close_on_exec(fd, TRUE);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	298
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	299 create_auth_worker(p, fd);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	300 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	301
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	302 static struct auth_process *
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	303 auth_process_new(pid_t pid, int fd, struct auth_process_group *group)
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	304 {
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	305 struct auth_process *p;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	306 const char path, handshake;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	307
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	308 if (pid != 0)
5843 f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses Timo Sirainen <tss@iki.fi> parents: 5706 diff changeset	309 child_process_add(pid, &auth_child_process);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	310
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	311 p = i_new(struct auth_process, 1);
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	312 p->group = group;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	313 p->pid = pid;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	314 p->fd = fd;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	315 p->io = io_add(fd, IO_READ, auth_process_input, p);
6162 896cc473c1f0 Renamed i_stream_create_file() to i_stream_create_fd(). Timo Sirainen <tss@iki.fi> parents: 6161 diff changeset	316 p->input = i_stream_create_fd(fd, MAX_INBUF_SIZE, FALSE);
6161 c62f7ee79446 Split o_stream_create_file() to _create_fd() and _create_fd_file(). Timo Sirainen <tss@iki.fi> parents: 6142 diff changeset	317 p->output = o_stream_create_fd(fd, MAX_OUTBUF_SIZE, FALSE);
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	318 p->requests = hash_table_create(default_pool, default_pool, 0,
f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	319 NULL, NULL);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	320
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	321 group->process_count++;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	322
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	323 path = t_strdup_printf("%s/auth-worker.%s",
4388 af61031c746f Settings parser nowadays returns "" instead of NULL when it reads an empty Timo Sirainen <tss@iki.fi> parents: 4168 diff changeset	324 *group->set->chroot != '\0' ?
af61031c746f Settings parser nowadays returns "" instead of NULL when it reads an empty Timo Sirainen <tss@iki.fi> parents: 4168 diff changeset	325 group->set->chroot :
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	326 group->set->parent->defaults->base_dir,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	327 dec2str(pid));
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	328 p->worker_listen_fd =
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	329 unix_socket_create(path, 0600, group->set->uid,
8593 3cccf56e802a Increase listen queues to handle high loads better. Timo Sirainen <tss@iki.fi> parents: 8590 diff changeset	330 group->set->gid, 128);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	331 if (p->worker_listen_fd == -1)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	332 i_fatal("Couldn't create auth worker listener");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	333
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	334 net_set_nonblock(p->worker_listen_fd, TRUE);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	335 fd_close_on_exec(p->worker_listen_fd, TRUE);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	336 p->worker_io = io_add(p->worker_listen_fd, IO_READ,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	337 auth_worker_input, p);
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	338
2809 0b1bef51f207 Separate major/minor version with TAB instead of dot in VERSION. Timo Sirainen <tss@iki.fi> parents: 2798 diff changeset	339 handshake = t_strdup_printf("VERSION\t%u\t%u\n",
2778 b85e7c414f06 We didn't send VERSION handshake to auth process. Timo Sirainen <tss@iki.fi> parents: 2776 diff changeset	340 AUTH_MASTER_PROTOCOL_MAJOR_VERSION,
b85e7c414f06 We didn't send VERSION handshake to auth process. Timo Sirainen <tss@iki.fi> parents: 2776 diff changeset	341 AUTH_MASTER_PROTOCOL_MINOR_VERSION);
b85e7c414f06 We didn't send VERSION handshake to auth process. Timo Sirainen <tss@iki.fi> parents: 2776 diff changeset	342 (void)o_stream_send_str(p->output, handshake);
b85e7c414f06 We didn't send VERSION handshake to auth process. Timo Sirainen <tss@iki.fi> parents: 2776 diff changeset	343
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	344 p->next = group->processes;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	345 group->processes = p;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	346 return p;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	347 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	348
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	349 static void auth_process_destroy(struct auth_process *p)
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	350 {
1897 1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1724 diff changeset	351 struct hash_iterate_context *iter;
1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1724 diff changeset	352 void key, value;
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	353 struct auth_process **pos;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	354 const char *path;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	355
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	356 if (!p->initialized && io_loop_is_running(ioloop) && !p->external) {
7227 d64b898066a9 If auth process dies too early, kill ourself with i_fatal() so the log Timo Sirainen <tss@iki.fi> parents: 7226 diff changeset	357 /* log the process exit and kill ourself */
8735 f8fdabb30c0a master: Don't crash if auth process dies too early. Timo Sirainen <tss@iki.fi> parents: 8628 diff changeset	358 child_processes_flush();
7471 e7e3d6ffb0c1 If auth process dies at startup, deinitialize logs properly so that any Timo Sirainen <tss@iki.fi> parents: 7341 diff changeset	359 log_deinit();
7227 d64b898066a9 If auth process dies too early, kill ourself with i_fatal() so the log Timo Sirainen <tss@iki.fi> parents: 7226 diff changeset	360 i_fatal("Auth process died too early - shutting down");
1000 0fbafade2d85 If auth/login process died unexpectedly, the exit status or killing signal Timo Sirainen <tss@iki.fi> parents: 998 diff changeset	361 }
925 2e649dec0f09 Auth and login processes send an "we're ok" reply at the end of Timo Sirainen <tss@iki.fi> parents: 907 diff changeset	362
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	363 for (pos = &p->group->processes; pos != NULL; pos = &(pos)->next) {
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	364 if (*pos == p) {
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	365 *pos = p->next;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	366 break;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	367 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	368 }
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	369 p->group->process_count--;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	370
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	371 path = t_strdup_printf("%s/auth-worker.%s",
4388 af61031c746f Settings parser nowadays returns "" instead of NULL when it reads an empty Timo Sirainen <tss@iki.fi> parents: 4168 diff changeset	372 *p->group->set->chroot != '\0' ?
