From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Thu, 8 Jun 2023 07:22:13 +0000 (+0300)
Subject: auth: Fix "nodelay" field to work again
X-Git-Tag: 2.4.0~2547
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=12af5393276e98cee4199630618b18c6b37c51cd;p=thirdparty%2Fdovecot%2Fcore.git

auth: Fix "nodelay" field to work again

Broken by 31633d676642b83305b8d46da495d9bb4e2d1ff8
---

diff --git a/src/auth/auth-request-handler.c b/src/auth/auth-request-handler.c
index a885a78612..4f190cc35a 100644
--- a/src/auth/auth-request-handler.c
+++ b/src/auth/auth-request-handler.c
@@ -231,7 +231,9 @@ auth_request_handle_failure(struct auth_request *request, const char *reply)
 	if (request->set->policy_report_after_auth)
 		auth_policy_report(request);
 
-	if (auth_fields_exists(request->fields.extra_fields, "nodelay")) {
+	e_debug(request->event, "handling failure, nodelay=%d",
+		(int) request->failure_nodelay);
+	if (request->failure_nodelay) {
 		/* passdb specifically requested not to delay the reply. */
 		handler->callback(reply, handler->conn);
 		auth_request_unref(&request);
diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
index 87b704907a..a40158cfc5 100644
--- a/src/auth/auth-request.c
+++ b/src/auth/auth-request.c
@@ -1772,6 +1772,11 @@ void auth_request_set_field(struct auth_request *request,
 					       &request->fields.remote_ip);
 	} else if (strcmp(name, "fail") == 0) {
 		request->failed = TRUE;
+	} else if (strcmp(name, "nodelay") == 0) {
+		/* don't delay replying to client of the failure */
+		request->failure_nodelay = TRUE;
+	 	auth_fields_add(request->fields.extra_fields, name, value, 0);
+	 	return;
 	} else if (strcmp(name, "delay_until") == 0) {
 		time_t timestamp;
 		unsigned int extra_secs = 0;
diff --git a/src/auth/auth-request.h b/src/auth/auth-request.h
index 6322724066..a394112893 100644
--- a/src/auth/auth-request.h
+++ b/src/auth/auth-request.h
@@ -213,6 +213,10 @@ struct auth_request {
 	bool stats_sent:1;
 	bool policy_refusal:1;
 	bool policy_processed:1;
+	/* "nodelay" passdb extra field: Disable delay if auth fails. This
+	   needs to be tracked outside regular extra fields, because they get
+	   rolled back on passdb failure. */
+	bool failure_nodelay:1;
 
 	bool event_finished_sent:1;
 
diff --git a/src/auth/test-mech.c b/src/auth/test-mech.c
index 9f45afae94..d6150a1cd1 100644
--- a/src/auth/test-mech.c
+++ b/src/auth/test-mech.c
@@ -147,7 +147,7 @@ static void test_mech_prepare_request(struct auth_request **request_r,
 	request->userdb = auth->userdbs;
 	handler->refcount = 1;
 
-	auth_fields_add(request->fields.extra_fields, "nodelay", "", 0);
+	request->failure_nodelay = TRUE;
 	auth_request_ref(request);
 	auth_request_state_count[AUTH_REQUEST_STATE_NEW] = 1;