From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Wed, 22 Mar 2023 07:00:05 +0000 (+0100)
Subject: auth: sasl-server - Define main server object
X-Git-Tag: 2.4.2~237
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8a298b4f79a2639cf603ec92d2edd5216e7b6f49;p=thirdparty%2Fdovecot%2Fcore.git

auth: sasl-server - Define main server object
---

diff --git a/src/auth/Makefile.am b/src/auth/Makefile.am
index 9ee3061ba8..fdbd60919b 100644
--- a/src/auth/Makefile.am
+++ b/src/auth/Makefile.am
@@ -96,7 +96,8 @@ sasl_server_mechanisms = \
 sasl_sources = \
 	${sasl_server_mechanisms} \
 	sasl-server-request.c \
-	sasl-server-mech.c
+	sasl-server-mech.c \
+	sasl-server.c
 
 auth_common_sources = \
 	auth.c \
diff --git a/src/auth/auth-sasl.c b/src/auth/auth-sasl.c
index 1333244c62..3bc271acae 100644
--- a/src/auth/auth-sasl.c
+++ b/src/auth/auth-sasl.c
@@ -5,9 +5,12 @@
 #include "auth.h"
 #include "auth-common.h"
 #include "auth-sasl.h"
+#include "auth-sasl-oauth2.h"
 #include "auth-request.h"
 #include "auth-request-handler.h"
 
+struct sasl_server *auth_sasl_server;
+
 /*
  * Request
  */
@@ -269,7 +272,7 @@ auth_sasl_translate_protocol_name(struct auth_request *request)
 void auth_sasl_request_init(struct auth_request *request,
 			    const struct sasl_server_mech_def *mech)
 {
-	sasl_server_request_create(&request->sasl.req, mech,
+	sasl_server_request_create(&request->sasl.req, auth_sasl_server, mech,
 				   auth_sasl_translate_protocol_name(request),
 				   request->mech_event);
 }
@@ -346,3 +349,22 @@ auth_sasl_mech_module_find(const char *name)
 	}
 	return NULL;
 }
+
+/*
+ * Global
+ */
+
+void auth_sasl_preinit(void)
+{
+	auth_sasl_oauth2_initialize();
+	auth_sasl_server = sasl_server_init(auth_event);
+}
+
+void auth_sasl_init(void)
+{
+}
+
+void auth_sasl_deinit(void)
+{
+	sasl_server_deinit(&auth_sasl_server);
+}
diff --git a/src/auth/auth-sasl.h b/src/auth/auth-sasl.h
index 75f1dbff7c..a654041f59 100644
--- a/src/auth/auth-sasl.h
+++ b/src/auth/auth-sasl.h
@@ -12,6 +12,8 @@ struct auth_sasl_mech_module {
 	const char *mech_name;
 };
 
+extern struct sasl_server *auth_sasl_server;
+
 /*
  * Request
  */
@@ -78,4 +80,12 @@ void auth_sasl_mech_unregister_module(
 const struct auth_sasl_mech_module *
 auth_sasl_mech_module_find(const char *name);
 
+/*
+ * Global
+ */
+
+void auth_sasl_preinit(void);
+void auth_sasl_init(void);
+void auth_sasl_deinit(void);
+
 #endif
diff --git a/src/auth/main.c b/src/auth/main.c
index 556cdf8049..32cfc89335 100644
--- a/src/auth/main.c
+++ b/src/auth/main.c
@@ -23,6 +23,7 @@
 #include "otp.h"
 #include "mech-otp.h"
 #include "auth.h"
+#include "auth-sasl.h"
 #include "auth-penalty.h"
 #include "auth-token.h"
 #include "auth-request-handler.h"
@@ -31,7 +32,6 @@
 #include "auth-master-connection.h"
 #include "auth-client-connection.h"
 #include "auth-policy.h"
-#include "auth-sasl-oauth2.h"
 #include "db-oauth2.h"
 