3361 5cb55f703d9b Make auth worker processes work with chroot enabled. Timo Sirainen <tss@iki.fi> parents: 3197 diff changeset	373 p->group->set->chroot :
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	374 p->group->set->parent->defaults->base_dir,
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	375 dec2str(p->pid));
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	376 (void)unlink(path);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	377
3960 aeb424e64f24 Call io_remove() before closing the fd. It's required by kqueue. Timo Sirainen <tss@iki.fi> parents: 3918 diff changeset	378 io_remove(&p->worker_io);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	379 if (close(p->worker_listen_fd) < 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	380 i_error("close(worker_listen) failed: %m");
2969 cad3a8913d4a If login_process_per_connection=no, create a separate listener socket for Timo Sirainen <tss@iki.fi> parents: 2886 diff changeset	381
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	382 iter = hash_table_iterate_init(p->requests);
f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	383 while (hash_table_iterate(iter, &key, &value))
1897 1e6ed8045f2b Changed hash_foreach() to iterator. Timo Sirainen <tss@iki.fi> parents: 1724 diff changeset	384 auth_master_callback(NULL, NULL, value);
8573 f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	385 hash_table_iterate_deinit(&iter);
f9166a09423a Renamed hash_() to hash_table_() to avoid conflicts with OSX's strhash.h Timo Sirainen <tss@iki.fi> parents: 8560 diff changeset	386 hash_table_destroy(&p->requests);
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	387
4070 71b8faa84ec6 Added i_stream_destroy() and o_stream_destroy() and used them instead of Timo Sirainen <tss@iki.fi> parents: 4030 diff changeset	388 i_stream_destroy(&p->input);
71b8faa84ec6 Added i_stream_destroy() and o_stream_destroy() and used them instead of Timo Sirainen <tss@iki.fi> parents: 4030 diff changeset	389 o_stream_destroy(&p->output);
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	390 io_remove(&p->io);
805 5ac361acb316 Marked all non-trivial buffer modifications with @UNSAFE tag. Several Timo Sirainen <tss@iki.fi> parents: 801 diff changeset	391 if (close(p->fd) < 0)
5ac361acb316 Marked all non-trivial buffer modifications with @UNSAFE tag. Several Timo Sirainen <tss@iki.fi> parents: 801 diff changeset	392 i_error("close(auth) failed: %m");
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	393 i_free(p);
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	394 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	395
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	396 static void
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	397 socket_settings_env_put(const char env_base, struct socket_settings set)
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	398 {
5706 afc4e8a7354a Master and client sockets have default paths now. Section name only needs to Timo Sirainen <tss@iki.fi> parents: 5439 diff changeset	399 if (!set->used)
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	400 return;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	401
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	402 env_put(t_strdup_printf("%s=%s", env_base, set->path));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	403 if (set->mode != 0)
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	404 env_put(t_strdup_printf("%s_MODE=%o", env_base, set->mode));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	405 if (*set->user != '\0')
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	406 env_put(t_strdup_printf("%s_USER=%s", env_base, set->user));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	407 if (*set->group != '\0')
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	408 env_put(t_strdup_printf("%s_GROUP=%s", env_base, set->group));
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	409 }
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	410
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	411 static int connect_auth_socket(struct auth_process_group *group,
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	412 const char *path)
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	413 {
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	414 struct auth_process *auth;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	415 int fd;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	416
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	417 fd = net_connect_unix(path);
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	418 if (fd == -1) {
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	419 i_error("net_connect_unix(%s) failed: %m", path);
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	420 return -1;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	421 }
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	422
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	423 net_set_nonblock(fd, TRUE);
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	424 fd_close_on_exec(fd, TRUE);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	425 auth = auth_process_new(0, fd, group);
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	426 auth->external = TRUE;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	427 return 0;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	428 }
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	429
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	430 static void auth_set_environment(struct auth_settings *set)
2969 cad3a8913d4a If login_process_per_connection=no, create a separate listener socket for Timo Sirainen <tss@iki.fi> parents: 2886 diff changeset	431 {
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	432 struct auth_socket_settings *as;
3183 16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	433 struct auth_passdb_settings *ap;
16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	434 struct auth_userdb_settings *au;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	435 const char *str;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	436 int i;
2969 cad3a8913d4a If login_process_per_connection=no, create a separate listener socket for Timo Sirainen <tss@iki.fi> parents: 2886 diff changeset	437
