Wraps auth_request_set_username() in normal, anonymous and external contexts.
auth_request);
const unsigned char *tmp, *end, *username = NULL;
unsigned long pid, connect_uid, timestamp;
- const char *error;
/* pop3-login handles sending the challenge and getting the response.
Our input here is: <challenge> \0 <username> \0 <response> */
return;
}
- if (!auth_request_set_username(auth_request, (const char *)username,
- &error)) {
- e_info(auth_request->mech_event, "%s", error);
+ if (!sasl_server_request_set_authid(auth_request,
+ SASL_SERVER_AUTHID_TYPE_USERNAME,
+ (const char *)username)) {
sasl_server_request_failure(auth_request);
return;
}
mech_dovecot_token_auth_continue(struct auth_request *request,
const unsigned char *data, size_t data_size)
{
- const char *session_id, *username, *pid, *service, *error;
+ const char *session_id, *username, *pid, *service;
char *auth_token;
size_t i, len;
int count;
/* invalid input */
e_info(request->mech_event, "invalid input");
sasl_server_request_failure(request);
- } else if (!auth_request_set_username(request, username, &error)) {
+ } else if (!sasl_server_request_set_authid(
+ request, SASL_SERVER_AUTHID_TYPE_USERNAME, username)) {
/* invalid username */
- e_info(request->mech_event, "%s", error);
sasl_server_request_failure(request);
} else {
const char *valid_token =
{
i_assert(*request->set->anonymous_username != '\0');
- /* temporarily set the user to the one that was given, so that the log
- message goes right */
- auth_request_set_username_forced(request, t_strndup(data, data_size));
- e_info(request->mech_event, "login");
- auth_request_set_username_forced(request,
- request->set->anonymous_username);
+ if (!sasl_server_request_set_authid(request,
+ SASL_SERVER_AUTHID_TYPE_ANONYMOUS,
+ t_strndup(data, data_size))) {
+ sasl_server_request_failure(request);
+ return;
+ }
request->passdb_success = TRUE;
sasl_server_request_success(request, "", 0);
struct cram_auth_request *request =
container_of(auth_request, struct cram_auth_request,
auth_request);
- const char *error;
if (!parse_cram_response(request, data, data_size)) {
sasl_server_request_failure(auth_request);
return;
}
- if (!auth_request_set_username(auth_request, request->username,
- &error)) {
- e_info(auth_request->mech_event, "%s", error);
+ if (!sasl_server_request_set_authid(auth_request,
+ SASL_SERVER_AUTHID_TYPE_USERNAME,
+ request->username)) {
sasl_server_request_failure(auth_request);
return;
}
} else {
username = request->username;
}
- if (!auth_request_set_username(auth_request, username, &error)) {
- e_info(auth_request->mech_event, "%s", error);
+ if (!sasl_server_request_set_authid(auth_request,
+ SASL_SERVER_AUTHID_TYPE_USERNAME,
+ username)) {
sasl_server_request_failure(auth_request);
return;
}
if (request->authzid != NULL &&
- !auth_request_set_login_username(auth_request, request->authzid,
- &error)) {
+ !auth_request_set_login_username(auth_request, request->authzid,
+ &error)) {
e_info(auth_request->mech_event, "login user: %s", error);
sasl_server_request_failure(auth_request);
return;
const char *authzid, *error;
authzid = t_strndup(data, data_size);
- if (request->fields.user == NULL) {
- e_info(request->mech_event,
- "username not known");
- sasl_server_request_failure(request);
- return;
- }
- /* this call is done simply to put the username through translation
- settings */
- if (!auth_request_set_username(request, "", &error)) {
- e_info(request->mech_event,
- "Invalid username");
+ if (!sasl_server_request_set_authid(request,
+ SASL_SERVER_AUTHID_TYPE_EXTERNAL,
+ "")) {
sasl_server_request_failure(request);
return;
}
-
if (*authzid != '\0' &&
!auth_request_set_login_username(request, authzid, &error)) {
- /* invalid login username */
e_info(request->mech_event,
"login user: %s", error);
sasl_server_request_failure(request);
- } else {
- sasl_server_request_verify_plain(
- request, "", sasl_server_mech_plain_verify_callback);
+ return;
}
+ sasl_server_request_verify_plain(
+ request, "", sasl_server_mech_plain_verify_callback);
}
static struct auth_request *mech_external_auth_new(void)
gss_buffer_desc output_token;
gss_OID name_type;
gss_OID mech_type;
- const char *username, *error;
+ const char *username;
int ret = 0;
major_status = gss_accept_sec_context (
} else if (get_display_name(request, request->authn_name,
&name_type, &username) < 0)
ret = -1;
- else if (!auth_request_set_username(auth_request, username,
- &error)) {
- e_info(auth_request->mech_event,
- "authn_name: %s", error);
+ else if (!sasl_server_request_set_authid(
+ auth_request, SASL_SERVER_AUTHID_TYPE_USERNAME,
+ username)) {
ret = -1;
} else {
