Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/auth-client-connection.c @ 9008:fc4f65a4ca60 HEAD
virtual: Don't show mailboxes as \Noselect.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Fri, 01 May 2009 14:56:52 -0400 |
| parents | b9faf4db2a9f |
| children | 00cd9aacd03c |
| rev | line source |
|---|---|
|
8590
b9faf4db2a9f
Updated copyright notices to include year 2009.
Timo Sirainen <tss@iki.fi>
parents:
7388
diff
changeset
|
1 /* Copyright (c) 2002-2009 Dovecot authors, see the included COPYING file */ |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 #include "common.h" |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #include "ioloop.h" |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 #include "istream.h" |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #include "ostream.h" |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 #include "network.h" |
|
3470
346a494c2feb
Moved array declaration to array-decl.h and include it in lib.h. So array.h
Timo Sirainen <tss@iki.fi>
parents:
3308
diff
changeset
|
8 #include "array.h" |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
9 #include "str.h" |
|
5558
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
10 #include "str-sanitize.h" |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 #include "safe-memset.h" |
|
7388
08d31d752893
Use auth-stream API to build all TAB-delimited strings to make sure strings
Timo Sirainen <tss@iki.fi>
parents:
7226
diff
changeset
|
12 #include "auth-stream.h" |
| 3074 | 13 #include "auth-request-handler.h" |
| 14 #include "auth-client-interface.h" | |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 #include "auth-client-connection.h" |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
16 #include "auth-master-listener.h" |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
17 #include "auth-master-connection.h" |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 #include <stdlib.h> |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 |
| 3074 | 21 #define OUTBUF_THROTTLE_SIZE (1024*50) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
23 static void auth_client_connection_unref(struct auth_client_connection **_conn); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
24 |
|
4907
5b4c9b20eba0
Replaced void *context from a lot of callbacks with the actual context
Timo Sirainen <tss@iki.fi>
parents:
4463
diff
changeset
|
25 static void auth_client_input(struct auth_client_connection *conn); |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
26 |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
27 static const char *reply_line_hide_pass(const char *line) |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
28 { |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
29 const char *p, *p2; |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
30 |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
31 /* hide proxy reply password */ |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
32 p = strstr(line, "\tpass="); |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
33 if (p == NULL) |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
34 return line; |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
35 p += 6; |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
36 |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
37 p2 = strchr(p, '\t'); |
|
4463
193f524562ca
Moved the <hidden> string into a macro. Hide the password also from LDAP
Timo Sirainen <tss@iki.fi>
parents:
4256
diff
changeset
|
38 return t_strconcat(t_strdup_until(line, p), PASSWORD_HIDDEN_STR, |
|
193f524562ca
Moved the <hidden> string into a macro. Hide the password also from LDAP
Timo Sirainen <tss@iki.fi>
parents:
4256
diff
changeset
|
39 p2, NULL); |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
40 } |
| 3074 | 41 |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
42 static void auth_client_send(struct auth_client_connection *conn, |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
43 const char *cmd) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 { |
| 6935 | 45 struct const_iovec iov[2]; |
|
3158
8849f2e380d1
userdb can now return extra parameters to master. Removed special handling
Timo Sirainen <tss@iki.fi>
parents:
3077
diff
changeset
|
46 |
| 6935 | 47 iov[0].iov_base = cmd; |
| 48 iov[0].iov_len = strlen(cmd); | |
| 49 iov[1].iov_base = "\n"; | |
| 50 iov[1].iov_len = 1; | |
| 51 (void)o_stream_sendv(conn->output, iov, 2); | |
| 3074 | 52 |
| 53 if (o_stream_get_buffer_used_size(conn->output) >= | |
| 54 OUTBUF_THROTTLE_SIZE) { | |
| 55 /* stop reading new requests until client has read the pending | |
| 56 replies. */ | |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
57 if (conn->io != NULL) |
|
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
58 io_remove(&conn->io); |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
59 } |
| 6935 | 60 |
| 61 if (conn->auth->verbose_debug) { | |