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	438 /* setup access environment */
7341 af998ae4254b Replaced mail_extra_groups setting with mail_privileged_group and Timo Sirainen <tss@iki.fi> parents: 7227 diff changeset	439 restrict_access_set_env(set->user, set->uid, set->gid,
af998ae4254b Replaced mail_extra_groups setting with mail_privileged_group and Timo Sirainen <tss@iki.fi> parents: 7227 diff changeset	440 (gid_t)-1, set->chroot, 0, 0, NULL);
2969 cad3a8913d4a If login_process_per_connection=no, create a separate listener socket for Timo Sirainen <tss@iki.fi> parents: 2886 diff changeset	441
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	442 /* set other environment */
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	443 env_put("DOVECOT_MASTER=1");
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	444 env_put(t_strconcat("AUTH_NAME=", set->name, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	445 env_put(t_strconcat("MECHANISMS=", set->mechanisms, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	446 env_put(t_strconcat("REALMS=", set->realms, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	447 env_put(t_strconcat("DEFAULT_REALM=", set->default_realm, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	448 env_put(t_strconcat("USERNAME_CHARS=", set->username_chars, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	449 env_put(t_strconcat("ANONYMOUS_USERNAME=",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	450 set->anonymous_username, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	451 env_put(t_strconcat("USERNAME_TRANSLATION=",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	452 set->username_translation, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	453 env_put(t_strconcat("USERNAME_FORMAT=", set->username_format, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	454 env_put(t_strconcat("MASTER_USER_SEPARATOR=",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	455 set->master_user_separator, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	456 env_put(t_strdup_printf("CACHE_SIZE=%u", set->cache_size));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	457 env_put(t_strdup_printf("CACHE_TTL=%u", set->cache_ttl));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	458 env_put(t_strdup_printf("CACHE_NEGATIVE_TTL=%u",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	459 set->cache_negative_ttl));
2969 cad3a8913d4a If login_process_per_connection=no, create a separate listener socket for Timo Sirainen <tss@iki.fi> parents: 2886 diff changeset	460
3183 16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	461 for (ap = set->passdbs, i = 1; ap != NULL; ap = ap->next, i++) {
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	462 env_put(t_strdup_printf("PASSDB_%u_DRIVER=%s", i, ap->driver));
3197 b6faacb023a0 Don't give NULL parameters to printf's %s format. Fixes crash with Solaris Timo Sirainen <tss@iki.fi> parents: 3183 diff changeset	463 if (ap->args != NULL) {
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	464 env_put(t_strdup_printf("PASSDB_%u_ARGS=%s",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	465 i, ap->args));
3197 b6faacb023a0 Don't give NULL parameters to printf's %s format. Fixes crash with Solaris Timo Sirainen <tss@iki.fi> parents: 3183 diff changeset	466 }
3609 ea2266d0a07f Added deny password databases. Timo Sirainen <tss@iki.fi> parents: 3361 diff changeset	467 if (ap->deny)
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	468 env_put(t_strdup_printf("PASSDB_%u_DENY=1", i));
4104 77e10f1d2cb2 Removed master_no_passdb setting. Added pass setting which can be used to do Timo Sirainen <tss@iki.fi> parents: 4070 diff changeset	469 if (ap->pass)
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	470 env_put(t_strdup_printf("PASSDB_%u_PASS=1", i));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	471 if (ap->master)
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	472 env_put(t_strdup_printf("PASSDB_%u_MASTER=1", i));
3183 16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	473 }
16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	474 for (au = set->userdbs, i = 1; au != NULL; au = au->next, i++) {
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	475 env_put(t_strdup_printf("USERDB_%u_DRIVER=%s", i, au->driver));
3197 b6faacb023a0 Don't give NULL parameters to printf's %s format. Fixes crash with Solaris Timo Sirainen <tss@iki.fi> parents: 3183 diff changeset	476 if (au->args != NULL) {
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	477 env_put(t_strdup_printf("USERDB_%u_ARGS=%s",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	478 i, au->args));
3197 b6faacb023a0 Don't give NULL parameters to printf's %s format. Fixes crash with Solaris Timo Sirainen <tss@iki.fi> parents: 3183 diff changeset	479 }
3183 16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	480 }
16ea551957ed Replaced userdb/passdb settings with blocks so it's possible to give Timo Sirainen <tss@iki.fi> parents: 3166 diff changeset	481
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	482 for (as = set->sockets, i = 1; as != NULL; as = as->next, i++) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	483 if (strcmp(as->type, "listen") != 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	484 continue;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	485
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	486 str = t_strdup_printf("AUTH_%u", i);
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	487 socket_settings_env_put(str, &as->client);
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	488 socket_settings_env_put(t_strconcat(str, "_MASTER", NULL),
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	489 &as->master);
2969 cad3a8913d4a If login_process_per_connection=no, create a separate listener socket for Timo Sirainen <tss@iki.fi> parents: 2886 diff changeset	490 }
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	491
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	492 if (set->verbose)
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	493 env_put("VERBOSE=1");
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	494 if (set->debug)
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	495 env_put("VERBOSE_DEBUG=1");
