From: Timo Sirainen Date: Sat, 24 Feb 2024 12:11:10 +0000 (+0200) Subject: auth: passwd-file - Add support for fields { .. } X-Git-Tag: 2.4.1~1026 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=046355e9f70b7a26788134695ed6f4dda07a41c4;p=thirdparty%2Fdovecot%2Fcore.git auth: passwd-file - Add support for fields { .. } --- diff --git a/src/auth/passdb-passwd-file.c b/src/auth/passdb-passwd-file.c index ec003aef2c..17e69c5ddf 100644 --- a/src/auth/passdb-passwd-file.c +++ b/src/auth/passdb-passwd-file.c @@ -25,9 +25,12 @@ passwd_file_add_extra_fields(struct auth_request *request, const struct var_expand_table *table; const char *key, *value, *error; unsigned int i; + int ret = 0; table = auth_request_get_var_expand_table(request, NULL); + pool_t pool = pool_alloconly_create("passwd-file fields", 256); + struct auth_fields *pwd_fields = auth_fields_init(pool); for (i = 0; fields[i] != NULL; i++) { value = strchr(fields[i], '='); if (value != NULL) { @@ -38,16 +41,24 @@ passwd_file_add_extra_fields(struct auth_request *request, e_error(authdb_event(request), "Failed to expand extra field %s: %s", fields[i], error); - return -1; + ret = -1; + break; } value = str_c(str); } else { key = fields[i]; value = ""; } - auth_request_set_field(request, key, value, NULL); + if (request->passdb->set->fields_import_all) + auth_request_set_field(request, key, value, NULL); + if (!str_begins_with(fields[i], "userdb_")) + auth_fields_add(pwd_fields, key, value, 0); } - return 0; + + if (ret == 0 && auth_request_set_passdb_fields(request, pwd_fields) < 0) + ret = -1; + pool_unref(&pool); + return ret; } static int passwd_file_save_results(struct auth_request *request, @@ -64,10 +75,10 @@ static int passwd_file_save_results(struct auth_request *request, auth_request_set_field(request, "password", *crypted_pass_r, *scheme_r); - if (pu->extra_fields != NULL) { - if (passwd_file_add_extra_fields(request, pu->extra_fields) < 0) - return -1; - } + const char *const *extra_fields = pu->extra_fields != NULL ? + pu->extra_fields : empty_str_array; + if (passwd_file_add_extra_fields(request, extra_fields) < 0) + return -1; return 0; } @@ -168,6 +179,7 @@ static void passwd_file_deinit(struct passdb_module *_module) struct passdb_module_interface passdb_passwd_file = { .name = "passwd-file", + .fields_supported = TRUE, .preinit = passwd_file_preinit, .init = passwd_file_init, diff --git a/src/auth/userdb-passwd-file.c b/src/auth/userdb-passwd-file.c index 0c4a5bbc19..95ff9c79fd 100644 --- a/src/auth/userdb-passwd-file.c +++ b/src/auth/userdb-passwd-file.c @@ -29,12 +29,14 @@ struct passwd_file_userdb_module { static int passwd_file_add_extra_fields(struct auth_request *request, - const char *const *fields) + const char *const *fields, + struct auth_fields *pwd_fields) { string_t *str = t_str_new(512); const struct var_expand_table *table; const char *key, *value, *error; unsigned int i; + int ret = 0; table = auth_request_get_var_expand_table(request, NULL); @@ -51,15 +53,20 @@ passwd_file_add_extra_fields(struct auth_request *request, e_error(authdb_event(request), "Failed to expand extra field %s: %s", fields[i], error); - return -1; + ret = -1; + break; } value = str_c(str); } else { value = ""; } - auth_request_set_userdb_field(request, key, value); + if (request->userdb->set->fields_import_all) + auth_request_set_userdb_field(request, key, value); + auth_fields_add(pwd_fields, key, value, 0); } - return 0; + if (ret == 0 && auth_request_set_userdb_fields(request, pwd_fields) < 0) + ret = -1; + return ret; } static void passwd_file_lookup(struct auth_request *auth_request, @@ -79,25 +86,45 @@ static void passwd_file_lookup(struct auth_request *auth_request, return; } + pool_t pool = pool_alloconly_create("passwd-file fields", 256); + struct auth_fields *pwd_fields = auth_fields_init(pool); + if (pu->uid != (uid_t)-1) { - auth_request_set_userdb_field(auth_request, "uid", - dec2str(pu->uid)); + const char *value = dec2str(pu->uid); + if (auth_request->userdb->set->fields_import_all) { + auth_request_set_userdb_field(auth_request, "uid", + value); + } + auth_fields_add(pwd_fields, "uid", value, 0); } if (pu->gid != (gid_t)-1) { - auth_request_set_userdb_field(auth_request, "gid", - dec2str(pu->gid)); + const char *value = dec2str(pu->gid); + if (auth_request->userdb->set->fields_import_all) { + auth_request_set_userdb_field(auth_request, "gid", + value); + } + auth_fields_add(pwd_fields, "gid", value, 0); } - if (pu->home != NULL) - auth_request_set_userdb_field(auth_request, "home", pu->home); + if (pu->home != NULL) { + if (auth_request->userdb->set->fields_import_all) { + auth_request_set_userdb_field(auth_request, + "home", pu->home); + } + auth_fields_add(pwd_fields, "home", pu->home, 0); + } - if (pu->extra_fields != NULL && - passwd_file_add_extra_fields(auth_request, pu->extra_fields) < 0) { + const char *const *extra_fields = pu->extra_fields != NULL ? + pu->extra_fields : empty_str_array; + if (passwd_file_add_extra_fields(auth_request, extra_fields, + pwd_fields) < 0) { callback(USERDB_RESULT_INTERNAL_FAILURE, auth_request); + pool_unref(&pool); return; } callback(USERDB_RESULT_OK, auth_request); + pool_unref(&pool); } static struct userdb_iterate_context * @@ -220,6 +247,7 @@ static void passwd_file_deinit(struct userdb_module *_module) struct userdb_module_interface userdb_passwd_file = { .name = "passwd-file", + .fields_supported = TRUE, .preinit = passwd_file_preinit, .init = passwd_file_init,