Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/passdb-passwd-file.c @ 9008:fc4f65a4ca60 HEAD
virtual: Don't show mailboxes as \Noselect.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 01 May 2009 14:56:52 -0400 |
parents | b9faf4db2a9f |
children | 4b0ec8160ff4 |
rev | line source |
---|---|
8590
b9faf4db2a9f
Updated copyright notices to include year 2009.
Timo Sirainen <tss@iki.fi>
parents:
8513
diff
changeset
|
1 /* Copyright (c) 2002-2009 Dovecot authors, see the included COPYING file */ |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
3474
9096b7957413
Removed direct config.h including. I'm not sure why it was done before,
Timo Sirainen <tss@iki.fi>
parents:
3257
diff
changeset
|
3 #include "common.h" |
8217
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
4 #include "passdb.h" |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #ifdef PASSDB_PASSWD_FILE |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 |
4034
b533c52196e3
Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3918
diff
changeset
|
8 #include "str.h" |
4690
2eefb4eb14a4
If auth cache is enabled and %vars are used in passwd-file path, get the
Timo Sirainen <tss@iki.fi>
parents:
4434
diff
changeset
|
9 #include "auth-cache.h" |
4034
b533c52196e3
Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3918
diff
changeset
|
10 #include "var-expand.h" |
1192
76321f65960d
Fix realm usage with DIGEST-MD5. Support generating other password schemes
Timo Sirainen <tss@iki.fi>
parents:
1191
diff
changeset
|
11 #include "password-scheme.h" |
1062
0522a0315d2f
Cleanups, LDAP support compiles again and generally looks ok, even if it
Timo Sirainen <tss@iki.fi>
parents:
1046
diff
changeset
|
12 #include "db-passwd-file.h" |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
14 struct passwd_file_passdb_module { |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
15 struct passdb_module module; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
16 |
3891
2d0859490a2f
If debug is enabled, tell how many users are found from passwd-file whenever
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
17 struct auth *auth; |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
18 struct db_passwd_file *pwf; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
19 }; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 |
4434
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
21 static void passwd_file_save_results(struct auth_request *request, |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
22 const struct passwd_user *pu, |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
23 const char **crypted_pass_r, |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
24 const char **scheme_r) |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
25 { |
4034
b533c52196e3
Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3918
diff
changeset
|
26 const struct var_expand_table *table; |
4434
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
27 const char *key, *value; |
4034
b533c52196e3
Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3918
diff
changeset
|
28 string_t *str; |
b533c52196e3
Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3918
diff
changeset
|
29 char **p; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
30 |
4434
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
31 *crypted_pass_r = pu->password; |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
32 *scheme_r = password_get_scheme(crypted_pass_r); |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
33 if (*scheme_r == NULL) |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
34 *scheme_r = request->passdb->passdb->default_pass_scheme; |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
35 |
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3655
diff
changeset
|
36 /* save the password so cache can use it */ |
4434
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
37 if (*crypted_pass_r != NULL) { |
3802
f91a8dd9c4ec
Don't crash if password is empty
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
38 auth_request_set_field(request, "password", |
4434
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
39 *crypted_pass_r, *scheme_r); |
4034
b533c52196e3
Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3918
diff
changeset
|
40 } |
b533c52196e3
Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3918
diff
changeset
|
41 |
4035
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
42 if (pu->extra_fields != NULL) { |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
43 str = t_str_new(512); |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
44 table = auth_request_get_var_expand_table(request, NULL); |
4034
b533c52196e3
Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3918
diff
changeset
|
45 |
4035
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
46 for (p = pu->extra_fields; *p != NULL; p++) { |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
47 value = strchr(*p, '='); |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
48 if (value != NULL) { |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
49 key = t_strdup_until(*p, value); |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
50 str_truncate(str, 0); |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
51 var_expand(str, value + 1, table); |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
52 value = str_c(str); |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
53 } else { |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
54 key = *p; |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
55 value = ""; |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
56 } |
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
57 auth_request_set_field(request, key, value, NULL); |
4034
b533c52196e3
Updated passwd-file format to allow specifying any key=value fields. Since the value fields may contain ':' characters, this changes the file format a bit. Previously the last two fields were "flags" and "mail". Flags has been empty for last 3 years however, so the new format is used if the flags field contains something. In that case there is no separate mail field, it can instead be specified by adding userdb_mail=<mail> parameter.