3918 40a461d554e6 Added auth_debug_passwords setting. If it's not enabled, hide all password Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	496 if (set->debug_passwords)
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	497 env_put("VERBOSE_DEBUG_PASSWORDS=1");
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	498 if (set->ssl_require_client_cert)
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	499 env_put("SSL_REQUIRE_CLIENT_CERT=1");
3635 c12df370e1b2 Added ssl_username_from_cert setting. Not actually tested yet.. Timo Sirainen <tss@iki.fi> parents: 3609 diff changeset	500 if (set->ssl_username_from_cert)
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	501 env_put("SSL_USERNAME_FROM_CERT=1");
8095 1f948670f274 Renamed auth_ntlm_use_winbind to auth_use_winbind, Timo Sirainen <tss@iki.fi> parents: 8068 diff changeset	502 if (set->use_winbind)
1f948670f274 Renamed auth_ntlm_use_winbind to auth_use_winbind, Timo Sirainen <tss@iki.fi> parents: 8068 diff changeset	503 env_put("USE_WINBIND=1");
4388 af61031c746f Settings parser nowadays returns "" instead of NULL when it reads an empty Timo Sirainen <tss@iki.fi> parents: 4168 diff changeset	504 if (*set->krb5_keytab != '\0') {
8068 9569038e0816 gssapi: Make auth_krb5_keytab work by calling _register_acceptor_identity() Timo Sirainen <tss@iki.fi> parents: 7471 diff changeset	505 /* Environment may be used by Kerberos 5 library directly,
9569038e0816 gssapi: Make auth_krb5_keytab work by calling _register_acceptor_identity() Timo Sirainen <tss@iki.fi> parents: 7471 diff changeset	506 although we also try to use it directly as well */
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	507 env_put(t_strconcat("KRB5_KTNAME=", set->krb5_keytab, NULL));
3773 faca306e691a Added comment Timo Sirainen <tss@iki.fi> parents: 3683 diff changeset	508 }
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	509 if (*set->gssapi_hostname != '\0') {
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	510 env_put(t_strconcat("GSSAPI_HOSTNAME=",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	511 set->gssapi_hostname, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	512 }
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	513 env_put(t_strconcat("WINBIND_HELPER_PATH=",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	514 set->winbind_helper_path, NULL));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	515 env_put(t_strdup_printf("FAILURE_DELAY=%u", set->failure_delay));
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	516
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	517 restrict_process_size(set->process_size, (unsigned int)-1);
2969 cad3a8913d4a If login_process_per_connection=no, create a separate listener socket for Timo Sirainen <tss@iki.fi> parents: 2886 diff changeset	518 }
cad3a8913d4a If login_process_per_connection=no, create a separate listener socket for Timo Sirainen <tss@iki.fi> parents: 2886 diff changeset	519
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	520 static int create_auth_process(struct auth_process_group *group)
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	521 {
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	522 struct auth_socket_settings *as;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	523 const char prefix, executable;
2046 6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	524 struct log_io *log;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	525 pid_t pid;
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	526 int fd[2], log_fd, i;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	527
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	528 /* see if this is a connect socket */
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	529 as = group->set->sockets;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	530 if (as != NULL && strcmp(as->type, "connect") == 0)
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	531 return connect_auth_socket(group, as->master.path);
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	532
727 8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the Timo Sirainen <tss@iki.fi> parents: 723 diff changeset	533 /* create communication to process with a socket pair */
2000 c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	534 if (socketpair(AF_UNIX, SOCK_STREAM, 0, fd) < 0) {
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	535 i_error("socketpair() failed: %m");
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	536 return -1;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	537 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	538
3083 a20882c4f092 Disable log throttlong for auth process, and for login processes if Timo Sirainen <tss@iki.fi> parents: 3079 diff changeset	539 log_fd = log_create_pipe(&log, 0);
2000 c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	540 if (log_fd < 0)
c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	541 pid = -1;
c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	542 else {
c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	543 pid = fork();
c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	544 if (pid < 0)
c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	545 i_error("fork() failed: %m");
c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	546 }
c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	547
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	548 if (pid < 0) {
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	549 (void)close(fd[0]);
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	550 (void)close(fd[1]);
2000 c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	551 (void)close(log_fd);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	552 return -1;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	553 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	554
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	555 if (pid != 0) {
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	556 /* master */
2046 6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	557 prefix = t_strdup_printf("auth(%s): ", group->set->name);
6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	558 log_set_prefix(log, prefix);
