auth: auth-request-handler - Move mechanism validation to separate function

diff --git a/src/auth/auth-request-handler.c b/src/auth/auth-request-handler.c
index 1d9e3388000440cf1cf7af80a26f632e72882321..e415acdc97b1f7e838eae8ebbd584a43c6b42ca9 100644 (file)
--- a/src/auth/auth-request-handler.c
+++ b/src/auth/auth-request-handler.c
@@ -567,51 +567,65 @@ auth_penalty_callback(unsigned int penalty, struct auth_request *request)
        }
 }
 
-int auth_request_handler_auth_begin(struct auth_request_handler *handler,
-                                   const char *const *args)
+static int
+auth_request_handler_find_mech(struct auth_request_handler *handler,
+                              const char *mech_name,
+                              const struct sasl_server_mech_def **mech_r)
 {
        const struct sasl_server_mech_def *mech;
-       struct auth_request *request;
-       const char *name, *arg, *initial_resp;
-       void *initial_resp_data;
-       unsigned int id;
-       buffer_t *buf;
-
-       i_assert(!handler->destroyed);
-
-       /* <id> <mechanism> [...] */
-       if (args[0] == NULL || args[1] == NULL ||
-           str_to_uint(args[0], &id) < 0 || id == 0) {
-               e_error(handler->conn->conn.event,
-                       "BUG: Authentication client %u "
-                       "sent broken AUTH request", handler->client_pid);
-               return -1;
-       }
 
        if (handler->token_auth) {
                mech = &mech_dovecot_token;
-               if (strcmp(args[1], mech->mech_name) != 0) {
+               if (strcmp(mech_name, mech->mech_name) != 0) {
                        /* unsupported mechanism */
                        e_error(handler->conn->conn.event,
                                "BUG: Authentication client %u requested invalid "
                                "authentication mechanism %s (DOVECOT-TOKEN required)",
                                handler->client_pid,
-                               str_sanitize(args[1], AUTH_SASL_MAX_MECH_NAME_LEN));
+                               str_sanitize(mech_name, AUTH_SASL_MAX_MECH_NAME_LEN));
                        return -1;
                }
        } else {
                struct auth *auth_default = auth_default_protocol();
-               mech = mech_register_find(auth_default->reg, args[1]);
+               mech = mech_register_find(auth_default->reg, mech_name);
                if (mech == NULL) {
                        /* unsupported mechanism */
                        e_error(handler->conn->conn.event,
                                "BUG: Authentication client %u requested unsupported "
                                "authentication mechanism %s", handler->client_pid,
-                               str_sanitize(args[1], AUTH_SASL_MAX_MECH_NAME_LEN));
+                               str_sanitize(mech_name, AUTH_SASL_MAX_MECH_NAME_LEN));
                        return -1;
                }
        }
 
+       *mech_r = mech;
+       return 0;
+}
+
+int auth_request_handler_auth_begin(struct auth_request_handler *handler,
+                                   const char *const *args)
+{
+       const struct sasl_server_mech_def *mech;
+       struct auth_request *request;
+       const char *name, *arg, *initial_resp;
+       void *initial_resp_data;
+       unsigned int id;
+       buffer_t *buf;
+
+       i_assert(!handler->destroyed);
+
+       /* <id> <mechanism> [...] */
+       if (args[0] == NULL || args[1] == NULL ||
+           str_to_uint(args[0], &id) < 0 || id == 0) {
+               e_error(handler->conn->conn.event,
+                       "BUG: Authentication client %u "
+                       "sent broken AUTH request", handler->client_pid);
+               return -1;
+       }
+
+       if (auth_request_handler_find_mech(handler, args[1], &mech) < 0)
+               return -1;
+
        request = auth_request_new(mech, handler->conn->conn.event);
        request->handler = handler;
        request->connect_uid = handler->connect_uid;