Mercurial > dovecot > original-hg > dovecot-1.2

changeset 7438:65fbb6226141 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Log clearly with "auth failed, # attempts" if user gets disconnected before logging in.
author Timo Sirainen <tss@iki.fi>
date Wed, 26 Mar 2008 21:30:15 +0200
parents 498975950370
children dc9c098a7d26
files src/imap-login/client-authenticate.c src/imap-login/client.c src/imap-login/client.h src/imap-login/imap-proxy.c src/pop3-login/client-authenticate.c src/pop3-login/client.c src/pop3-login/client.h src/pop3-login/pop3-proxy.c
diffstat 8 files changed, 43 insertions(+), 21 deletions(-) [+]
line wrap: on
line diff
--- a/src/imap-login/client-authenticate.c	Wed Mar 26 21:27:10 2008 +0200
+++ b/src/imap-login/client-authenticate.c	Wed Mar 26 21:30:15 2008 +0200
@@ -156,7 +156,7 @@
 		}
 		client_send_tagline(client, str_c(reply));
 		if (!nologin) {
-			client_destroy(client, "Login with referral");
+			client_destroy_success(client, "Login with referral");
 			return TRUE;
 		}
 	} else if (nologin || proxy_self) {
@@ -209,7 +209,7 @@
 		}
 
 		client_send_tagline(client, "OK Logged in.");
-		client_destroy(client, "Login");
+		client_destroy_success(client, "Login");
 		break;
 	case SASL_SERVER_REPLY_AUTH_FAILED:
 	case SASL_SERVER_REPLY_CLIENT_ERROR:
@@ -234,7 +234,9 @@
 		else {
 			client_send_tagline(client,
 					    t_strconcat("NO ", data, NULL));
-			client_destroy(client, data);
+			/* authentication itself succeeded, we just hit some
+			   internal failure. */
+			client_destroy_success(client, data);
 		}
 		break;
 	case SASL_SERVER_REPLY_CONTINUE:
--- a/src/imap-login/client.c	Wed Mar 26 21:27:10 2008 +0200
+++ b/src/imap-login/client.c	Wed Mar 26 21:30:15 2008 +0200
@@ -211,9 +211,7 @@
 		client_destroy(client, "Aborted login "
 			"(tried to use disabled plaintext authentication)");
 	} else {
-		client_destroy(client, t_strdup_printf(
-			"Aborted login (%u authentication attempts)",
-			client->common.auth_attempts));
+		client_destroy(client, "Aborted login");
 	}
 	return 1;
 }
@@ -284,8 +282,8 @@
 		if (fatal) {
 			client_send_line(client, t_strconcat("* BYE ",
 							     msg, NULL));
-			client_destroy(client, t_strconcat("Disconnected: ",
-							   msg, NULL));
+			client_destroy(client,
+				t_strconcat("Disconnected: ", msg, NULL));
 			return FALSE;
 		}
 
@@ -311,8 +309,8 @@
 		if (++client->bad_counter >= CLIENT_MAX_BAD_COMMANDS) {
 			client_send_line(client,
 				"* BYE Too many invalid IMAP commands.");
-			client_destroy(client, "Disconnected: "
-				       "Too many invalid commands");
+			client_destroy(client,
+				"Disconnected: Too many invalid commands");
 			return FALSE;
 		}  
 		client_send_tagline(client,
@@ -486,6 +484,10 @@
 		return;
 	client->destroyed = TRUE;
 
+	if (!client->login_success && reason != NULL) {
+		reason = t_strdup_printf("%s (auth failed, %u attempts)",
+					 reason, client->common.auth_attempts);
+	}
 	if (reason != NULL)
 		client_syslog(&client->common, reason);
 
@@ -543,6 +545,12 @@
 	main_unref();
 }
 
+void client_destroy_success(struct imap_client *client, const char *reason)
+{
+	client->login_success = TRUE;
+	client_destroy(client, reason);
+}
+
 void client_destroy_internal_failure(struct imap_client *client)
 {
 	client_send_line(client, "* BYE Internal login failure. "
--- a/src/imap-login/client.h	Wed Mar 26 21:27:10 2008 +0200
+++ b/src/imap-login/client.h	Wed Mar 26 21:30:15 2008 +0200
@@ -24,6 +24,7 @@
 
 	const char *cmd_tag, *cmd_name;
 