6542 402d14b5ef8b If child process logged a fatal failure, don't show "returned error 89" Timo Sirainen <tss@iki.fi> parents: 6429 diff changeset	559 log_set_pid(log, pid);
2046 6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	560
1273 2cf2e08a6ee9 Somewhat working code to support loading Dovecot from inetd and such. It Timo Sirainen <tss@iki.fi> parents: 1268 diff changeset	561 net_set_nonblock(fd[0], TRUE);
727 8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the Timo Sirainen <tss@iki.fi> parents: 723 diff changeset	562 fd_close_on_exec(fd[0], TRUE);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	563 auth_process_new(pid, fd[0], group);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	564 (void)close(fd[1]);
2000 c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	565 (void)close(log_fd);
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	566 return 0;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	567 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	568
2046 6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	569 prefix = t_strdup_printf("master-auth(%s): ", group->set->name);
6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	570 log_set_prefix(log, prefix);
6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	571
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	572 /* move master communication handle to 0 */
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	573 if (dup2(fd[1], 0) < 0)
2046 6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	574 i_fatal("dup2(stdin) failed: %m");
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	575
682 735d59fda607 Close old fds before dup2()ing to fd 3, so we don't close it accidentally. Timo Sirainen <tss@iki.fi> parents: 670 diff changeset	576 (void)close(fd[0]);
735d59fda607 Close old fds before dup2()ing to fd 3, so we don't close it accidentally. Timo Sirainen <tss@iki.fi> parents: 670 diff changeset	577 (void)close(fd[1]);
735d59fda607 Close old fds before dup2()ing to fd 3, so we don't close it accidentally. Timo Sirainen <tss@iki.fi> parents: 670 diff changeset	578
8881 774b0e8138bd Call closelog() before dup2()ing fds. Timo Sirainen <tss@iki.fi> parents: 8735 diff changeset	579 /* make sure we don't leak syslog fd. try to do it as late as possible,
774b0e8138bd Call closelog() before dup2()ing fds. Timo Sirainen <tss@iki.fi> parents: 8735 diff changeset	580 but also before dup2()s in case syslog fd is one of them. */
774b0e8138bd Call closelog() before dup2()ing fds. Timo Sirainen <tss@iki.fi> parents: 8735 diff changeset	581 closelog();
774b0e8138bd Call closelog() before dup2()ing fds. Timo Sirainen <tss@iki.fi> parents: 8735 diff changeset	582
2000 c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	583 /* set stdout to /dev/null, so anything written into it gets ignored. */
670 e5f32324af3c Moved login listener handle to fd 3 from 1 (stdout), because vpopmail could Timo Sirainen <tss@iki.fi> parents: 635 diff changeset	584 if (dup2(null_fd, 1) < 0)
2046 6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	585 i_fatal("dup2(stdout) failed: %m");
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	586
2000 c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	587 if (dup2(log_fd, 2) < 0)
2046 6ae973f60f43 logging cleanups. Timo Sirainen <tss@iki.fi> parents: 2027 diff changeset	588 i_fatal("dup2(stderr) failed: %m");
2000 c7c19f5071c3 Write all logging through master process. Fixes problems with log rotation, Timo Sirainen <tss@iki.fi> parents: 1897 diff changeset	589
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	590 child_process_init_env();
683 63acdd7a4f83 Still not correct order with dup2()ing. Timo Sirainen <tss@iki.fi> parents: 682 diff changeset	591
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	592 if (group->listen_fd != 3) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	593 if (dup2(group->listen_fd, 3) < 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	594 i_fatal("dup2() failed: %m");
683 63acdd7a4f83 Still not correct order with dup2()ing. Timo Sirainen <tss@iki.fi> parents: 682 diff changeset	595 }
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	596 fd_close_on_exec(3, FALSE);
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	597
3079 b76fed3280be Don't send balancer listener fd to auth workers. Timo Sirainen <tss@iki.fi> parents: 3077 diff changeset	598 for (i = 0; i <= 2; i++)
727 8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the Timo Sirainen <tss@iki.fi> parents: 723 diff changeset	599 fd_close_on_exec(i, FALSE);
8dd8ebe6bcac We use close-on-exec flag now to make sure that master process closes the Timo Sirainen <tss@iki.fi> parents: 723 diff changeset	600
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	601 auth_set_environment(group->set);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	602
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	603 env_put(t_strdup_printf("AUTH_WORKER_PATH=%s/auth-worker.%s",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	604 *group->set->chroot != '\0' ? "" :
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	605 group->set->parent->defaults->base_dir,
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	606 dec2str(getpid())));
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	607 env_put(t_strdup_printf("AUTH_WORKER_MAX_COUNT=%u",
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	608 group->set->worker_max_count));
722 0438621d25ff Added virtual memory size limits to processes. Default values are pretty Timo Sirainen <tss@iki.fi> parents: 713 diff changeset	609
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	610 executable = group->set->executable;
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	611 client_process_exec(executable, "");
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	612 i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	613 return -1;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	614 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	615
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	616 static int create_auth_worker(struct auth_process *process, int fd)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	617 {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	618 struct log_io *log;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	619 const char prefix, executable;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	620 pid_t pid;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	621 int log_fd, i;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	622