| 62 i_info("client out: %s", conn->auth->verbose_debug_passwords ? | |
| 63 cmd : reply_line_hide_pass(cmd)); | |
| 64 } | |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
65 } |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
66 |
|
7388
08d31d752893
Use auth-stream API to build all TAB-delimited strings to make sure strings
Timo Sirainen <tss@iki.fi>
parents:
7226
diff
changeset
|
67 static void auth_callback(struct auth_stream_reply *reply, |
|
4907
5b4c9b20eba0
Replaced void *context from a lot of callbacks with the actual context
Timo Sirainen <tss@iki.fi>
parents:
4463
diff
changeset
|
68 struct auth_client_connection *conn) |
|
3062
5e2e4cdbfe2e
Added "passdb" userdb. It works only if passdb gives all the information
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
69 { |
| 3074 | 70 if (reply == NULL) { |
| 71 /* handler destroyed */ | |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
72 auth_client_connection_unref(&conn); |
| 3074 | 73 return; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
74 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
75 |
|
7388
08d31d752893
Use auth-stream API to build all TAB-delimited strings to make sure strings
Timo Sirainen <tss@iki.fi>
parents:
7226
diff
changeset
|
76 auth_client_send(conn, auth_stream_reply_export(reply)); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
77 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 |
|
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3518
diff
changeset
|
79 static bool |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
80 auth_client_input_cpid(struct auth_client_connection *conn, const char *args) |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
81 { |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
82 struct auth_client_connection *old; |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
83 unsigned int pid; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
84 |
| 3074 | 85 i_assert(conn->pid == 0); |
| 2718 | 86 |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
87 pid = (unsigned int)strtoul(args, NULL, 10); |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
88 if (pid == 0) { |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
89 i_error("BUG: Authentication client said it's PID 0"); |
| 2718 | 90 return FALSE; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
91 } |
| 2718 | 92 |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
93 old = auth_client_connection_lookup(conn->listener, pid); |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
94 if (old != NULL) { |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
95 /* already exists. it's possible that it just reconnected, |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
96 see if the old connection is still there. */ |
| 3074 | 97 i_assert(old != conn); |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
98 if (i_stream_read(old->input) == -1) { |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
99 auth_client_connection_destroy(&old); |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
100 old = NULL; |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
101 } |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
102 } |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
103 |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
104 if (old != NULL) { |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
105 i_error("BUG: Authentication client gave a PID " |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
106 "%u of existing connection", pid); |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
107 return FALSE; |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
108 } |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
109 |
| 3074 | 110 /* handshake complete, we can now actually start serving requests */ |
| 111 conn->refcount++; | |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
112 conn->request_handler = |
| 3518 | 113 auth_request_handler_create(conn->auth, |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
114 auth_callback, conn, |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
115 array_count(&conn->listener->masters) != 0 ? |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
116 auth_master_request_callback : NULL); |
|
3077
eb46a5dee02d
Changed the way multiple auth processes are handled. It no longer uses a pid
Timo Sirainen <tss@iki.fi>
parents:
3074
diff
changeset
|
117 auth_request_handler_set(conn->request_handler, conn->connect_uid, pid); |
|
eb46a5dee02d
Changed the way multiple auth processes are handled. It no longer uses a pid
Timo Sirainen <tss@iki.fi>
parents:
3074
diff
changeset
|
118 |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
119 conn->pid = pid; |
|
6627
7124f607fb1b
auth_debug: Log new auth connections and their PIDs.
Timo Sirainen <tss@iki.fi>
parents:
6429
diff
changeset
|
120 if (conn->auth->verbose_debug) |
|
7124f607fb1b
auth_debug: Log new auth connections and their PIDs.
