#include "var-expand.h"
#include "dns-lookup.h"
#include "hostpid.h"
+#include "settings.h"
#include "master-service.h"
#include "auth-cache.h"
#include "auth-request.h"
event = event_create(request->event);
event_add_str(event, "passdb", request->passdb->name);
event_add_str(event, "passdb_id", dec2str(request->passdb->passdb->id));
- event_add_str(event, "passdb_driver", request->passdb->passdb->iface.name);
+ const char *passdb_driver = request->passdb->passdb->iface.name;
+ event_add_str(event, "passdb_driver", passdb_driver);
+ event_set_ptr(event, SETTINGS_EVENT_FILTER_NAME,
+ p_strconcat(event_get_pool(event), "passdb_",
+ passdb_driver, NULL));
event_set_log_prefix_callback(event, FALSE,
auth_request_get_log_prefix_db, request);
auth_request_unref(&request);
}
+static int auth_request_set_default_fields(struct auth_request *request)
+{
+ struct event *event = authdb_event(request);
+ const struct auth_passdb_pre_settings *pre_set;
+ const char *error;
+
+ if (settings_get(event, &auth_passdb_pre_setting_parser_info, 0,
+ &pre_set, &error) < 0) {
+ e_error(event, "%s", error);
+ return -1;
+ }
+ auth_request_set_strlist(request, &pre_set->default_fields,
+ STATIC_PASS_SCHEME);
+ settings_free(pre_set);
+ return 0;
+}
+
+static int auth_request_set_override_fields(struct auth_request *request)
+{
+ struct event *event = authdb_event(request);
+ const struct auth_passdb_post_settings *post_set;
+ const char *error;
+
+ if (settings_get(event, &auth_passdb_post_setting_parser_info, 0,
+ &post_set, &error) < 0) {
+ e_error(event, "%s", error);
+ return -1;
+ }
+ auth_request_set_strlist(request, &post_set->override_fields,
+ STATIC_PASS_SCHEME);
+ settings_free(post_set);
+ return 0;
+}
+
static int
auth_request_finish_passdb_lookup(enum passdb_result *result,
struct auth_request *request,
auth_request_verify_plain_callback_finish(enum passdb_result result,
struct auth_request *request)
{
- const char *error;
int ret;
- if (passdb_template_export(request->passdb->override_fields_tmpl,
- request, &error) < 0) {
- e_error(authdb_event(request),
- "Failed to expand override_fields: %s", error);
+ if (auth_request_set_override_fields(request) < 0)
result = PASSDB_RESULT_INTERNAL_FAILURE;
- }
+
if ((ret = auth_request_handle_passdb_callback(&result, request)) == 0) {
/* try next passdb */
auth_request_verify_plain(request, request->mech_password,
{
struct auth_passdb *passdb;
enum passdb_result result;
- const char *cache_key, *error;
+ const char *cache_key;
const char *password = request->mech_password;
i_assert(request->state == AUTH_REQUEST_STATE_MECH_CONTINUE);
PASSDB_RESULT_INTERNAL_FAILURE, request);
} else if (passdb->passdb->blocking) {
passdb_blocking_verify_plain(request);
- } else if (passdb_template_export(passdb->default_fields_tmpl,
- request, &error) < 0) {
- e_error(authdb_event(request),
- "Failed to expand default_fields: %s", error);
+ } else if (auth_request_set_default_fields(request) < 0) {
auth_request_verify_plain_callback(
PASSDB_RESULT_INTERNAL_FAILURE, request);
} else {
size_t size,
struct auth_request *request)
{
- const char *error;
int ret;
- if (passdb_template_export(request->passdb->override_fields_tmpl,
- request, &error) < 0) {
- e_error(authdb_event(request),
- "Failed to expand override_fields: %s", error);
+ if (auth_request_set_override_fields(request) < 0)
result = PASSDB_RESULT_INTERNAL_FAILURE;
- }
+
if ((ret = auth_request_handle_passdb_callback(&result, request)) == 0) {
/* try next passdb */
if (request->fields.skip_password_check &&
struct auth_request *request, lookup_credentials_callback_t *callback)
{
struct auth_passdb *passdb;
- const char *cache_key, *cache_cred, *cache_scheme, *error;
+ const char *cache_key, *cache_cred, *cache_scheme;
enum passdb_result result;
i_assert(request->state == AUTH_REQUEST_STATE_MECH_CONTINUE);
uchar_empty_ptr, 0, request);
} else if (passdb->passdb->blocking) {
passdb_blocking_lookup_credentials(request);
- } else if (passdb_template_export(passdb->default_fields_tmpl,
- request, &error) < 0) {
- e_error(authdb_event(request),
- "Failed to expand default_fields: %s", error);
