event_add_str(request->event, "mechanism",
request->mech->mech_name);
}
+ /* Default to "insecure" until it's changed later */
+ event_add_str(request->event, "transport", "insecure");
}
static void
/* auth client may set these */
if (strcmp(key, "secured") == 0) {
- if (strcmp(value, "tls") == 0)
+ if (strcmp(value, "tls") == 0) {
fields->secured = AUTH_REQUEST_SECURED_TLS;
- else
+ event_add_str(request->event, "transport", "TLS");
+ } else {
fields->secured = AUTH_REQUEST_SECURED;
+ event_add_str(request->event, "transport", "trusted");
+ }
}
else if (strcmp(key, "final-resp-ok") == 0)
fields->final_resp_ok = TRUE;
/* for communication between auth master and worker processes */
if (strcmp(key, "user") == 0)
auth_request_set_username_forced(request, value);
- else if (strcmp(key, "master-user") == 0)
+ else if (strcmp(key, "master-user") == 0) {
fields->master_user = p_strdup(request->pool, value);
- else if (strcmp(key, "original-username") == 0)
+ event_add_str(request->event, "master_user", value);
+ } else if (strcmp(key, "original-username") == 0) {
fields->original_username = p_strdup(request->pool, value);
- else if (strcmp(key, "requested-login-user") == 0)
+ event_add_str(request->event, "original_user", value);
+ } else if (strcmp(key, "requested-login-user") == 0)
auth_request_set_login_username_forced(request, value);
else if (strcmp(key, "successful") == 0)
auth_request_set_auth_successful(request);
care about the actual contents of the credentials. */
fields->delayed_credentials = &uchar_nul;
fields->delayed_credentials_size = 1;
- } else if (strcmp(key, "mech") == 0)
+ } else if (strcmp(key, "mech") == 0) {
fields->mech_name = p_strdup(request->pool, value);
- else if (str_begins(key, "passdb_"))
+ event_add_str(request->event, "mechanism", value);
+ } else if (str_begins(key, "passdb_"))
auth_fields_add(fields->extra_fields, key+7, value, 0);
else if (str_begins(key, "userdb_")) {
if (fields->userdb_reply == NULL)
username when verifying at least DIGEST-MD5 password. */
request->fields.original_username =
p_strdup(request->pool, username);
+ event_add_str(request->event, "original_user",
+ request->fields.original_username);
}
if (request->fields.cert_username) {
/* cert_username overrides the username given by
if (auth_request_fix_username(request, &username, error_r) < 0) {
request->fields.user = NULL;
+ event_field_clear(request->event, "user");
return FALSE;
}
auth_request_set_username_forced(request, username);
if (request->fields.translated_username == NULL) {
/* similar to original_username, but after translations */
request->fields.translated_username = request->fields.user;
+ event_add_str(request->event, "translated_user",
+ request->fields.translated_username);
}
request->user_changed_by_lookup = TRUE;
i_assert(username != NULL);
request->fields.user = p_strdup(request->pool, username);
+ event_add_str(request->event, "user", request->fields.user);
}
void auth_request_set_login_username_forced(struct auth_request *request,
request->fields.requested_login_user =
p_strdup(request->pool, username);
+ event_add_str(request->event, "login_user",
+ request->fields.requested_login_user);
}
bool auth_request_set_login_username(struct auth_request *request,
if (auth_request_fix_username(request, &username, error_r) < 0) {
request->fields.requested_login_user = NULL;
+ event_field_clear(request->event, "login_user");
return FALSE;
}
auth_request_set_login_username_forced(request, username);
request->fields.requested_login_user);
request->fields.master_user = request->fields.user;
+ event_add_str(request->event, "master_user",
+ request->fields.master_user);
+
auth_request_set_username_forced(request,
request->fields.requested_login_user);
request->fields.requested_login_user = NULL;
+ event_field_clear(request->event, "login_user");
}
void auth_request_set_realm(struct auth_request *request, const char *realm)
i_assert(realm != NULL);
request->fields.realm = p_strdup(request->pool, realm);
+ event_add_str(request->event, "realm", request->fields.realm);
}
void auth_request_set_auth_successful(struct auth_request *request)
{
struct event_passthrough *e = event_create_passthrough(event);
- e->add_str("user", request->fields.user);
- e->add_str("original_user", request->fields.original_username);
- e->add_str("translated_user", request->fields.translated_username);
- e->add_str("login_user", request->fields.requested_login_user);
- e->add_str("master_user", request->fields.master_user);
if (request->failed) {
if (request->internal_failure) {
e->add_str("error", "internal failure");
} else if (request->fields.successful) {
e->add_str("success", "yes");
}
- switch (request->fields.secured) {
- case AUTH_REQUEST_SECURED_NONE:
- e->add_str("transport", "insecure");
- break;
- case AUTH_REQUEST_SECURED:
- e->add_str("transport", "trusted");
- break;
- case AUTH_REQUEST_SECURED_TLS:
- e->add_str("transport", "TLS");
- break;
- default:
- i_unreached();
- }
if (request->userdb_lookup) {
return e;
}
- e->add_str("realm", request->fields.realm);
if (request->policy_penalty > 0)
e->add_int("policy_penalty", request->policy_penalty);
if (request->policy_refusal) {
array_push_back(&request->authdb_event, &event);
}
-static struct event_passthrough *
-auth_request_lookup_end_common(struct auth_request *request,
- struct event *event)
-{
- const char *p;
- struct event_passthrough *e = event_create_passthrough(event)->
- add_str("user", request->fields.user);
- if (request->fields.master_user != NULL)
- e->add_str("master_user", request->fields.master_user);
- return e;
-}
-
void auth_request_passdb_lookup_end(struct auth_request *request,
enum passdb_result result)
{
i_assert(array_count(&request->authdb_event) > 0);
struct event *event = authdb_event(request);
struct event_passthrough *e =
- auth_request_lookup_end_common(request, event)->
+ event_create_passthrough(event)->
set_name("auth_passdb_request_finished")->
add_str("result", passdb_result_to_string(result));
e_debug(e->event(), "Finished passdb lookup");
i_assert(array_count(&request->authdb_event) > 0);
struct event *event = authdb_event(request);
struct event_passthrough *e =
- auth_request_lookup_end_common(request, event)->
+ event_create_passthrough(event)->
set_name("auth_userdb_request_finished")->
add_str("result", userdb_result_to_string(result));
e_debug(e->event(), "Finished userdb lookup");
projects / thirdparty / dovecot / core.git / commitdiff