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	623 log_fd = log_create_pipe(&log, 0);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	624 if (log_fd < 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	625 pid = -1;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	626 else {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	627 pid = fork();
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	628 if (pid < 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	629 i_error("fork() failed: %m");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	630 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	631
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	632 if (pid < 0) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	633 (void)close(log_fd);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	634 return -1;
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	635 }
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	636
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	637 if (pid != 0) {
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	638 /* master */
5843 f655c4d4a419 Moved child process handling to child-process.[ch]. The hash table now uses Timo Sirainen <tss@iki.fi> parents: 5706 diff changeset	639 child_process_add(pid, &auth_worker_child_process);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	640 prefix = t_strdup_printf("auth-worker(%s): ",
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	641 process->group->set->name);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	642 log_set_prefix(log, prefix);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	643 (void)close(fd);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	644 (void)close(log_fd);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	645 return 0;
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	646 }
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	647
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	648 prefix = t_strdup_printf("master-auth-worker(%s): ",
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	649 process->group->set->name);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	650 log_set_prefix(log, prefix);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	651
8881 774b0e8138bd Call closelog() before dup2()ing fds. Timo Sirainen <tss@iki.fi> parents: 8735 diff changeset	652 /* make sure we don't leak syslog fd. try to do it as late as possible,
774b0e8138bd Call closelog() before dup2()ing fds. Timo Sirainen <tss@iki.fi> parents: 8735 diff changeset	653 but also before dup2()s in case syslog fd is one of them. */
774b0e8138bd Call closelog() before dup2()ing fds. Timo Sirainen <tss@iki.fi> parents: 8735 diff changeset	654 closelog();
774b0e8138bd Call closelog() before dup2()ing fds. Timo Sirainen <tss@iki.fi> parents: 8735 diff changeset	655
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	656 /* set stdin and stdout to /dev/null, so anything written into it
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	657 gets ignored. */
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	658 if (dup2(null_fd, 0) < 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	659 i_fatal("dup2(stdin) failed: %m");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	660 if (dup2(null_fd, 1) < 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	661 i_fatal("dup2(stdout) failed: %m");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	662
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	663 if (dup2(log_fd, 2) < 0)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	664 i_fatal("dup2(stderr) failed: %m");
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	665
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	666 if (dup2(fd, 4) < 0)
3853 b3e18b51c205 Start dict server automatically when a client tries to connect to it. Timo Sirainen <tss@iki.fi> parents: 3773 diff changeset	667 i_fatal("dup2(4) failed: %m");
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	668
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	669 for (i = 0; i <= 2; i++)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	670 fd_close_on_exec(i, FALSE);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	671 fd_close_on_exec(4, FALSE);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	672
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	673 child_process_init_env();
e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	674 auth_set_environment(process->group->set);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	675
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	676 executable = t_strconcat(process->group->set->executable, " -w", NULL);
7109 e6823d781317 Reverted "environment array" changes. It broke overriding imap/pop3 settings Timo Sirainen <tss@iki.fi> parents: 7095 diff changeset	677 client_process_exec(executable, "");
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	678 i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	679 return -1;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	680 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	681
1035 fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others Timo Sirainen <tss@iki.fi> parents: 1000 diff changeset	682 struct auth_process *auth_process_find(unsigned int pid)
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	683 {
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	684 struct auth_process_group *group;
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	685 struct auth_process *p;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	686
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	687 for (group = process_groups; group != NULL; group = group->next) {
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	688 for (p = group->processes; p != NULL; p = p->next) {
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	689 if ((unsigned int)p->pid == pid)
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	690 return p;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	691 }