Timo Sirainen <timo.sirainen@movial.fi>
parents:
3918
diff
changeset
|
58 } |
3802
f91a8dd9c4ec
Don't crash if password is empty
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
59 } |
4434
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
60 } |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
61 |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
62 static void |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
63 passwd_file_verify_plain(struct auth_request *request, const char *password, |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
64 verify_plain_callback_t *callback) |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
65 { |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
66 struct passdb_module *_module = request->passdb->passdb; |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
67 struct passwd_file_passdb_module *module = |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
68 (struct passwd_file_passdb_module *)_module; |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
69 struct passwd_user *pu; |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
70 const char *scheme, *crypted_pass; |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
71 int ret; |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
72 |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
73 pu = db_passwd_file_lookup(module->pwf, request); |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
74 if (pu == NULL) { |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
75 callback(PASSDB_RESULT_USER_UNKNOWN, request); |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
76 return; |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
77 } |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
78 |
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
79 passwd_file_save_results(request, pu, &crypted_pass, &scheme); |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
80 |
3918
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3891
diff
changeset
|
81 ret = auth_request_password_verify(request, password, crypted_pass, |
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3891
diff
changeset
|
82 scheme, "passwd-file"); |
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3891
diff
changeset
|
83 |
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3891
diff
changeset
|
84 callback(ret > 0 ? PASSDB_RESULT_OK : PASSDB_RESULT_PASSWORD_MISMATCH, |
40a461d554e6
Added auth_debug_passwords setting. If it's not enabled, hide all password
Timo Sirainen <tss@iki.fi>
parents:
3891
diff
changeset
|
85 request); |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
86 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
87 |
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
88 static void |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
89 passwd_file_lookup_credentials(struct auth_request *request, |
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1062
diff
changeset
|
90 lookup_credentials_callback_t *callback) |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
91 { |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
92 struct passdb_module *_module = request->passdb->passdb; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
93 struct passwd_file_passdb_module *module = |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
94 (struct passwd_file_passdb_module *)_module; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
95 struct passwd_user *pu; |
1191
65e48854491d
Added default_pass_scheme to LDAP. Support for more password schemes. Merged
Timo Sirainen <tss@iki.fi>
parents:
1075
diff
changeset
|
96 const char *crypted_pass, *scheme; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
97 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
98 pu = db_passwd_file_lookup(module->pwf, request); |
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
99 if (pu == NULL) { |
5598
971050640e3b
All password schemes can now be encoded with base64 or hex. The encoding is
Timo Sirainen <tss@iki.fi>
parents:
4782
diff
changeset
|
100 callback(PASSDB_RESULT_USER_UNKNOWN, NULL, 0, request); |
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
101 return; |
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
102 } |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
103 |
4434
7fd600d3f719
When using non-plaintext authentication with passdb passwd-file we didn't
Timo Sirainen <tss@iki.fi>
parents:
4035
diff
changeset
|
104 passwd_file_save_results(request, pu, &crypted_pass, &scheme); |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
105 |
3655
62fc6883faeb
Fixes and cleanups to credentials handling. Also fixed auth caching to work
Timo Sirainen <tss@iki.fi>
parents:
3504
diff
changeset
|
106 passdb_handle_credentials(PASSDB_RESULT_OK, crypted_pass, scheme, |
62fc6883faeb
Fixes and cleanups to credentials handling. Also fixed auth caching to work
Timo Sirainen <tss@iki.fi>
parents:
3504
diff
changeset
|
107 callback, request); |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
108 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
109 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
110 static struct passdb_module * |
4035
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
111 passwd_file_preinit(struct auth_passdb *auth_passdb, const char *args) |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
112 { |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
113 struct passwd_file_passdb_module *module; |
6394
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
114 const char *scheme = PASSWD_FILE_DEFAULT_SCHEME; |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
115 const char *format = PASSWD_FILE_DEFAULT_USERNAME_FORMAT; |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
116 const char *key, *value; |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
117 |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
118 while (*args != '\0') { |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
119 if (*args == '/') |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
120 break; |
5880
3f3c12bfdba6
Support changing default password scheme for passdb passwd-file.
Timo Sirainen <tss@iki.fi>
parents:
5598
diff
changeset
|
121 |
6394
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
122 key = args; |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
123 value = strchr(key, '='); |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
124 if (value == NULL) { |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
125 value = ""; |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
126 args = strchr(key, ' '); |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
127 } else { |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
128 key = t_strdup_until(key, value); |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
129 args = strchr(++value, ' '); |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
130 if (args != NULL) |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
131 value = t_strdup_until(value, args); |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
132 } |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
133 if (args == NULL) |
5880
3f3c12bfdba6
Support changing default password scheme for passdb passwd-file.
Timo Sirainen <tss@iki.fi>
parents:
5598
diff
changeset
|
134 args = ""; |
6394
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
135 else |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
136 args++; |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
137 |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
138 if (strcmp(key, "scheme") == 0) |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
139 scheme = p_strdup(auth_passdb->auth->pool, value); |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
140 else if (strcmp(key, "username_format") == 0) |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
141 format = p_strdup(auth_passdb->auth->pool, value); |
8513
0691f5294bb9
Fail if trying to give unknown parameters to passdb/userdb.
Timo Sirainen <tss@iki.fi>
parents:
8217
diff
changeset
|
142 else |
0691f5294bb9
Fail if trying to give unknown parameters to passdb/userdb.