Timo Sirainen <tss@iki.fi>
parents:
6429
diff
changeset
|
121 i_info("new auth connection: pid=%u", conn->pid); |
| 2718 | 122 return TRUE; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
123 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
124 |
|
4907
5b4c9b20eba0
Replaced void *context from a lot of callbacks with the actual context
Timo Sirainen <tss@iki.fi>
parents:
4463
diff
changeset
|
125 static int auth_client_output(struct auth_client_connection *conn) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
126 { |
| 3074 | 127 if (o_stream_flush(conn->output) < 0) { |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
128 auth_client_connection_destroy(&conn); |
| 3074 | 129 return 1; |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
130 } |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
131 |
| 3074 | 132 if (o_stream_get_buffer_used_size(conn->output) <= |
| 133 OUTBUF_THROTTLE_SIZE/3 && conn->io == NULL) { | |
| 134 /* allow input again */ | |
| 135 conn->io = io_add(conn->fd, IO_READ, auth_client_input, conn); | |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
136 } |
| 3074 | 137 return 1; |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
138 } |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
139 |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
140 static const char *auth_line_hide_pass(const char *line) |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
141 { |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
142 const char *p, *p2; |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
143 |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
144 p = strstr(line, "\tresp="); |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
145 if (p == NULL) |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
146 return line; |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
147 p += 6; |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
148 |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
149 p2 = strchr(p, '\t'); |
|
4463
193f524562ca
Moved the <hidden> string into a macro. Hide the password also from LDAP
Timo Sirainen <tss@iki.fi>
parents:
4256
diff
changeset
|
150 return t_strconcat(t_strdup_until(line, p), PASSWORD_HIDDEN_STR, |
|
193f524562ca
Moved the <hidden> string into a macro. Hide the password also from LDAP
Timo Sirainen <tss@iki.fi>
parents:
4256
diff
changeset
|
151 p2, NULL); |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
152 } |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
153 |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
154 static const char *cont_line_hide_pass(const char *line) |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
155 { |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
156 const char *p; |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
157 |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
158 p = strchr(line, '\t'); |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
159 if (p == NULL) |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
160 return line; |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
161 |
|
4463
193f524562ca
Moved the <hidden> string into a macro. Hide the password also from LDAP
Timo Sirainen <tss@iki.fi>
parents:
4256
diff
changeset
|
162 return t_strconcat(t_strdup_until(line, p), PASSWORD_HIDDEN_STR, NULL); |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
163 } |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
164 |
|
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3518
diff
changeset
|
165 static bool |
| 3074 | 166 auth_client_handle_line(struct auth_client_connection *conn, const char *line) |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
167 { |
| 3074 | 168 if (strncmp(line, "AUTH\t", 5) == 0) { |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
169 if (conn->auth->verbose_debug) { |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
170 i_info("client in: %s", |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
171 conn->auth->verbose_debug_passwords ? line : |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
172 auth_line_hide_pass(line)); |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
173 } |
| 3074 | 174 return auth_request_handler_auth_begin(conn->request_handler, |
| 175 line + 5); | |
| 176 } | |
| 177 if (strncmp(line, "CONT\t", 5) == 0) { | |
|
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
178 if (conn->auth->verbose_debug) { |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
179 i_info("client in: %s", |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
180 conn->auth->verbose_debug_passwords ? line : |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
181 cont_line_hide_pass(line)); |
|
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
182 } |
| 3074 | 183 return auth_request_handler_auth_continue(conn->request_handler, |
| 184 line + 5); | |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
185 } |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
186 |
|
5558
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
187 i_error("BUG: Authentication client sent unknown command: %s", |
|
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
188 str_sanitize(line, 80)); |
|
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
189 return FALSE; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
190 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
191 |
|
4907
5b4c9b20eba0
Replaced void *context from a lot of callbacks with the actual context
Timo Sirainen <tss@iki.fi>
parents:
4463
diff
changeset
|
192 static void auth_client_input(struct auth_client_connection *conn) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
193 { |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
194 char *line; |
|
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3518
diff
changeset
|
195 bool ret; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
196 |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
197 switch (i_stream_read(conn->input)) { |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
198 case 0: |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
199 return; |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
200 case -1: |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
201 /* disconnected */ |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
202 auth_client_connection_destroy(&conn); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
203 return; |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
204 case -2: |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
205 /* buffer full */ |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
206 i_error("BUG: Auth client %u sent us more than %d bytes", |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
207 conn->pid, (int)AUTH_CLIENT_MAX_LINE_LENGTH); |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
208 auth_client_connection_destroy(&conn); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
209 return; |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
210 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
211 |
| 3074 | 212 while (conn->request_handler == NULL) { |
| 213 /* still handshaking */ | |
|
2776
150f8151c971
Added VERSION command and checking to authentication protocol.