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	692 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	693
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	694 return NULL;
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	695 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	696
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	697 static void auth_process_group_create(struct auth_settings *auth_set)
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	698 {
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	699 struct auth_process_group *group;
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	700 const char *path;
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	701
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	702 group = i_new(struct auth_process_group, 1);
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	703 group->set = auth_set;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	704
2236 43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	705 group->next = process_groups;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	706 process_groups = group;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	707
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	708 if (auth_set->sockets != NULL &&
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	709 strcmp(auth_set->sockets->type, "connect") == 0)
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	710 return;
43b82a35888d Dovecot can now connect to externally running dovecot-auth. Timo Sirainen <tss@iki.fi> parents: 2230 diff changeset	711
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	712 path = t_strconcat(auth_set->parent->defaults->login_dir, "/",
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	713 auth_set->name, NULL);
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	714 group->listen_fd = unix_socket_create(path, 0660, master_uid,
8593 3cccf56e802a Increase listen queues to handle high loads better. Timo Sirainen <tss@iki.fi> parents: 8590 diff changeset	715 auth_set->parent->login_gid, 128);
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	716 if (group->listen_fd == -1)
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	717 i_fatal("Couldn't create auth process listener");
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	718
3166 e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	719 net_set_nonblock(group->listen_fd, TRUE);
e6a487d80288 Restructuring of auth code. Balancer auth processes were a bad idea. Usually Timo Sirainen <tss@iki.fi> parents: 3083 diff changeset	720 fd_close_on_exec(group->listen_fd, TRUE);
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	721 }
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	722
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	723 static void auth_process_group_destroy(struct auth_process_group *group)
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	724 {
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	725 struct auth_process *next;
2969 cad3a8913d4a If login_process_per_connection=no, create a separate listener socket for Timo Sirainen <tss@iki.fi> parents: 2886 diff changeset	726 const char *path;
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	727
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	728 while (group->processes != NULL) {
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	729 next = group->processes->next;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	730 auth_process_destroy(group->processes);
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	731 group->processes = next;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	732 }
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	733
3077 eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	734 path = t_strconcat(group->set->parent->defaults->login_dir, "/",
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	735 group->set->name, NULL);
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	736 (void)unlink(path);
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	737
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	738 if (close(group->listen_fd) < 0)
eb46a5dee02d Changed the way multiple auth processes are handled. It no longer uses a pid Timo Sirainen <tss@iki.fi> parents: 3075 diff changeset	739 i_error("close(%s) failed: %m", path);
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	740 i_free(group);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	741 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	742
635 90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but Timo Sirainen <tss@iki.fi> parents: 532 diff changeset	743 void auth_processes_destroy_all(void)
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but Timo Sirainen <tss@iki.fi> parents: 532 diff changeset	744 {
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	745 struct auth_process_group *next;
635 90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but Timo Sirainen <tss@iki.fi> parents: 532 diff changeset	746
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	747 while (process_groups != NULL) {
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	748 next = process_groups->next;
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	749 auth_process_group_destroy(process_groups);
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	750 process_groups = next;
635 90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but Timo Sirainen <tss@iki.fi> parents: 532 diff changeset	751 }
5137 89aec9ce88bc Do the delayed login process starting also after SIGHUPing. Timo Sirainen <tss@iki.fi> parents: 5136 diff changeset	752
89aec9ce88bc Do the delayed login process starting also after SIGHUPing. Timo Sirainen <tss@iki.fi> parents: 5136 diff changeset	753 have_initialized_auth_processes = FALSE;
635 90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but Timo Sirainen <tss@iki.fi> parents: 532 diff changeset	754 }
90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but Timo Sirainen <tss@iki.fi> parents: 532 diff changeset	755
1610 6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	756 static void auth_process_groups_create(struct server_settings *server)
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	757 {
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	758 struct auth_settings *auth_set;
