}
tab[10].value = auth_request->mech_name == NULL ? "" :
escape_func(auth_request->mech_name, auth_request);
- tab[11].value = auth_request->secured ? "secured" : "";
+ switch(auth_request->secured) {
+ case AUTH_REQUEST_SECURED_NONE: tab[11].value = ""; break;
+ case AUTH_REQUEST_SECURED: tab[11].value = "secured"; break;
+ case AUTH_REQUEST_SECURED_TLS: tab[11].value = "TLS"; break;
+ default: tab[11].value = ""; break;
+ };
tab[12].value = dec2str(auth_request->local_port);
tab[13].value = dec2str(auth_request->remote_port);
tab[14].value = auth_request->valid_client_cert ? "valid" : "";
str_printfa(dest, "\tsession=%s", request->session_id);
if (request->debug)
str_append(dest, "\tdebug");
- if (request->secured)
- str_append(dest, "\tsecured");
+ switch(request->secured) {
+ case AUTH_REQUEST_SECURED_NONE: break;
+ case AUTH_REQUEST_SECURED: str_append(dest, "\tsecured"); break;
+ case AUTH_REQUEST_SECURED_TLS: str_append(dest, "\tsecured=tls"); break;
+ default: break;
+ }
if (request->skip_password_check)
str_append(dest, "\tskip-password-check");
if (request->delayed_credentials != NULL)
return TRUE;
/* auth client may set these */
- if (strcmp(key, "secured") == 0)
- request->secured = TRUE;
+ if (strcmp(key, "secured") == 0) {
+ if (strcmp(value, "tls") == 0)
+ request->secured = AUTH_REQUEST_SECURED_TLS;
+ else
+ request->secured = AUTH_REQUEST_SECURED;
+ }
else if (strcmp(key, "final-resp-ok") == 0)
request->final_resp_ok = TRUE;
else if (strcmp(key, "no-penalty") == 0)
AUTH_REQUEST_STATE_MAX
};
+enum auth_request_secured {
+ AUTH_REQUEST_SECURED_NONE,
+ AUTH_REQUEST_SECURED,
+ AUTH_REQUEST_SECURED_TLS,
+};
+
struct auth_request {
int refcount;
/* auth_debug is enabled for this request */
bool debug:1;
+ enum auth_request_secured secured;
+
/* flags received from auth client: */
- bool secured:1;
bool final_resp_ok:1;
bool no_penalty:1;
bool valid_client_cert:1;
.client_pid = 54321,
.mech_password = "-password",
.mech_name = "-mech",
- .secured = TRUE,
+ .secured = AUTH_REQUEST_SECURED,
.local_port = 21,
.remote_port = 210,
.valid_client_cert = TRUE,
test_begin("auth request var expand flags");
test_request.userdb_lookup = FALSE;
- test_request.secured = FALSE;
+ test_request.secured = AUTH_REQUEST_SECURED_NONE;
test_request.valid_client_cert = FALSE;
test_assert(var_expand(str, test_input,
auth_request_get_var_expand_table(&test_request, test_escape),
test_assert(strcmp(str_c(str), "40\n\n\n") == 0);
test_request.userdb_lookup = TRUE;
- test_request.secured = TRUE;
+ test_request.secured = AUTH_REQUEST_SECURED;
test_request.valid_client_cert = TRUE;
str_truncate(str, 0);
projects / thirdparty / dovecot / core.git / commitdiff