 #include <unistd.h>
@@ -180,9 +180,7 @@ static void main_preinit(void)
 		auth_penalty = auth_penalty_init(AUTH_PENALTY_ANVIL_PATH);
 
 	dict_drivers_register_builtin();
-	mech_init(global_auth_settings);
-	auth_sasl_oauth2_initialize();
-	mech_reg = mech_register_init(global_auth_settings);
+	auth_sasl_preinit();
 	auths_preinit(NULL, global_auth_settings, mech_reg, protocols);
 
 	listeners_init();
@@ -225,6 +223,7 @@ static void main_init(void)
 	child_wait_init();
 	auth_worker_connection_init();
 	auths_init();
+	auth_sasl_init();
 	auth_request_handler_init();
 	auth_policy_init();
 
@@ -285,6 +284,8 @@ static void main_deinit(void)
 	   the whole data structures containing them. */
 	module_dir_unload(&modules);
 
+	auth_sasl_deinit();
+
 	userdbs_deinit();
 	passdbs_deinit();
 	passdb_cache_deinit();
diff --git a/src/auth/sasl-server-private.h b/src/auth/sasl-server-private.h
index 93e512de3f..20ffcc0516 100644
--- a/src/auth/sasl-server-private.h
+++ b/src/auth/sasl-server-private.h
@@ -11,6 +11,7 @@ enum sasl_server_passdb_type {
 
 struct sasl_server_request {
 	pool_t pool;
+	struct sasl_server *server;
 	struct sasl_server_req_ctx *rctx;
 	struct sasl_server_mech_request *mech;
 
@@ -18,4 +19,11 @@ struct sasl_server_request {
 	sasl_server_mech_passdb_callback_t *passdb_callback;
 };
 
+struct sasl_server {
+	pool_t pool;
+	struct event *event;
+
+	unsigned int requests;
+};
+
 #endif
diff --git a/src/auth/sasl-server-request.c b/src/auth/sasl-server-request.c
index 6d4e048617..8e1abdd5fc 100644
--- a/src/auth/sasl-server-request.c
+++ b/src/auth/sasl-server-request.c
@@ -10,6 +10,7 @@
  */
 
 void sasl_server_request_create(struct sasl_server_req_ctx *rctx,
+				struct sasl_server *server,
 				const struct sasl_server_mech_def *mech,
 				const char *protocol,
 				struct event *event_parent)
@@ -24,8 +25,11 @@ void sasl_server_request_create(struct sasl_server_req_ctx *rctx,
 	pool = request->pool;
 	req = p_new(pool, struct sasl_server_request, 1);
 	req->pool = pool;
+	req->server = server;
 	req->rctx = rctx;
 
+	server->requests++;
+
 	struct sasl_server_mech_request *mreq;
 
 	if (mech->auth_new != NULL)
@@ -53,8 +57,12 @@ void sasl_server_request_destroy(struct sasl_server_req_ctx *rctx)
 	if (req == NULL)
 		return;
 
+	struct sasl_server *server = req->server;
 	struct sasl_server_mech_request *mreq = req->mech;
 
