auth: Added passdb static.

--HG--
branch : HEAD

diff --git a/configure.in b/configure.in
index 860f35beaa11ec447355a47e5c4785ed5362e54c..26afccb896ac746c215874245d7b39a8bdc72ad3 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -1745,6 +1745,7 @@ passdb=""
 not_userdb=""
 not_passdb=""
 
+passdb="$passdb static"
 userdb="$userdb static"
 
 if test $want_prefetch_userdb != no; then

diff --git a/doc/example-config/conf.d/10-auth.conf b/doc/example-config/conf.d/10-auth.conf
index 08c9291716771b60b9832af35e49dbc50cfcbff6..74eaa2c4ed87ac87f620e123b8b5968f6860fc6b 100644 (file)
--- a/doc/example-config/conf.d/10-auth.conf
+++ b/doc/example-config/conf.d/10-auth.conf
@@ -116,3 +116,4 @@ auth_mechanisms = plain
 #!include auth-passwdfile.conf.ext
 #!include auth-checkpassword.conf.ext
 #!include auth-vpopmail.conf.ext
+#!include auth-static.conf.ext

diff --git a/doc/example-config/conf.d/auth-static.conf.ext b/doc/example-config/conf.d/auth-static.conf.ext
new file mode 100644 (file)
index 0000000..238d517
--- /dev/null
+++ b/doc/example-config/conf.d/auth-static.conf.ext
@@ -0,0 +1,24 @@
+# Static passdb. Included from auth.conf.
+
+# This can be used for situations where Dovecot doesn't need to verify the
+# username or the password, or if there is a single password for all users:
+#
+#  - proxy frontend, where the backend verifies the password
+#  - proxy backend, where the frontend already verified the password
+#  - authentication with SSL certificates
+#  - simple testing
+
+#passdb {
+#  driver = static
+#  args = proxy=y host=%1Mu.example.com nopassword=y
+#}
+
+#passdb {
+#  driver = static
+#  args = password=test
+#}
+
+#userdb {
+#  driver = static
+#  args = uid=vmail gid=vmail home=/home/%u
+#}

diff --git a/src/auth/Makefile.am b/src/auth/Makefile.am
index 28c7f478729bd025b2a52abbd4b6589b34b9b854..12fba13a96b93c60ee92811580b7cd7004e77626 100644 (file)
--- a/src/auth/Makefile.am
+++ b/src/auth/Makefile.am
@@ -94,6 +94,7 @@ auth_SOURCES = \
        passdb-sia.c \
        passdb-vpopmail.c \
        passdb-sql.c \
+       passdb-static.c \
        userdb.c \
        userdb-blocking.c \
        userdb-checkpassword.c \

diff --git a/src/auth/passdb-static.c b/src/auth/passdb-static.c
new file mode 100644 (file)
index 0000000..e2c55b1
--- /dev/null
+++ b/src/auth/passdb-static.c
@@ -0,0 +1,101 @@
+/* Copyright (c) 2010 Dovecot authors, see the included COPYING file */
+
+#include "auth-common.h"
+#include "array.h"
+#include "str.h"
+#include "var-expand.h"
+#include "passdb.h"
+
+#define STATIC_PASS_SCHEME "PLAIN"
+
+struct static_passdb_module {
+       struct passdb_module module;
+       ARRAY_TYPE(const_string) tmpl;
+};
+
+static void
+static_verify_plain(struct auth_request *request, const char *password,
+                   verify_plain_callback_t *callback)
+{
+       struct static_passdb_module *module =
+               (struct static_passdb_module *)request->passdb->passdb;
+        const struct var_expand_table *table;
+       const char *const *args, *static_password = "";
+       unsigned int i, count;
+       string_t *str = t_str_new(128);
+       int ret;
+
+       auth_request_log_debug(request, "static", "lookup");
+
+       table = auth_request_get_var_expand_table(request, NULL);
+
+       args = array_get(&module->tmpl, &count);
+       i_assert((count % 2) == 0);
+       for (i = 0; i < count; i += 2) {
+               const char *key = args[i];
+               const char *value = args[i+1];
+
+               if (value != NULL) {
+                       str_truncate(str, 0);
+                       var_expand(str, args[i+1], table);
+                       value = str_c(str);
+               }
+
+               if (strcmp(key, "password") == 0)
+                       static_password = value;
+               else {
+                       auth_request_set_field(request, key, value,
+                                              STATIC_PASS_SCHEME);
+               }
+       }
+
+       ret = auth_request_password_verify(request, password, static_password,
+                                          STATIC_PASS_SCHEME, "static");
+       if (ret <= 0) {
+               callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);
+               return;
+       }
+
+       callback(PASSDB_RESULT_OK, request);
+}
+
+static struct passdb_module *
+static_preinit(pool_t pool, const char *args)
+{
+       struct static_passdb_module *module;
+
+       module = p_new(pool, struct static_passdb_module, 1);
+       p_array_init(&module->tmpl, pool, 16);
+       T_BEGIN {
+               const char *const *tmp;
+
+               tmp = t_strsplit_spaces(args, " ");
+               for (; *tmp != NULL; tmp++) {
+                       const char *key = *tmp;
+                       const char *value = strchr(key, '=');
+
+                       if (value == NULL)
+                               value = "";
+                       else
+                               key = t_strdup_until(key, value++);
+
+                       key = p_strdup(pool, key);
+                       value = p_strdup(pool, value);
+                       array_append(&module->tmpl, &key, 1);
+                       array_append(&module->tmpl, &value, 1);
+               }
+       } T_END;
+       return &module->module;
+}
+
+struct passdb_module_interface passdb_static = {
+       "static",
+
+       static_preinit,
+       NULL,
+       NULL,
+
+       static_verify_plain,
+       NULL,
+       NULL
+};

diff --git a/src/auth/passdb.c b/src/auth/passdb.c
index a53c501ea94556e94fbc67b502c983d3f541cb0b..7be58eeceb887cf01a849ca4b817519484747040 100644 (file)
--- a/src/auth/passdb.c
+++ b/src/auth/passdb.c
@@ -259,6 +259,7 @@ extern struct passdb_module_interface passdb_vpopmail;
 extern struct passdb_module_interface passdb_ldap;
 extern struct passdb_module_interface passdb_sql;
 extern struct passdb_module_interface passdb_sia;
+extern struct passdb_module_interface passdb_static;
 
 void passdbs_init(void)
 {
@@ -274,6 +275,7 @@ void passdbs_init(void)
        passdb_register_module(&passdb_ldap);
        passdb_register_module(&passdb_sql);
        passdb_register_module(&passdb_sia);
+       passdb_register_module(&passdb_static);
 }
 
 void passdbs_deinit(void)