request->sasl_gssapi_state = GSS_STATE_WRAP;
will be the authorization name, not the authentication name, which
may mean that future log messages should be adjusted to log the right
thing. */
- if (!auth_request_set_username(auth_request, login_user, &error)) {
+ if (!sasl_server_request_set_authid(auth_request,
+ SASL_SERVER_AUTHID_TYPE_USERNAME,
+ login_user)) {
e_info(auth_request->mech_event,
"authz_name: %s", error);
(void)gss_release_buffer(&minor_status, &outbuf);
const unsigned char *data, size_t data_size)
{
static const char prompt2[] = "Password:";
- const char *username, *error;
+ const char *username;
if (request->fields.user == NULL) {
username = t_strndup(data, data_size);
- if (!auth_request_set_username(request, username, &error)) {
- e_info(request->mech_event, "%s", error);
+ if (!sasl_server_request_set_authid(
+ request, SASL_SERVER_AUTHID_TYPE_USERNAME,
+ username)) {
sasl_server_request_failure(request);
return;
}
oauth2_fail_invalid_request(oauth2_req);
return;
}
- if (!auth_request_set_username(request, gs2_header.authzid, &error)) {
- e_info(request->mech_event, "%s", error);
+ if (!sasl_server_request_set_authid(request,
+ SASL_SERVER_AUTHID_TYPE_USERNAME,
+ gs2_header.authzid)) {
oauth2_fail_invalid_request(oauth2_req);
return;
}
/* split the data from ^A */
bool user_given = FALSE;
const char *value;
- const char *error;
const char *token = NULL;
const char *const *ptr;
const char *username;
}
if (user_given &&
- !auth_request_set_username(request, username, &error)) {
- e_info(request->mech_event, "%s", error);
+ !sasl_server_request_set_authid(request,
+ SASL_SERVER_AUTHID_TYPE_USERNAME,
+ username)) {
oauth2_fail_invalid_request(oauth2_req);
return;
}
const unsigned char *data, size_t data_size)
{
struct auth_request *auth_request = &request->auth_request;
- const char *authenid, *error;
+ const char *authenid;
size_t i, count;
/* authorization ID \0 authentication ID
return;
}
- if (!auth_request_set_username(auth_request, authenid, &error)) {
- e_info(auth_request->mech_event, "%s", error);
+ if (!sasl_server_request_set_authid(
+ auth_request, SASL_SERVER_AUTHID_TYPE_USERNAME,
+ authenid)) {
sasl_server_request_failure(auth_request);
return;
}
/* invalid input */
e_info(request->mech_event, "invalid input");
sasl_server_request_failure(request);
- } else if (!auth_request_set_username(request, authenid, &error)) {
+ } else if (!sasl_server_request_set_authid(
+ request, SASL_SERVER_AUTHID_TYPE_USERNAME, authenid)) {
/* invalid username */
- e_info(request->mech_event, "%s", error);
sasl_server_request_failure(request);
} else if (*authid != '\0' &&
!auth_request_set_login_username(request, authid, &error)) {
struct scram_auth_request *request =
container_of(asserver, struct scram_auth_request, scram_server);
struct auth_request *auth_request = &request->auth_request;
- const char *error;
- if (!auth_request_set_username(auth_request, username, &error)) {
- e_info(auth_request->mech_event, "%s", error);
- return FALSE;
- }
- return TRUE;
+ return sasl_server_request_set_authid(auth_request,
+ SASL_SERVER_AUTHID_TYPE_USERNAME,
+ username);
}
static bool
const char *error;
if (!auth_request_set_login_username(auth_request, username, &error)) {
- e_info(auth_request->mech_event, "login user: %s", error);
+ e_info(auth_request->event, "%s", error);
return FALSE;
}
return TRUE;
"user not authenticated: %s", error);
return HR_FAIL;
} else if (strcmp(token[0], "AF") == 0) {
- const char *user, *p, *error;
+ const char *user, *p;
user = t_strarray_join(gss_spnego ? token+2 : token+1, " ");
i_assert(user != NULL);
t_strdup_until(user, p), NULL);
}
- if (!auth_request_set_username(auth_request, user, &error)) {
- e_info(auth_request->mech_event,
- "%s", error);
+ if (!sasl_server_request_set_authid(
+ auth_request, SASL_SERVER_AUTHID_TYPE_USERNAME,
+ user))
return HR_FAIL;
- }
request->auth_request.passdb_success = TRUE;
if (gss_spnego && strcmp(token[1], "*") != 0) {
* Request
*/
+bool sasl_server_request_set_authid(struct auth_request *request,
+ enum sasl_server_authid_type authid_type,
+ const char *authid);
+
void sasl_server_request_output(struct auth_request *request,
const void *data, size_t data_size);
void sasl_server_request_success(struct auth_request *request,
* Mechanism API
*/
+bool sasl_server_request_set_authid(struct auth_request *request,
+ enum sasl_server_authid_type authid_type,
+ const char *authid)
+{
+ return auth_sasl_request_set_authid(request, authid_type, authid);
+}
+
void sasl_server_request_output(struct auth_request *request,
const void *data, size_t data_size)
{
projects / thirdparty / dovecot / core.git / commitdiff
