const char *const *fields;
const char *service = NULL;
unsigned int count, i;
+ const char *error;
- auth_user_fields_parse(extra_fields, pool_datastack_create(), &reply);
+ if (auth_user_fields_parse(extra_fields, pool_datastack_create(),
+ &reply, &error) < 0) {
+ e_error(request->conn->event,
+ "Invalid settings in userdb: %s", error);
+ if (write(request->fd, msg, strlen(msg)) < 0) {
+ /* ignored */
+ }
+ net_disconnect(request->fd);
+ return;
+ }
/* check peer credentials if possible */
if (reply.uid != (uid_t)-1 && net_getunixcred(request->fd, &cred) == 0 &&
return ctx.return_value;
}
-void auth_user_fields_parse(const char *const *fields, pool_t pool,
- struct auth_user_reply *reply_r)
+int auth_user_fields_parse(const char *const *fields, pool_t pool,
+ struct auth_user_reply *reply_r, const char **error_r)
{
const char *value;
for (; *fields != NULL; fields++) {
if (str_begins(*fields, "uid=", &value)) {
- if (str_to_uid(value, &reply_r->uid) < 0)
- i_error("Invalid uid in reply");
+ if (str_to_uid(value, &reply_r->uid) < 0) {
+ *error_r = "Invalid uid in reply";
+ return -1;
+ }
} else if (str_begins(*fields, "gid=", &value)) {
- if (str_to_gid(value, &reply_r->gid) < 0)
- i_error("Invalid gid in reply");
+ if (str_to_gid(value, &reply_r->gid) < 0) {
+ *error_r = "Invalid gid in reply";
+ return -1;
+ }
} else if (str_begins(*fields, "home=", &value))
reply_r->home = p_strdup(pool, value);
else if (str_begins(*fields, "chroot=", &value))
array_push_back(&reply_r->extra_fields, &field);
}
}
+ return 0;
}
int auth_master_pass_lookup(struct auth_master_connection *conn,
const char *const *users, unsigned int *count_r);
/* Parse userdb extra fields into auth_user_reply structure. */
-void auth_user_fields_parse(const char *const *fields, pool_t pool,
- struct auth_user_reply *reply_r);
+int auth_user_fields_parse(const char *const *fields, pool_t pool,
+ struct auth_user_reply *reply_r, const char **error_r);
/* Iterate through all users. If user_mask is non-NULL, it contains a string
with wildcards ('*', '?') that the auth server MAY use to limit what users
}
if (userdb_fields != NULL) {
- auth_user_fields_parse(userdb_fields, temp_pool, &reply);
- array_sort(&reply.extra_fields, extra_field_key_cmp_p);
- if (user_reply_handle(ctx, user, &reply, &error) < 0) {
+ int ret2 = auth_user_fields_parse(userdb_fields, temp_pool,
+ &reply, &error);
+ if (ret2 == 0) {
+ array_sort(&reply.extra_fields, extra_field_key_cmp_p);
+ ret2 = user_reply_handle(ctx, user, &reply, &error);
+ }
+
+ if (ret2 < 0) {
*error_r = t_strdup_printf(
"Invalid settings in userdb: %s", error);
ret = -2;
user->username, &info, userdb_pool,
&username, &fields);
if (ret > 0) {
- auth_user_fields_parse(fields, userdb_pool, &reply);
- user->_home = p_strdup(user->pool, reply.home);
+ const char *error;
+ if (auth_user_fields_parse(fields, userdb_pool,
+ &reply, &error) < 0) {
+ e_error(user->event,
+ "Failed to parse credentials due to %s", error);
+ ret = -1;
+ } else
+ user->_home = p_strdup(user->pool, reply.home);
}
pool_unref(&userdb_pool);
return ret;
projects / thirdparty / dovecot / core.git / commitdiff
