From: Timo Sirainen Date: Fri, 9 Aug 2024 20:18:50 +0000 (+0300) Subject: auth: Remove passdb/userdb_default/override_fields X-Git-Tag: 2.4.1~739 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2bdc6c21296b55ddef31124469b2ae75d5dc111e;p=thirdparty%2Fdovecot%2Fcore.git auth: Remove passdb/userdb_default/override_fields All passdbs and userdbs now support the passdb/userdb_fields, which replaces these. --- diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c index 3db841d3a3..c221eb8b1e 100644 --- a/src/auth/auth-request.c +++ b/src/auth/auth-request.c @@ -907,91 +907,6 @@ int auth_request_set_userdb_fields_ex(struct auth_request *request, void *contex return 0; } -static int auth_request_set_default_fields(struct auth_request *request) -{ - struct event *event = authdb_event(request); - const struct auth_passdb_pre_settings *pre_set; - const char *error; - - if (settings_get(event, &auth_passdb_pre_setting_parser_info, 0, - &pre_set, &error) < 0) { - e_error(event, "%s", error); - return -1; - } - auth_request_set_strlist(request, &pre_set->default_fields, - STATIC_PASS_SCHEME); - settings_free(pre_set); - return 0; -} - -static int auth_request_set_override_fields(struct auth_request *request) -{ - struct event *event = authdb_event(request); - const struct auth_passdb_post_settings *post_set; - const char *error; - - if (request->passdb->passdb->iface.fields_supported) { - /* passdb_fields was already processed. It may be referring to - %{driver:*} fields that are not available currently, so just - skip processing the passdb_override_fields. This setting - will go away anyway once all passdbs are converted to use - fields. */ - return 0; - } - - if (settings_get(event, &auth_passdb_post_setting_parser_info, 0, - &post_set, &error) < 0) { - e_error(event, "%s", error); - return -1; - } - auth_request_set_strlist(request, &post_set->override_fields, - STATIC_PASS_SCHEME); - settings_free(post_set); - return 0; -} - -int auth_request_set_userdb_default_fields(struct auth_request *request) -{ - struct event *event = authdb_event(request); - const struct auth_userdb_pre_settings *pre_set; - const char *error; - - if (settings_get(event, &auth_userdb_pre_setting_parser_info, 0, - &pre_set, &error) < 0) { - e_error(event, "%s", error); - return -1; - } - auth_request_set_userdb_strlist(request, &pre_set->default_fields); - settings_free(pre_set); - return 0; -} - -static int auth_request_set_userdb_override_fields(struct auth_request *request) -{ - struct event *event = authdb_event(request); - const struct auth_userdb_post_settings *post_set; - const char *error; - - if (request->userdb->userdb->iface->fields_supported) { - /* userdb_fields was already processed. It may be referring to - %{driver:*} fields that are not available currently, so just - skip processing the userdb_override_fields. This setting - will go away anyway once all userdbs are converted to use - fields. */ - return 0; - } - - - if (settings_get(event, &auth_userdb_post_setting_parser_info, 0, - &post_set, &error) < 0) { - e_error(event, "%s", error); - return -1; - } - auth_request_set_userdb_strlist(request, &post_set->override_fields); - settings_free(post_set); - return 0; -} - static int auth_request_finish_passdb_lookup(enum passdb_result *result, struct auth_request *request, @@ -1197,9 +1112,6 @@ auth_request_verify_plain_callback_finish(enum passdb_result result, { int ret; - if (auth_request_set_override_fields(request) < 0) - result = PASSDB_RESULT_INTERNAL_FAILURE; - if ((ret = auth_request_handle_passdb_callback(&result, request)) == 0) { /* try next passdb */ auth_request_verify_plain(request, request->mech_password, @@ -1414,9 +1326,6 @@ void auth_request_default_verify_plain_continue( PASSDB_RESULT_INTERNAL_FAILURE, request); } else if (passdb->passdb->blocking) { passdb_blocking_verify_plain(request); - } else if (auth_request_set_default_fields(request) < 0) { - auth_request_verify_plain_callback( - PASSDB_RESULT_INTERNAL_FAILURE, request); } else { passdb->passdb->iface.verify_plain( request, password, auth_request_verify_plain_callback); @@ -1431,9 +1340,6 @@ auth_request_lookup_credentials_finish(enum passdb_result result, { int ret; - if (auth_request_set_override_fields(request) < 0) - result = PASSDB_RESULT_INTERNAL_FAILURE; - if ((ret = auth_request_handle_passdb_callback(&result, request)) == 0) { /* try next passdb */ if (request->fields.skip_password_check && @@ -1603,10 +1509,6 @@ auth_request_lookup_credentials_policy_continue( uchar_empty_ptr, 0, request); } else if (passdb->passdb->blocking) { passdb_blocking_lookup_credentials(request); - } else if (auth_request_set_default_fields(request) < 0) { - auth_request_lookup_credentials_callback( - PASSDB_RESULT_INTERNAL_FAILURE, - uchar_empty_ptr, 0, request); } else { passdb->passdb->iface.lookup_credentials(request, auth_request_lookup_credentials_callback); @@ -1706,9 +1608,7 @@ auth_request_lookup_user_cache(struct auth_request *request, const char *key, } /* We want to preserve any userdb fields set by the earlier passdb - lookup, so initialize userdb_reply only if it doesn't exist. - Don't add userdb's default_fields, because the entire userdb part of - the result comes from the cache. */ + lookup, so initialize userdb_reply only if it doesn't exist. */ if (request->fields.userdb_reply == NULL) auth_request_init_userdb_reply(request); auth_request_userdb_import(request, value); @@ -1741,10 +1641,7 @@ void auth_request_userdb_callback(enum userdb_result result, if (result == USERDB_RESULT_OK) { /* this userdb lookup succeeded, preserve its extra fields */ - if (auth_request_set_userdb_override_fields(request) < 0) - result = USERDB_RESULT_INTERNAL_FAILURE; - else - auth_fields_snapshot(request->fields.userdb_reply); + auth_fields_snapshot(request->fields.userdb_reply); } else { /* this userdb lookup failed, remove any extra fields it set */ @@ -1873,15 +1770,6 @@ void auth_request_lookup_user(struct auth_request *request, auth_request_userdb_lookup_begin(request); - /* we still want to set default_fields. these override any - existing fields set by previous userdbs (because if that is - unwanted, ":protected" can be used). */ - if (auth_request_set_userdb_default_fields(request) < 0) { - auth_request_userdb_callback( - USERDB_RESULT_INTERNAL_FAILURE, request); - return; - } - /* (for now) auth_cache is shared between passdb and userdb */ cache_key = passdb_cache == NULL ? NULL : userdb->cache_key; if (cache_key != NULL) { diff --git a/src/auth/auth-request.h b/src/auth/auth-request.h index f829920981..5c8326eb69 100644 --- a/src/auth/auth-request.h +++ b/src/auth/auth-request.h @@ -423,8 +423,6 @@ void auth_request_userdb_lookup_begin(struct auth_request *request); void auth_request_userdb_lookup_end(struct auth_request *request, enum userdb_result result); -int auth_request_set_userdb_default_fields(struct auth_request *request); - /* Fetches the current authdb event, this is done because some lookups can recurse into new lookups, requiring new event, which will be returned here. */ diff --git a/src/auth/auth-settings.c b/src/auth/auth-settings.c index 228fb0c388..e00fdb716f 100644 --- a/src/auth/auth-settings.c +++ b/src/auth/auth-settings.c @@ -159,39 +159,15 @@ const struct setting_parser_info auth_passdb_setting_parser_info = { .check_func = auth_passdb_settings_check }; -static const struct setting_define auth_passdb_pre_setting_defines[] = { - { .type = SET_STRLIST, .key = "passdb_default_fields", - .offset = offsetof(struct auth_passdb_pre_settings, default_fields) }, - - SETTING_DEFINE_LIST_END -}; - -static const struct auth_passdb_pre_settings auth_passdb_pre_default_settings = { - .default_fields = ARRAY_INIT, -}; - -const struct setting_parser_info auth_passdb_pre_setting_parser_info = { - .name = "auth_passdb_pre", - - .defines = auth_passdb_pre_setting_defines, - .defaults = &auth_passdb_pre_default_settings, - - .struct_size = sizeof(struct auth_passdb_pre_settings), - .pool_offset1 = 1 + offsetof(struct auth_passdb_pre_settings, pool), -}; - static const struct setting_define auth_passdb_post_setting_defines[] = { { .type = SET_STRLIST, .key = "passdb_fields", .offset = offsetof(struct auth_passdb_post_settings, fields) }, - { .type = SET_STRLIST, .key = "passdb_override_fields", - .offset = offsetof(struct auth_passdb_post_settings, override_fields) }, SETTING_DEFINE_LIST_END }; static const struct auth_passdb_post_settings auth_passdb_post_default_settings = { .fields = ARRAY_INIT, - .override_fields = ARRAY_INIT, }; const struct setting_parser_info auth_passdb_post_setting_parser_info = { @@ -253,39 +229,15 @@ const struct setting_parser_info auth_userdb_setting_parser_info = { .check_func = auth_userdb_settings_check, }; -static const struct setting_define auth_userdb_pre_setting_defines[] = { - { .type = SET_STRLIST, .key = "userdb_default_fields", - .offset = offsetof(struct auth_userdb_pre_settings, default_fields) }, - - SETTING_DEFINE_LIST_END -}; - -static const struct auth_userdb_pre_settings auth_userdb_pre_default_settings = { - .default_fields = ARRAY_INIT, -}; - -const struct setting_parser_info auth_userdb_pre_setting_parser_info = { - .name = "auth_userdb_pre", - - .defines = auth_userdb_pre_setting_defines, - .defaults = &auth_userdb_pre_default_settings, - - .struct_size = sizeof(struct auth_userdb_pre_settings), - .pool_offset1 = 1 + offsetof(struct auth_userdb_pre_settings, pool), -}; - static const struct setting_define auth_userdb_post_setting_defines[] = { { .type = SET_STRLIST, .key = "userdb_fields", .offset = offsetof(struct auth_userdb_post_settings, fields) }, - { .type = SET_STRLIST, .key = "userdb_override_fields", - .offset = offsetof(struct auth_userdb_post_settings, override_fields) }, SETTING_DEFINE_LIST_END }; static const struct auth_userdb_post_settings auth_userdb_post_default_settings = { .fields = ARRAY_INIT, - .override_fields = ARRAY_INIT, }; const struct setting_parser_info auth_userdb_post_setting_parser_info = { diff --git a/src/auth/auth-settings.h b/src/auth/auth-settings.h index ab7898e4de..02ed9fd403 100644 --- a/src/auth/auth-settings.h +++ b/src/auth/auth-settings.h @@ -4,15 +4,9 @@ struct master_service; struct master_service_settings_output; -struct auth_passdb_pre_settings { - pool_t pool; - ARRAY_TYPE(const_string) default_fields; -}; - struct auth_passdb_post_settings { pool_t pool; ARRAY_TYPE(const_string) fields; - ARRAY_TYPE(const_string) override_fields; }; struct auth_passdb_settings { @@ -36,15 +30,9 @@ struct auth_passdb_settings { bool use_worker; }; -struct auth_userdb_pre_settings { - pool_t pool; - ARRAY_TYPE(const_string) default_fields; -}; - struct auth_userdb_post_settings { pool_t pool; ARRAY_TYPE(const_string) fields; - ARRAY_TYPE(const_string) override_fields; }; struct auth_userdb_settings { diff --git a/src/auth/auth-worker-server.c b/src/auth/auth-worker-server.c index 410d146b27..d0323ec499 100644 --- a/src/auth/auth-worker-server.c +++ b/src/auth/auth-worker-server.c @@ -596,11 +596,6 @@ auth_worker_handle_user(struct auth_worker_command *cmd, auth_request_userdb_lookup_begin(auth_request); if (auth_request->fields.userdb_reply == NULL) auth_request_init_userdb_reply(auth_request); - if (auth_request_set_userdb_default_fields(auth_request) < 0) { - lookup_user_callback(USERDB_RESULT_INTERNAL_FAILURE, - auth_request); - return TRUE; - } auth_request->userdb->userdb->iface-> lookup(auth_request, lookup_user_callback); diff --git a/src/auth/auth.c b/src/auth/auth.c index 26a50d2043..9303dc1051 100644 --- a/src/auth/auth.c +++ b/src/auth/auth.c @@ -122,20 +122,8 @@ auth_passdb_preinit(struct auth *auth, const struct auth_passdb_settings *_set, *dest = auth_passdb; auth_passdb->passdb = passdb_preinit(auth->pool, event, set); - /* make sure any %variables in default_fields exist in cache_key */ if (auth_passdb->passdb->default_cache_key != NULL && set->use_cache) { - struct auth_passdb_pre_settings *passdb_pre_set; - const char *error; - if (settings_get(event, &auth_passdb_pre_setting_parser_info, - SETTINGS_GET_FLAG_NO_EXPAND, - &passdb_pre_set, &error) < 0) - i_fatal("%s", error); - auth_passdb->cache_key = p_strconcat( - auth->pool, - auth_passdb->passdb->default_cache_key, - t_array_const_string_join(&passdb_pre_set->default_fields, ""), - NULL); - settings_free(passdb_pre_set); + auth_passdb->cache_key = auth_passdb->passdb->default_cache_key; } else { auth_passdb->cache_key = NULL; } @@ -188,21 +176,8 @@ auth_userdb_preinit(struct auth *auth, const struct auth_userdb_settings *_set) *dest = auth_userdb; auth_userdb->userdb = userdb_preinit(auth->pool, event, set); - /* make sure any %variables in default_fields exist in cache_key */ if (auth_userdb->userdb->default_cache_key != NULL && set->use_cache) { - struct auth_userdb_pre_settings *userdb_pre_set; - const char *error; - if (settings_get(event, &auth_userdb_pre_setting_parser_info, - SETTINGS_GET_FLAG_NO_EXPAND, - &userdb_pre_set, &error) < 0) - i_fatal("%s", error); - auth_userdb->cache_key = p_strconcat( - auth->pool, - auth_userdb->userdb->default_cache_key, - t_array_const_string_join( - &userdb_pre_set->default_fields, ""), - NULL); - settings_free(userdb_pre_set); + auth_userdb->cache_key = auth_userdb->userdb->default_cache_key; } else { auth_userdb->cache_key = NULL; }