From: Timo Sirainen Date: Sat, 19 Nov 2011 21:41:17 +0000 (+0200) Subject: auth: Moved all i_fatal()s to preinit stage. X-Git-Tag: 2.1.rc1~44 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3fc7d2bd299401a2b468b11975aa123f7865c36e;p=thirdparty%2Fdovecot%2Fcore.git auth: Moved all i_fatal()s to preinit stage. This avoids a wrongly configured auth process from rapidly respawning. --- diff --git a/src/auth/auth.c b/src/auth/auth.c index 40484fea7e..a05339011e 100644 --- a/src/auth/auth.c +++ b/src/auth/auth.c @@ -47,66 +47,6 @@ auth_userdb_preinit(struct auth *auth, const struct auth_userdb_settings *set) auth_userdb->userdb = userdb_preinit(auth->pool, set); } -static struct auth * -auth_preinit(const struct auth_settings *set, const char *service, pool_t pool, - const struct mechanisms_register *reg) -{ - struct auth_passdb_settings *const *passdbs; - struct auth_userdb_settings *const *userdbs; - struct auth *auth; - unsigned int i, count, db_count, passdb_count, last_passdb = 0; - - auth = p_new(pool, struct auth, 1); - auth->pool = pool; - auth->service = p_strdup(pool, service); - auth->set = set; - auth->reg = reg; - - if (array_is_created(&set->passdbs)) - passdbs = array_get(&set->passdbs, &db_count); - else { - passdbs = NULL; - db_count = 0; - } - - /* initialize passdbs first and count them */ - for (passdb_count = 0, i = 0; i < db_count; i++) { - if (passdbs[i]->master) - continue; - - auth_passdb_preinit(auth, passdbs[i], &auth->passdbs); - passdb_count++; - last_passdb = i; - } - if (passdb_count != 0 && passdbs[last_passdb]->pass) - i_fatal("Last passdb can't have pass=yes"); - - for (i = 0; i < db_count; i++) { - if (!passdbs[i]->master) - continue; - - if (passdbs[i]->deny) - i_fatal("Master passdb can't have deny=yes"); - if (passdbs[i]->pass && passdb_count == 0) { - i_fatal("Master passdb can't have pass=yes " - "if there are no passdbs"); - } - auth_passdb_preinit(auth, passdbs[i], &auth->masterdbs); - } - - if (array_is_created(&set->userdbs)) { - userdbs = array_get(&set->userdbs, &count); - for (i = 0; i < count; i++) - auth_userdb_preinit(auth, userdbs[i]); - } - - if (auth->userdbs == NULL) { - /* use a dummy userdb static. */ - auth_userdb_preinit(auth, &userdb_dummy_set); - } - return auth; -} - static bool auth_passdb_list_have_verify_plain(struct auth *auth) { struct auth_passdb *passdb; @@ -185,6 +125,67 @@ static void auth_mech_list_verify_passdb(struct auth *auth) } } +static struct auth * +auth_preinit(const struct auth_settings *set, const char *service, pool_t pool, + const struct mechanisms_register *reg) +{ + struct auth_passdb_settings *const *passdbs; + struct auth_userdb_settings *const *userdbs; + struct auth *auth; + unsigned int i, count, db_count, passdb_count, last_passdb = 0; + + auth = p_new(pool, struct auth, 1); + auth->pool = pool; + auth->service = p_strdup(pool, service); + auth->set = set; + auth->reg = reg; + + if (array_is_created(&set->passdbs)) + passdbs = array_get(&set->passdbs, &db_count); + else { + passdbs = NULL; + db_count = 0; + } + + /* initialize passdbs first and count them */ + for (passdb_count = 0, i = 0; i < db_count; i++) { + if (passdbs[i]->master) + continue; + + auth_passdb_preinit(auth, passdbs[i], &auth->passdbs); + passdb_count++; + last_passdb = i; + } + if (passdb_count != 0 && passdbs[last_passdb]->pass) + i_fatal("Last passdb can't have pass=yes"); + + for (i = 0; i < db_count; i++) { + if (!passdbs[i]->master) + continue; + + if (passdbs[i]->deny) + i_fatal("Master passdb can't have deny=yes"); + if (passdbs[i]->pass && passdb_count == 0) { + i_fatal("Master passdb can't have pass=yes " + "if there are no passdbs"); + } + auth_passdb_preinit(auth, passdbs[i], &auth->masterdbs); + } + + if (array_is_created(&set->userdbs)) { + userdbs = array_get(&set->userdbs, &count); + for (i = 0; i < count; i++) + auth_userdb_preinit(auth, userdbs[i]); + } + + if (auth->userdbs == NULL) { + /* use a dummy userdb static. */ + auth_userdb_preinit(auth, &userdb_dummy_set); + } + auth_mech_list_verify_passdb(auth); + return auth; +} + static void auth_init(struct auth *auth) { struct auth_passdb *passdb; @@ -196,8 +197,6 @@ static void auth_init(struct auth *auth) passdb_init(passdb->passdb); for (userdb = auth->userdbs; userdb != NULL; userdb = userdb->next) userdb_init(userdb->userdb); - - auth_mech_list_verify_passdb(auth); } static void auth_deinit(struct auth *auth) diff --git a/src/auth/passdb-passwd.c b/src/auth/passdb-passwd.c index fe0276b358..fd46eb7a33 100644 --- a/src/auth/passdb-passwd.c +++ b/src/auth/passdb-passwd.c @@ -61,16 +61,21 @@ passwd_verify_plain(struct auth_request *request, const char *password, callback(PASSDB_RESULT_OK, request); } -static void passwd_init(struct passdb_module *module) +static struct passdb_module * +passwd_preinit(pool_t pool, const char *args) { + struct passdb_module *module; + + module = p_new(pool, struct passdb_module, 1); module->blocking = TRUE; - if (strcmp(module->args, "blocking=no") == 0) + if (strcmp(args, "blocking=no") == 0) module->blocking = FALSE; - else if (*module->args != '\0') - i_fatal("passdb passwd: Unknown setting: %s", module->args); + else if (*args != '\0') + i_fatal("passdb passwd: Unknown setting: %s", args); module->cache_key = PASSWD_CACHE_KEY; module->default_pass_scheme = PASSWD_PASS_SCHEME; + return module; } static void passwd_deinit(struct passdb_module *module ATTR_UNUSED) @@ -81,8 +86,8 @@ static void passwd_deinit(struct passdb_module *module ATTR_UNUSED) struct passdb_module_interface passdb_passwd = { "passwd", + passwd_preinit, NULL, - passwd_init, passwd_deinit, passwd_verify_plain, diff --git a/src/auth/passdb-shadow.c b/src/auth/passdb-shadow.c index 2aadfa4f67..1c6d49b581 100644 --- a/src/auth/passdb-shadow.c +++ b/src/auth/passdb-shadow.c @@ -57,16 +57,21 @@ shadow_verify_plain(struct auth_request *request, const char *password, callback(PASSDB_RESULT_OK, request); } -static void shadow_init(struct passdb_module *module) +static struct passdb_module * +shadow_preinit(pool_t pool, const char *args) { + struct passdb_module *module; + + module = p_new(pool, struct passdb_module, 1); module->blocking = TRUE; - if (strcmp(module->args, "blocking=no") == 0) + if (strcmp(args, "blocking=no") == 0) module->blocking = FALSE; - else if (*module->args != '\0') - i_fatal("passdb shadow: Unknown setting: %s", module->args); + else if (*args != '\0') + i_fatal("passdb shadow: Unknown setting: %s", args); module->cache_key = SHADOW_CACHE_KEY; module->default_pass_scheme = SHADOW_PASS_SCHEME; + return module; } static void shadow_deinit(struct passdb_module *module ATTR_UNUSED) @@ -77,8 +82,8 @@ static void shadow_deinit(struct passdb_module *module ATTR_UNUSED) struct passdb_module_interface passdb_shadow = { "shadow", + shadow_preinit, NULL, - shadow_init, shadow_deinit, shadow_verify_plain,