+ } else if (auth_request_set_default_fields(request) < 0) {
auth_request_lookup_credentials_callback(
PASSDB_RESULT_INTERNAL_FAILURE,
uchar_empty_ptr, 0, request);
}
}
+void auth_request_set_strlist(struct auth_request *request,
+ const ARRAY_TYPE(const_string) *strlist,
+ const char *default_scheme)
+{
+ if (!array_is_created(strlist))
+ return;
+
+ unsigned int i, count;
+ const char *const *fields = array_get(strlist, &count);
+ i_assert(count % 2 == 0);
+ for (i = 0; i < count; i += 2) {
+ auth_request_set_field(request, fields[i], fields[i + 1],
+ default_scheme);
+ }
+}
+
static void
auth_request_set_uidgid_file(struct auth_request *request,
const char *path_template)
DEF(STR, name),
DEF(STR, driver),
DEF(STR_NOVARS, args),
- DEF(STR_NOVARS, default_fields),
- DEF(STR_NOVARS, override_fields),
DEF(BOOLLIST, mechanisms),
DEF(STR, username_filter),
.name = "",
.driver = "",
.args = "",
- .default_fields = "",
- .override_fields = "",
.mechanisms = ARRAY_INIT,
.username_filter = "",
.check_func = auth_passdb_settings_check
};
+static const struct setting_define auth_passdb_pre_setting_defines[] = {
+ { .type = SET_STRLIST, .key = "passdb_default_fields",
+ .offset = offsetof(struct auth_passdb_pre_settings, default_fields) },
+
+ SETTING_DEFINE_LIST_END
+};
+
+static const struct auth_passdb_pre_settings auth_passdb_pre_default_settings = {
+ .default_fields = ARRAY_INIT,
+};
+
+const struct setting_parser_info auth_passdb_pre_setting_parser_info = {
+ .name = "auth_passdb_pre",
+
+ .defines = auth_passdb_pre_setting_defines,
+ .defaults = &auth_passdb_pre_default_settings,
+
+ .struct_size = sizeof(struct auth_passdb_pre_settings),
+ .pool_offset1 = 1 + offsetof(struct auth_passdb_pre_settings, pool),
+};
+
+static const struct setting_define auth_passdb_post_setting_defines[] = {
+ { .type = SET_STRLIST, .key = "passdb_override_fields",
+ .offset = offsetof(struct auth_passdb_post_settings, override_fields) },
+
+ SETTING_DEFINE_LIST_END
+};
+
+static const struct auth_passdb_post_settings auth_passdb_post_default_settings = {
+ .override_fields = ARRAY_INIT,
+};
+
+const struct setting_parser_info auth_passdb_post_setting_parser_info = {
+ .name = "auth_passdb_post",
+
+ .defines = auth_passdb_post_setting_defines,
+ .defaults = &auth_passdb_post_default_settings,
+
+ .struct_size = sizeof(struct auth_passdb_post_settings),
+ .pool_offset1 = 1 + offsetof(struct auth_passdb_post_settings, pool),
+};
+
#undef DEF
#define DEF(type, name) \
SETTING_DEFINE_STRUCT_##type("userdb_"#name, name, struct auth_userdb_settings)
auth_passdb = p_new(auth->pool, struct auth_passdb, 1);
auth_passdb->auth_set =
settings_get_or_fatal(event, &auth_setting_parser_info);
- event_unref(&event);
auth_passdb->name = set->name;
auth_passdb->set = set;
auth_passdb->result_internalfail =
auth_db_rule_parse(set->result_internalfail);
- auth_passdb->default_fields_tmpl =
- passdb_template_build(auth->pool, set->default_fields);
- auth_passdb->override_fields_tmpl =
- passdb_template_build(auth->pool, set->override_fields);
-
if (!array_is_created(&set->mechanisms) ||
array_is_empty(&set->mechanisms)) {
auth_passdb->mechanisms = NULL;
auth_passdb->passdb = passdb_preinit(auth->pool, set);
/* make sure any %variables in default_fields exist in cache_key */
if (auth_passdb->passdb->default_cache_key != NULL) {
- auth_passdb->cache_key =
- p_strconcat(auth->pool, auth_passdb->passdb->default_cache_key,
- set->default_fields, NULL);
- }
- else {
+ struct auth_passdb_pre_settings *passdb_pre_set;
+ const char *error;
+ if (settings_get(event, &auth_passdb_pre_setting_parser_info,
+ SETTINGS_GET_FLAG_NO_EXPAND,
+ &passdb_pre_set, &error) < 0)
+ i_fatal("%s", error);
+ auth_passdb->cache_key = p_strconcat(
+ auth->pool,
+ auth_passdb->passdb->default_cache_key,
+ t_array_const_string_join(&passdb_pre_set->default_fields, ""),
+ NULL);
+ settings_free(passdb_pre_set);
+ } else {
auth_passdb->cache_key = NULL;
}
+ event_unref(&event);
}
static void auth_passdb_deinit(struct auth_passdb *passdb)
projects / thirdparty / dovecot / core.git / commitdiff