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	759
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	760 while (server != NULL) {
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	761 auth_set = server->auths;
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	762 for (; auth_set != NULL; auth_set = auth_set->next)
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	763 auth_process_group_create(auth_set);
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	764
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	765 server = server->next;
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	766 }
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	767 }
6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	768
4148 f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	769 static void auth_processes_stall(void)
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	770 {
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	771 if (auth_stalled)
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	772 return;
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	773
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	774 i_error("Temporary failure in creating authentication processes, "
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	775 "slowing down for now");
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	776 auth_stalled = TRUE;
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	777
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	778 timeout_remove(&to);
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	779 to = timeout_add(60*1000, auth_processes_start_missing, NULL);
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	780 }
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	781
903 fd8888f6f037 Naming style changes, finally got tired of most of the typedefs. Also the Timo Sirainen <tss@iki.fi> parents: 810 diff changeset	782 static void
6411 6a64e64fa3a3 Renamed __attr___ to ATTR_. Renamed __attrs_used__ to ATTRS_DEFINED. Timo Sirainen <tss@iki.fi> parents: 6217 diff changeset	783 auth_processes_start_missing(void *context ATTR_UNUSED)
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	784 {
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	785 struct auth_process_group *group;
810 30f6811f4952 Instead of just trusting randomness of authentication cookies between Timo Sirainen <tss@iki.fi> parents: 807 diff changeset	786 unsigned int count;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	787
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	788 if (process_groups == NULL) {
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	789 /* first time here, create the groups */
1610 6850142c4e25 New configuration file code. Some syntax changes, but tries to be somewhat Timo Sirainen <tss@iki.fi> parents: 1506 diff changeset	790 auth_process_groups_create(settings_root);
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	791 }
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	792
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	793 for (group = process_groups; group != NULL; group = group->next) {
6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	794 count = group->process_count;
4148 f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	795 for (; count < group->set->count; count++) {
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	796 if (create_auth_process(group) < 0) {
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	797 auth_processes_stall();
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	798 return;
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	799 }
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	800 }
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	801 }
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	802
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	803 if (auth_stalled) {
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	804 /* processes were created successfully */
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	805 i_info("Created authentication processes successfully, "
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	806 "unstalling");
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	807
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	808 auth_stalled = FALSE;
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	809 timeout_remove(&to);
f60d73c96618 If master process runs out of file descriptors, try to handle it more nicely Timo Sirainen <tss@iki.fi> parents: 4108 diff changeset	810 to = timeout_add(1000, auth_processes_start_missing, NULL);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	811 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	812 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	813
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	814 void auth_processes_init(void)
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	815 {
1144 6970c1d808ab Creating more than one auth process per group didn't really work. Timo Sirainen <tss@iki.fi> parents: 1133 diff changeset	816 process_groups = NULL;
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	817 to = timeout_add(1000, auth_processes_start_missing, NULL);
5136 86625faa49b5 Start auth processes immediately at startup, not after one second delay. Timo Sirainen <tss@iki.fi> parents: 4907 diff changeset	818
86625faa49b5 Start auth processes immediately at startup, not after one second delay. Timo Sirainen <tss@iki.fi> parents: 4907 diff changeset	819 auth_processes_start_missing(NULL);
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	820 }
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	821
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	822 void auth_processes_deinit(void)
3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	823 {
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	824 timeout_remove(&to);
635 90a65c017bf0 SIGHUP reloads now settings. Logged in clients are left untouched, but Timo Sirainen <tss@iki.fi> parents: 532 diff changeset	825 auth_processes_destroy_all();
0 3b1985cbc908 Initial revision Timo Sirainen <tss@iki.fi> parents: diff changeset	826 }

Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/master/auth-process.c @ 9259:ea2eed32d59e HEAD