Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/passdb-blocking.c @ 4030:faf83f3e19b5 HEAD
Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.
| author | Timo Sirainen <timo.sirainen@movial.fi> |
|---|---|
| date | Mon, 20 Feb 2006 15:14:58 +0200 |
| parents | b381c9b899a2 |
| children | 7728291a7f52 |
| rev | line source |
|---|---|
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1 /* Copyright (C) 2005 Timo Sirainen */ |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 #include "common.h" |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #include "str.h" |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 #include "auth-worker-server.h" |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #include "password-scheme.h" |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 #include "passdb.h" |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "passdb-blocking.h" |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include <stdlib.h> |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 static enum passdb_result |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 check_failure(struct auth_request *request, const char **reply) |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 { |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
15 enum passdb_result ret; |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
16 const char *p; |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
17 |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 /* OK / FAIL */ |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 if (strncmp(*reply, "OK\t", 3) == 0) { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 *reply += 3; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
21 return PASSDB_RESULT_OK; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
23 |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
24 /* FAIL \t result \t password */ |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
25 if (strncmp(*reply, "FAIL\t", 5) == 0) { |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
26 *reply += 5; |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
27 ret = atoi(t_strcut(*reply, '\t')); |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
28 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
29 p = strchr(*reply, '\t'); |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
30 if (p == NULL) |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
31 *reply += strlen(*reply); |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
32 else |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
33 *reply = p + 1; |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
34 if (ret != PASSDB_RESULT_OK) |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
35 return ret; |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
36 |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
37 auth_request_log_error(request, "blocking", |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
38 "Received invalid FAIL result from worker: %d", ret); |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
39 return PASSDB_RESULT_INTERNAL_FAILURE; |
|
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
40 } else { |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
41 auth_request_log_error(request, "blocking", |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
42 "Received unknown reply from worker: %s", *reply); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
43 return PASSDB_RESULT_INTERNAL_FAILURE; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
45 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
46 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
47 static int get_pass_reply(struct auth_request *request, const char *reply, |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
48 const char **password_r, const char **scheme_r) |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
49 { |
|
3666
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
50 const char *p, *p2, **tmp; |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
51 |
|
3257
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
52 /* user \t {scheme}password [\t extra] */ |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
53 p = strchr(reply, '\t'); |
|
3257
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
54 p2 = p == NULL ? NULL : strchr(p + 1, '\t'); |
|
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
55 if (p2 == NULL) { |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
56 *password_r = NULL; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
57 *scheme_r = NULL; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
58 return 0; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
59 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
60 |
|
3257
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
61 /* username may have changed, update it */ |
|
3635
c12df370e1b2
Added ssl_username_from_cert setting. Not actually tested yet..
Timo Sirainen <tss@iki.fi>
parents:
3520
diff
changeset
|
62 auth_request_set_field(request, "user", t_strdup_until(reply, p), NULL); |
|
3257
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
63 |
|
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
64 *password_r = t_strdup_until(p + 1, p2); |
|
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3183
diff
changeset
|
65 reply = p2 + 1; |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
66 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
67 if (**password_r == '\0') { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
68 *password_r = NULL; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
69 *scheme_r = NULL; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
70 } else { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
71 request->passdb_password = |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
72 p_strdup(request->pool, *password_r); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
73 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
74 *scheme_r = password_get_scheme(password_r); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
75 if (*scheme_r == NULL) { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
76 auth_request_log_error(request, "blocking", |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
77 "Received reply from worker without " |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 "password scheme"); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
79 return -1; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
80 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
81 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
82 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
83 if (*reply != '\0') { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
84 i_assert(request->extra_fields == NULL); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
85 |
|
3666
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
86 for (tmp = t_strsplit(reply, "\t"); *tmp != NULL; tmp++) { |
|
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
87 p = strchr(*tmp, '='); |
|
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
88 if (p == NULL) |
|
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
89 p = ""; |
|
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
90 else { |
|
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
91 *tmp = t_strdup_until(*tmp, p); |
|
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
92 p++; |
|
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
93 } |
|
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
94 auth_request_set_field(request, *tmp, p, NULL); |
|
b381c9b899a2
Blocking passdb didn't set nologin/proxy/nodelay flags for the request.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
95 } |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
96 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
97 return 0; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
98 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
99 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
100 static void |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
101 verify_plain_callback(struct auth_request *request, const char *reply) |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
102 { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
103 enum passdb_result result; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
104 const char *password, *scheme; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
105 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
106 result = check_failure(request, &reply); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
107 if (result >= 0) { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
108 if (get_pass_reply(request, reply, &password, &scheme) < 0) |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
109 result = PASSDB_RESULT_INTERNAL_FAILURE; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
110 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
111 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
112 auth_request_verify_plain_callback(result, request); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
113 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
114 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
115 void passdb_blocking_verify_plain(struct auth_request *request) |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
116 { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
117 string_t *str; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
118 |
|
3171
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
119 i_assert(request->extra_fields == NULL); |
|
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
120 |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
121 str = t_str_new(64); |
|
4030
faf83f3e19b5
Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3666
diff
changeset
|
122 str_printfa(str, "PASSV\t%u\t", request->passdb->id); |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
123 str_append(str, request->mech_password); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
124 str_append_c(str, '\t'); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
125 auth_request_export(request, str); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
126 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
127 auth_worker_call(request, str_c(str), verify_plain_callback); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
128 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
129 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
130 static void |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
131 lookup_credentials_callback(struct auth_request *request, const char *reply) |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
132 { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
133 enum passdb_result result; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
134 const char *password, *scheme; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
135 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
136 result = check_failure(request, &reply); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
137 if (result >= 0) { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
138 if (get_pass_reply(request, reply, &password, &scheme) < 0) |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
139 result = PASSDB_RESULT_INTERNAL_FAILURE; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
140 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
141 |
|
3655
62fc6883faeb
Fixes and cleanups to credentials handling. Also fixed auth caching to work
Timo Sirainen <tss@iki.fi>
parents:
3635
diff
changeset
|
142 passdb_handle_credentials(result, password, scheme, |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
143 auth_request_lookup_credentials_callback, |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
144 request); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
145 } |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
146 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
147 void passdb_blocking_lookup_credentials(struct auth_request *request) |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
148 { |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
149 string_t *str; |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
150 |
|
3171
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
151 i_assert(request->extra_fields == NULL); |
|
8a3b57385eca
Added state variable for auth_request and several assertions to make sure
Timo Sirainen <tss@iki.fi>
parents:
3168
diff
changeset
|
152 |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
153 str = t_str_new(64); |
|
3183
16ea551957ed
Replaced userdb/passdb settings with blocks so it's possible to give
Timo Sirainen <tss@iki.fi>
parents:
3171
diff
changeset
|
154 str_printfa(str, "PASSL\t%u\t%d\t", |
|
4030
faf83f3e19b5
Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3666
diff
changeset
|
155 request->passdb->id, request->credentials); |
|
3168
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
156 auth_request_export(request, str); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
157 |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
158 auth_worker_call(request, str_c(str), lookup_credentials_callback); |
|
62f8366cb89c
Forgot to add for blocking passdb/userdb workers..
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
159 } |