Timo Sirainen <tss@iki.fi>
parents:
2772
diff
changeset
|
214 line = i_stream_next_line(conn->input); |
|
150f8151c971
Added VERSION command and checking to authentication protocol.
Timo Sirainen <tss@iki.fi>
parents:
2772
diff
changeset
|
215 if (line == NULL) |
|
150f8151c971
Added VERSION command and checking to authentication protocol.
Timo Sirainen <tss@iki.fi>
parents:
2772
diff
changeset
|
216 return; |
|
150f8151c971
Added VERSION command and checking to authentication protocol.
Timo Sirainen <tss@iki.fi>
parents:
2772
diff
changeset
|
217 |
| 3074 | 218 if (!conn->version_received) { |
| 219 /* make sure the major version matches */ | |
| 220 if (strncmp(line, "VERSION\t", 8) != 0 || | |
| 221 atoi(t_strcut(line + 8, '\t')) != | |
| 222 AUTH_CLIENT_PROTOCOL_MAJOR_VERSION) { | |
| 223 i_error("Authentication client " | |
| 224 "not compatible with this server " | |
| 225 "(mixed old and new binaries?)"); | |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
226 auth_client_connection_destroy(&conn); |
| 3074 | 227 return; |
| 228 } | |
| 229 conn->version_received = TRUE; | |
| 230 continue; | |
|
2776
150f8151c971
Added VERSION command and checking to authentication protocol.
Timo Sirainen <tss@iki.fi>
parents:
2772
diff
changeset
|
231 } |
| 3074 | 232 |
| 233 if (strncmp(line, "CPID\t", 5) == 0) { | |
| 234 if (!auth_client_input_cpid(conn, line + 5)) { | |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
235 auth_client_connection_destroy(&conn); |
| 3074 | 236 return; |
| 237 } | |
|
5558
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
238 } else { |
|
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
239 i_error("BUG: Authentication client sent " |
|
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
240 "unknown handshake command: %s", |
|
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
241 str_sanitize(line, 80)); |
|
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
242 auth_client_connection_destroy(&conn); |
|
5c31d0c83258
Log an error and disconnect with unknown commands.
Timo Sirainen <tss@iki.fi>
parents:
4907
diff
changeset
|
243 return; |
| 3074 | 244 } |
|
2776
150f8151c971
Added VERSION command and checking to authentication protocol.
Timo Sirainen <tss@iki.fi>
parents:
2772
diff
changeset
|
245 } |
|
150f8151c971
Added VERSION command and checking to authentication protocol.
Timo Sirainen <tss@iki.fi>
parents:
2772
diff
changeset
|
246 |
| 3074 | 247 conn->refcount++; |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
248 while ((line = i_stream_next_line(conn->input)) != NULL) { |
|
7226
e6693a0ec8e1
Renamed T_FRAME_BEGIN/END to T_BEGIN/END. Removed T_FRAME() macro and
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
249 T_BEGIN { |
|
6940
414c9d631a81
Replaced t_push/t_pop calls with T_FRAME*() macros.
Timo Sirainen <tss@iki.fi>
parents:
6935
diff
changeset
|
250 ret = auth_client_handle_line(conn, line); |
|
414c9d631a81
Replaced t_push/t_pop calls with T_FRAME*() macros.