+	unsigned int login_success:1;
 	unsigned int cmd_finished:1;
 	unsigned int proxy_login_sent:1;
 	unsigned int skip_line:1;
@@ -33,6 +34,7 @@
 };
 
 void client_destroy(struct imap_client *client, const char *reason);
+void client_destroy_success(struct imap_client *client, const char *reason);
 void client_destroy_internal_failure(struct imap_client *client);
 
 void client_send_line(struct imap_client *client, const char *line);
--- a/src/imap-login/imap-proxy.c	Wed Mar 26 21:27:10 2008 +0200
+++ b/src/imap-login/imap-proxy.c	Wed Mar 26 21:30:15 2008 +0200
@@ -63,7 +63,7 @@
 		client->input = NULL;
 		client->output = NULL;
 		client->common.fd = -1;
-		client_destroy(client, msg);
+		client_destroy_success(client, msg);
 		return -1;
 	} else if (strncmp(line, "P ", 2) == 0) {
 		/* If the backend server isn't Dovecot, the error message may
@@ -117,7 +117,7 @@
 
 		/* failed for some reason, probably server disconnected */
 		client_send_line(client, "* BYE Temporary login failure.");
-		client_destroy(client, NULL);
+		client_destroy_success(client, NULL);
 		return;
 	}
 
@@ -132,7 +132,7 @@
 		return;
 	case -1:
 		/* disconnected */
-		client_destroy(client, "Proxy: Remote disconnected");
+		client_destroy_success(client, "Proxy: Remote disconnected");
 		return;
 	}
 
--- a/src/pop3-login/client-authenticate.c	Wed Mar 26 21:27:10 2008 +0200
+++ b/src/pop3-login/client-authenticate.c	Wed Mar 26 21:30:15 2008 +0200
@@ -170,7 +170,7 @@
 		}
 
 		client_send_line(client, "+OK Logged in.");
-		client_destroy(client, "Login");
+		client_destroy_success(client, "Login");
 		break;
 	case SASL_SERVER_REPLY_AUTH_FAILED:
 	case SASL_SERVER_REPLY_CLIENT_ERROR:
@@ -197,7 +197,7 @@
 		else {
 			client_send_line(client,
 				t_strconcat("-ERR [IN-USE] ", data, NULL));
-			client_destroy(client, data);
+			client_destroy_success(client, data);
 		}
 		break;
 	case SASL_SERVER_REPLY_CONTINUE:
--- a/src/pop3-login/client.c	Wed Mar 26 21:27:10 2008 +0200
+++ b/src/pop3-login/client.c	Wed Mar 26 21:30:15 2008 +0200
@@ -150,9 +150,7 @@
 		client_destroy(client, "Aborted login "
 			"(tried to use disabled plaintext authentication)");
 	} else {
-		client_destroy(client, t_strdup_printf(
-			"Aborted login (%u authentication attempts)",
-			client->common.auth_attempts));
+		client_destroy(client, "Aborted login");
 	}
 	return TRUE;
 }
@@ -341,12 +339,22 @@
 	return &client->common;
 }
 
+void client_destroy_success(struct pop3_client *client, const char *reason)
+{
+	client->login_success = TRUE;
+	client_destroy(client, reason);
+}
+
 void client_destroy(struct pop3_client *client, const char *reason)
 {
 	if (client->destroyed)
 		return;
 	client->destroyed = TRUE;
 
+	if (!client->login_success && reason != NULL) {
+		reason = t_strdup_printf("%s (auth failed, %u attempts)",
+					 reason, client->common.auth_attempts);
+	}
 	if (reason != NULL)
 		client_syslog(&client->common, reason);
 
--- a/src/pop3-login/client.h	Wed Mar 26 21:27:10 2008 +0200
+++ b/src/pop3-login/client.h	Wed Mar 26 21:30:15 2008 +0200
@@ -28,12 +28,14 @@
 	char *apop_challenge;
 	struct auth_connect_id auth_id;
 
+	unsigned int login_success:1;
 	unsigned int authenticating:1;
 	unsigned int auth_connected:1;
 	unsigned int destroyed:1;
 };
 
 void client_destroy(struct pop3_client *client, const char *reason);
+void client_destroy_success(struct pop3_client *client, const char *reason);
 void client_destroy_internal_failure(struct pop3_client *client);
 
 void client_send_line(struct pop3_client *client, const char *line);
--- a/src/pop3-login/pop3-proxy.c	Wed Mar 26 21:27:10 2008 +0200
+++ b/src/pop3-login/pop3-proxy.c	Wed Mar 26 21:30:15 2008 +0200
@@ -32,7 +32,7 @@
 		/* failed for some reason, probably server disconnected */
 		client_send_line(client,
 				 "-ERR [IN-USE] Temporary login failure.");
-		client_destroy(client, NULL);
+		client_destroy_success(client, NULL);
 		return;
 	}
 
@@ -47,7 +47,7 @@
 		return;
 	case -1:
 		/* disconnected */
-		client_destroy(client, "Proxy: Remote disconnected");
+		client_destroy_success(client, "Proxy: Remote disconnected");
 		return;
 	}
 
@@ -114,7 +114,7 @@
 		client->input = NULL;
 		client->output = NULL;
 		client->common.fd = -1;
-		client_destroy(client, msg);
+		client_destroy_success(client, msg);
 		return;
 	}