auth: Move username matching to auth when listing users

Auth process knows how to match users correctly in each userdb,
so it is better to do it there.

diff --git a/src/auth/auth-master-connection.c b/src/auth/auth-master-connection.c
index 9f262ada72ba15b11ff03c4deef8d0adcd77fd74..cdf3cfd3d140a8f4d411d274c36bbdf08f059fe9 100644 (file)
--- a/src/auth/auth-master-connection.c
+++ b/src/auth/auth-master-connection.c
@@ -11,6 +11,7 @@
 #include "hex-binary.h"
 #include "ioloop.h"
 #include "ostream.h"
+#include "wildcard-match.h"
 #include "ipwd.h"
 #include "master-service.h"
 #include "userdb.h"
@@ -496,13 +497,35 @@ static int master_output_list(struct master_list_iter_ctx *ctx)
        return 1;
 }
 
+static int match_user(const char *user, struct auth_request *request, bool *match_r)
+{
+       struct auth_userdb *db = request->userdb;
+       const char *mask = request->fields.user;
+
+       if (*db->auth_set->username_format != '\0') {
+               /* normalize requested mask to match userdb */
+               string_t *dest = t_str_new(32);
+               const char *error;
+               if (auth_request_var_expand(dest, db->auth_set->username_format,
+                                           request, NULL, &error) < 0) {
+                       e_error(authdb_event(request), "Iteration failed: %s",
+                               error);
+                       return -1;
+               }
+               mask = str_c(dest);
+       }
+
+       *match_r = wildcard_match_icase(user, mask);
+       return 0;
+}
+
 static void master_input_list_callback(const char *user, void *context)
 {
        struct master_list_iter_ctx *ctx = context;
        struct auth_userdb *userdb = ctx->auth_request->userdb;
-       int ret;
+       int ret = 0;
 
-       if (user == NULL) {
+       if (user == NULL || ctx->failed) {
                if (userdb_blocking_iter_deinit(&ctx->iter) < 0)
                        ctx->failed = TRUE;
 
@@ -510,7 +533,7 @@ static void master_input_list_callback(const char *user, void *context)
                        userdb = userdb->next;
                } while (userdb != NULL &&
                         userdb->userdb->iface->iterate_init == NULL);
-               if (userdb == NULL) {
+               if (userdb == NULL || ctx->failed) {
                        /* iteration is finished */
                        const char *str;
 
@@ -531,10 +554,14 @@ static void master_input_list_callback(const char *user, void *context)
 
        T_BEGIN {
                const char *str;
-
-               str = t_strdup_printf("LIST\t%u\t%s\n", ctx->auth_request->id,
-                                     str_tabescape(user));
-               ret = o_stream_send_str(ctx->conn->conn.output, str);
+               bool match;
+               if (match_user(user, ctx->auth_request, &match) < 0)
+                       ctx->failed = TRUE;
+               else if (match) {
+                       str = t_strdup_printf("LIST\t%u\t%s\n", ctx->auth_request->id,
+                                             str_tabescape(user));
+                       ret = o_stream_send_str(ctx->conn->conn.output, str);
+               }
        } T_END;
        if (o_stream_get_buffer_used_size(ctx->conn->conn.output) >= MAX_OUTBUF_SIZE)
                ret = o_stream_flush(ctx->conn->conn.output);

diff --git a/src/doveadm/doveadm-auth.c b/src/doveadm/doveadm-auth.c
index fa8c18a2588020558bda13a6ffc22484010ecf11..5c0c618b2e47590b50b09de3e01141a0c29d5820 100644 (file)
--- a/src/doveadm/doveadm-auth.c
+++ b/src/doveadm/doveadm-auth.c
@@ -9,7 +9,6 @@
 #include "str.h"
 #include "strescape.h"
 #include "var-expand.h"
-#include "wildcard-match.h"
 #include "dsasl-client.h"
 #include "settings-parser.h"
 #include "master-service.h"
@@ -414,11 +413,7 @@ cmd_user_list(struct auth_master_connection *conn,
 
        ctx = auth_master_user_list_init(conn, user_mask, &input->info);
        while ((username = auth_master_user_list_next(ctx)) != NULL) {
-               for (i = 0; users[i] != NULL; i++) {
-                       if (wildcard_match_icase(username, users[i]))
-                               break;
-               }
-               if (users[i] != NULL)
+               for (i = 0; users[i] != NULL; i++)
                        printf("%s\n", username);
        }
        if (auth_master_user_list_deinit(&ctx) < 0)