]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
projects / thirdparty / dovecot / core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 30b518b)
login-common: client-common - Add sasl_check_login() vfunc.
authorStephan Bosch <stephan.bosch@open-xchange.com>
Mon, 12 Aug 2019 21:33:11 +0000 (23:33 +0200)
committerStephan Bosch <stephan.bosch@open-xchange.com>
Tue, 13 Aug 2019 22:46:26 +0000 (00:46 +0200)
This allows checking the auth service success reply before commencing the actual
login.

src/login-common/client-common.h patch | blob | blame | history
src/login-common/sasl-server.c patch | blob | blame | history

diff --git a/src/login-common/client-common.h b/src/login-common/client-common.h
index 639778395c7870414c1f5456e6910a1cd8621450..bf44f6e4a9789775e2bb052afaf131fc2ec98a07 100644 (file)
--- a/src/login-common/client-common.h
+++ b/src/login-common/client-common.h
@@ -112,6 +112,7 @@ struct client_vfuncs {
        void (*input)(struct client *client);
        bool (*sasl_filter_mech)(struct client *client,
                                 struct auth_mech_desc *mech);
+       bool (*sasl_check_login)(struct client *client);
        void (*auth_send_challenge)(struct client *client, const char *data);
        void (*auth_parse_response)(struct client *client);
        void (*auth_result)(struct client *client,
diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
index a779fcbf712a727ffe4099a9f5d06c38977d9778..3f9ff0ee5c47a3b6b0b08a7ccb9a4d6c3e8f7dd5 100644 (file)
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -274,6 +274,15 @@ anvil_check_too_many_connections(struct client *client,
        anvil_client_query(anvil, query, anvil_lookup_callback, req);
 }
 
+static bool
+sasl_server_check_login(struct client *client)
+{
+       if (client->v.sasl_check_login != NULL &&
+           !client->v.sasl_check_login(client))
+               return FALSE;
+       return TRUE;
+}
+
 static void
 authenticate_callback(struct auth_client_request *request,
                      enum auth_request_status status, const char *data_base64,
@@ -337,6 +346,8 @@ authenticate_callback(struct auth_client_request *request,
                        client->authenticating = FALSE;
                        call_client_callback(client, SASL_SERVER_REPLY_SUCCESS,
                                             NULL, args);
+               } else if (!sasl_server_check_login(client)) {
+                       i_assert(!client->authenticating);
                } else {
                        anvil_check_too_many_connections(client, request);
                }
Mirror of https://github.com/dovecot/core.git