Timo Sirainen <tss@iki.fi>
parents:
6935
diff
changeset
|
251 safe_memset(line, 0, strlen(line)); |
|
7226
e6693a0ec8e1
Renamed T_FRAME_BEGIN/END to T_BEGIN/END. Removed T_FRAME() macro and
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
252 } T_END; |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
253 |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
254 if (!ret) { |
|
4256
cfe9e58be252
If authentication client does something bad, don't crash the whole process
Timo Sirainen <tss@iki.fi>
parents:
3922
diff
changeset
|
255 struct auth_client_connection *tmp_conn = conn; |
|
cfe9e58be252
If authentication client does something bad, don't crash the whole process
Timo Sirainen <tss@iki.fi>
parents:
3922
diff
changeset
|
256 auth_client_connection_destroy(&tmp_conn); |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
257 break; |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
258 } |
| 2718 | 259 } |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
260 auth_client_connection_unref(&conn); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
261 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
262 |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
263 struct auth_client_connection * |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
264 auth_client_connection_create(struct auth_master_listener *listener, int fd) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
265 { |
|
2267
d2e186f716d8
Added APOP authentication for POP3. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2077
diff
changeset
|
266 static unsigned int connect_uid_counter = 0; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
267 struct auth_client_connection *conn; |
|
2421
d141e1bfdd63
We never do blocking reads/writes to network anymore. Changed imap and pop3
Timo Sirainen <tss@iki.fi>
parents:
2267
diff
changeset
|
268 struct const_iovec iov[2]; |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
269 string_t *str; |
|
2267
d2e186f716d8
Added APOP authentication for POP3. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2077
diff
changeset
|
270 |
| 3074 | 271 conn = i_new(struct auth_client_connection, 1); |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
272 conn->auth = listener->auth; |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
273 conn->listener = listener; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
274 conn->refcount = 1; |
|
2267
d2e186f716d8
Added APOP authentication for POP3. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2077
diff
changeset
|
275 conn->connect_uid = ++connect_uid_counter; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
276 |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
277 conn->fd = fd; |
|
6162
896cc473c1f0
Renamed i_stream_create_file() to i_stream_create_fd().
Timo Sirainen <tss@iki.fi>
parents:
6161
diff
changeset
|
278 conn->input = i_stream_create_fd(fd, AUTH_CLIENT_MAX_LINE_LENGTH, |
|
896cc473c1f0
Renamed i_stream_create_file() to i_stream_create_fd().
Timo Sirainen <tss@iki.fi>
parents:
6161
diff
changeset
|
279 FALSE); |
|
6161
c62f7ee79446
Split o_stream_create_file() to _create_fd() and _create_fd_file().
Timo Sirainen <tss@iki.fi>
parents:
6142
diff
changeset
|
280 conn->output = o_stream_create_fd(fd, (size_t)-1, FALSE); |
| 3074 | 281 o_stream_set_flush_callback(conn->output, auth_client_output, conn); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
282 conn->io = io_add(fd, IO_READ, auth_client_input, conn); |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
283 |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
284 array_append(&listener->clients, &conn, 1); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
285 |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
286 str = t_str_new(128); |
|
2809
0b1bef51f207
Separate major/minor version with TAB instead of dot in VERSION.
Timo Sirainen <tss@iki.fi>
parents:
2782
diff
changeset
|
287 str_printfa(str, "VERSION\t%u\t%u\nSPID\t%u\nCUID\t%u\nDONE\n", |
|
2776
150f8151c971
Added VERSION command and checking to authentication protocol.
Timo Sirainen <tss@iki.fi>
parents:
2772
diff
changeset
|
288 AUTH_CLIENT_PROTOCOL_MAJOR_VERSION, |
|
150f8151c971
Added VERSION command and checking to authentication protocol.
Timo Sirainen <tss@iki.fi>
parents:
2772
diff
changeset
|
289 AUTH_CLIENT_PROTOCOL_MINOR_VERSION, |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
290 listener->pid, conn->connect_uid); |
|
2267
d2e186f716d8
Added APOP authentication for POP3. Patch by Andrey Panin.