+	i_assert(server->requests > 0);
+	server->requests--;
+
 	if (mreq->mech->auth_free != NULL)
 		mreq->mech->auth_free(mreq);
 }
diff --git a/src/auth/sasl-server.c b/src/auth/sasl-server.c
new file mode 100644
index 0000000000..2edd25643a
--- /dev/null
+++ b/src/auth/sasl-server.c
@@ -0,0 +1,43 @@
+/* Copyright (c) 2023 Dovecot authors, see the included COPYING file */
+
+#include "lib.h"
+
+#include "sasl-server-private.h"
+
+static struct event_category event_category_sasl_server = {
+	.name = "sasl-server"
+};
+
+/*
+ * Server
+ */
+
+struct sasl_server *sasl_server_init(struct event *event_parent)
+{
+	struct sasl_server *server;
+	pool_t pool;
+
+	pool = pool_alloconly_create(MEMPOOL_GROWING"sasl_server", 2048);
+	server = p_new(pool, struct sasl_server, 1);
+	server->pool = pool;
+
+	server->event = event_create(event_parent);
+	event_add_category(server->event, &event_category_sasl_server);
+	event_set_append_log_prefix(server->event, "sasl: ");
+
+	return server;
+}
+
+void sasl_server_deinit(struct sasl_server **_server)
+{
+	struct sasl_server *server = *_server;
+
+	if (server == NULL)
+		return;
+	*_server = NULL;
+
+	i_assert(server->requests == 0);
+
+	event_unref(&server->event);
+	pool_unref(&server->pool);
+}
diff --git a/src/auth/sasl-server.h b/src/auth/sasl-server.h
index eb2cc3c664..73ef42ac8e 100644
--- a/src/auth/sasl-server.h
+++ b/src/auth/sasl-server.h
@@ -7,6 +7,7 @@ struct sasl_passdb_result;
 struct sasl_server_mech_def;
 struct sasl_server_request;
 struct sasl_server_req_ctx;
+struct sasl_server;
 
 enum sasl_passdb_result_status {
 	SASL_PASSDB_RESULT_INTERNAL_FAILURE = -1,
@@ -87,6 +88,7 @@ struct sasl_server_req_ctx {
 };
 
 void sasl_server_request_create(struct sasl_server_req_ctx *rctx,
+				struct sasl_server *server,
 				const struct sasl_server_mech_def *mech,
 				const char *protocol,
 				struct event *event_parent);
@@ -97,4 +99,11 @@ void sasl_server_request_initial(struct sasl_server_req_ctx *rctx,
 void sasl_server_request_input(struct sasl_server_req_ctx *rctx,
 			       const unsigned char *data, size_t data_size);
 
+/*
+ * Server
+ */
+
+struct sasl_server *sasl_server_init(struct event *event_parent);
+void sasl_server_deinit(struct sasl_server **_server);
+
 #endif
diff --git a/src/auth/test-auth.c b/src/auth/test-auth.c
index 1806e2bbd2..6adbe8d815 100644
--- a/src/auth/test-auth.c
+++ b/src/auth/test-auth.c
@@ -7,7 +7,6 @@
 #include "auth-token.h"
 #include "auth-penalty.h"
 #include "sasl-server-protected.h" // FIXME: remove
-#include "auth-sasl-oauth2.h"
 #include "otp.h"
 #include "mech-otp.h"
 #include "db-oauth2.h"
@@ -63,10 +62,11 @@ void test_auth_init(void)
 	password_schemes_register_all();
 	password_schemes_allow_weak(TRUE);
 
-	auth_sasl_oauth2_initialize();
+	auth_sasl_preinit();
 	auths_preinit(simple_set.event, global_auth_settings, mech_reg, protocols);
 	auths_init();
 	auth_token_init();
+	auth_sasl_init();
 
 	auth_penalty = auth_penalty_init("missing");
 }
@@ -86,6 +86,7 @@ void test_auth_deinit(void)
 	mech_deinit(global_auth_settings);
 	mech_register_deinit(&mech_reg);
 	auths_free();
+	auth_sasl_deinit();
 	settings_free(global_auth_settings);
 	settings_simple_deinit(&simple_set);
 	i_unlink_if_exists("auth-token-secret.dat");
diff --git a/src/auth/test-mech.c b/src/auth/test-mech.c
index b1b29084c2..dc3878437d 100644
--- a/src/auth/test-mech.c
+++ b/src/auth/test-mech.c
@@ -7,6 +7,7 @@
 #include "master-service.h"
 #include "sasl-server-private.h" // FIXME: remove
 #include "auth-common.h"
+#include "auth-sasl.h"
 #include "auth-request.h"
 #include "auth-request-handler-private.h"
 #include "auth-settings.h"