Timo Sirainen <tss@iki.fi>
parents:
8217
diff
changeset
|
143 i_fatal("passdb passwd-file: Unknown setting: %s", key); |
5880
3f3c12bfdba6
Support changing default password scheme for passdb passwd-file.
Timo Sirainen <tss@iki.fi>
parents:
5598
diff
changeset
|
144 } |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
145 |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
146 module = p_new(auth_passdb->auth->pool, |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
147 struct passwd_file_passdb_module, 1); |
3891
2d0859490a2f
If debug is enabled, tell how many users are found from passwd-file whenever
Timo Sirainen <tss@iki.fi>
parents:
3879
diff
changeset
|
148 module->auth = auth_passdb->auth; |
6394
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
149 module->pwf = db_passwd_file_init(args, format, FALSE, |
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
150 module->auth->verbose_debug); |
4690
2eefb4eb14a4
If auth cache is enabled and %vars are used in passwd-file path, get the
Timo Sirainen <tss@iki.fi>
parents:
4434
diff
changeset
|
151 |
2eefb4eb14a4
If auth cache is enabled and %vars are used in passwd-file path, get the
Timo Sirainen <tss@iki.fi>
parents:
4434
diff
changeset
|
152 if (!module->pwf->vars) |
6394
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
153 module->module.cache_key = format; |
4690
2eefb4eb14a4
If auth cache is enabled and %vars are used in passwd-file path, get the
Timo Sirainen <tss@iki.fi>
parents:
4434
diff
changeset
|
154 else { |
2eefb4eb14a4
If auth cache is enabled and %vars are used in passwd-file path, get the
Timo Sirainen <tss@iki.fi>
parents:
4434
diff
changeset
|
155 module->module.cache_key = |
2eefb4eb14a4
If auth cache is enabled and %vars are used in passwd-file path, get the
Timo Sirainen <tss@iki.fi>
parents:
4434
diff
changeset
|
156 auth_cache_parse_key(auth_passdb->auth->pool, |
6394
9e74c008484a
Added username_format parameter for passwd-file passdb and userdb.
Timo Sirainen <tss@iki.fi>
parents:
5880
diff
changeset
|
157 t_strconcat(format, module->pwf->path, NULL)); |
4690
2eefb4eb14a4
If auth cache is enabled and %vars are used in passwd-file path, get the
Timo Sirainen <tss@iki.fi>
parents:
4434
diff
changeset
|
158 } |
2eefb4eb14a4
If auth cache is enabled and %vars are used in passwd-file path, get the
Timo Sirainen <tss@iki.fi>
parents:
4434
diff
changeset
|
159 |
5880
3f3c12bfdba6
Support changing default password scheme for passdb passwd-file.
Timo Sirainen <tss@iki.fi>
parents:
5598
diff
changeset
|
160 module->module.default_pass_scheme = scheme; |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
161 return &module->module; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
162 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
163 |
4035
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
164 static void passwd_file_init(struct passdb_module *_module, |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
6394
diff
changeset
|
165 const char *args ATTR_UNUSED) |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
166 { |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
167 struct passwd_file_passdb_module *module = |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
168 (struct passwd_file_passdb_module *)_module; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
169 |
4035
335ac59efffd
If passwd-file is being used as userdb, complain immediately if some entries
Timo Sirainen <tss@iki.fi>
parents:
4034
diff
changeset
|
170 db_passwd_file_parse(module->pwf); |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
171 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
172 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
173 static void passwd_file_deinit(struct passdb_module *_module) |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
174 { |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
175 struct passwd_file_passdb_module *module = |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
176 (struct passwd_file_passdb_module *)_module; |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
177 |
3879
928229f8b3e6
deinit, unref, destroy, close, free, etc. functions now take a pointer to
Timo Sirainen <tss@iki.fi>
parents:
3802
diff
changeset
|
178 db_passwd_file_unref(&module->pwf); |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
179 } |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
180 |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
181 struct passdb_module_interface passdb_passwd_file = { |
2942
c7d426f8cb58
Added name variable for userdb_module and passdb_module and changed their
Timo Sirainen <tss@iki.fi>
parents:
2798
diff
changeset
|
182 "passwd-file", |
c7d426f8cb58
Added name variable for userdb_module and passdb_module and changed their
Timo Sirainen <tss@iki.fi>
parents:
2798
diff
changeset
|
183 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
184 passwd_file_preinit, |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
185 passwd_file_init, |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
186 passwd_file_deinit, |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
187 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
188 passwd_file_verify_plain, |
4782
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4690
diff
changeset
|
189 passwd_file_lookup_credentials, |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4690
diff
changeset
|
190 NULL |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
191 }; |
8217
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
192 #else |
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
193 struct passdb_module_interface passdb_passwd_file = { |
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
194 MEMBER(name) "passwd-file" |
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
195 }; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
196 #endif |