Timo Sirainen <tss@iki.fi>
parents:
2077
diff
changeset
|
291 |
|
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
292 iov[0].iov_base = str_data(conn->auth->mech_handshake); |
|
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
293 iov[0].iov_len = str_len(conn->auth->mech_handshake); |
|
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
294 iov[1].iov_base = str_data(str); |
|
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2718
diff
changeset
|
295 iov[1].iov_len = str_len(str); |
|
2421
d141e1bfdd63
We never do blocking reads/writes to network anymore. Changed imap and pop3
Timo Sirainen <tss@iki.fi>
parents:
2267
diff
changeset
|
296 |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
297 if (o_stream_sendv(conn->output, iov, 2) < 0) |
|
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
298 auth_client_connection_destroy(&conn); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
299 |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
300 return conn; |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
301 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
302 |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
303 void auth_client_connection_destroy(struct auth_client_connection **_conn) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
304 { |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
305 struct auth_client_connection *conn = *_conn; |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
306 struct auth_client_connection *const *clients; |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
307 unsigned int i, count; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
308 |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
309 *_conn = NULL; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
310 if (conn->fd == -1) |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
311 return; |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
312 |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
313 clients = array_get(&conn->listener->clients, &count); |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
314 for (i = 0; i < count; i++) { |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
315 if (clients[i] == conn) { |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
316 array_delete(&conn->listener->clients, i, 1); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
317 break; |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
318 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
319 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
320 |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
321 i_stream_close(conn->input); |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
322 o_stream_close(conn->output); |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
323 |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
324 if (conn->io != NULL) |
|
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
325 io_remove(&conn->io); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
326 |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
327 net_disconnect(conn->fd); |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
328 conn->fd = -1; |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
329 |
| 3074 | 330 if (conn->request_handler != NULL) |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
331 auth_request_handler_unref(&conn->request_handler); |
| 3074 | 332 |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
333 auth_client_connection_unref(&conn); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
334 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
335 |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
336 static void auth_client_connection_unref(struct auth_client_connection **_conn) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
337 { |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
338 struct auth_client_connection *conn = *_conn; |
|
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
339 |
|
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
340 *_conn = NULL; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
341 if (--conn->refcount > 0) |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
342 return; |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
343 |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
344 i_stream_unref(&conn->input); |
|
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
345 o_stream_unref(&conn->output); |
| 3074 | 346 i_free(conn); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
347 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
348 |
| 3074 | 349 struct auth_client_connection * |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
350 auth_client_connection_lookup(struct auth_master_listener *listener, |
| 3074 | 351 unsigned int pid) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
352 { |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
353 struct auth_client_connection *const *clients; |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
354 unsigned int i, count; |
|
1897
1e6ed8045f2b
Changed hash_foreach() to iterator.
Timo Sirainen <tss@iki.fi>
parents:
1713
diff
changeset
|
355 |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
356 clients = array_get(&listener->clients, &count); |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
357 for (i = 0; i < count; i++) { |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
358 if (clients[i]->pid == pid) |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
359 return clients[i]; |
|
2777
dc309a440bbe
If auth client sends broken input and we disconnect it, wait for a while
Timo Sirainen <tss@iki.fi>
parents:
2776
diff
changeset
|
360 } |
|
dc309a440bbe
If auth client sends broken input and we disconnect it, wait for a while
Timo Sirainen <tss@iki.fi>
parents:
2776
diff
changeset
|
361 |
| 3074 | 362 return NULL; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
363 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
364 |
|
4907
5b4c9b20eba0
Replaced void *context from a lot of callbacks with the actual context
Timo Sirainen <tss@iki.fi>
parents:
4463
diff
changeset
|
365 static void request_timeout(struct auth_master_listener *listener) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
366 { |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
367 struct auth_client_connection *const *clients; |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
368 unsigned int i, count; |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
369 |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
370 clients = array_get(&listener->clients, &count); |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
371 for (i = 0; i < count; i++) { |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
372 if (clients[i]->request_handler != NULL) { |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
373 auth_request_handler_check_timeouts( |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
374 clients[i]->request_handler); |
|
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
375 } |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
376 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
377 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
378 |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
379 void auth_client_connections_init(struct auth_master_listener *listener) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
380 { |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
381 listener->to_clients = timeout_add(5000, request_timeout, listener); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
382 } |
|
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
383 |
|
3308
3f090bcaffcc
Allow multiple master connections for a single listener.
Timo Sirainen <tss@iki.fi>
parents:
3158
diff
changeset
|
384 void auth_client_connections_deinit(struct auth_master_listener *listener) |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
385 { |
|
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
386 if (listener->to_clients != NULL) |
|
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3863
diff
changeset
|
387 timeout_remove(&listener->to_clients); |
|
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
388 } |