auth: sasl-server - Retain authid in struct sasl_server_mech_request

author Stephan Bosch <stephan.bosch@open-xchange.com>

Wed, 22 Mar 2023 17:43:50 +0000 (18:43 +0100)

committer timo.sirainen <timo.sirainen@open-xchange.com>

Thu, 9 Oct 2025 08:41:22 +0000 (08:41 +0000)
author Stephan Bosch <stephan.bosch@open-xchange.com>
Wed, 22 Mar 2023 17:43:50 +0000 (18:43 +0100)
committer timo.sirainen <timo.sirainen@open-xchange.com>
Thu, 9 Oct 2025 08:41:22 +0000 (08:41 +0000)
diff --git a/src/auth/sasl-server-protected.h b/src/auth/sasl-server-protected.h

index 4bbc496b5e93175383888f16b779e7bfffc3eeef..d31dc501b35542f0dfc88697e1f607e683952825 100644 (file)
--- a/src/auth/sasl-server-protected.h
+++ b/src/auth/sasl-server-protected.h
@@ -46,7 +46,9 @@ struct sasl_server_mech_request {
         const struct sasl_server_mech_def *mech;
         struct sasl_server_request *req;
         struct event *mech_event;
+
         const char *protocol;
+       const char *authid;
  
         const struct sasl_server_settings *set;
  
diff --git a/src/auth/sasl-server-request.c b/src/auth/sasl-server-request.c

index 03f2dcbf46e9c1153aa98a2e20a13a832d3070de..3b47a0aadb66365a7ec402349004cf71449b96a3 100644 (file)
--- a/src/auth/sasl-server-request.c
+++ b/src/auth/sasl-server-request.c
@@ -117,6 +117,14 @@ void sasl_server_request_input(struct sasl_server_req_ctx *rctx,
         mech->auth_continue(mreq, data, data_size);
  }
  
+void sasl_server_request_test_set_authid(struct sasl_server_req_ctx *rctx,
+                                        const char *authid)
+{
+       struct sasl_server_request *req = rctx->request;
+
+       req->mech->authid = p_strdup(req->mech->pool, authid);
+}
+
  /*
   * Mechanism API
   */
@@ -129,6 +137,8 @@ bool sasl_server_request_set_authid(struct sasl_server_mech_request *mreq,
         struct sasl_server *server = req->sinst->server;
         const struct sasl_server_request_funcs *funcs = server->funcs;
  
+       mreq->authid = p_strdup(req->pool, authid);
+
         i_assert(funcs->request_set_authid != NULL);
         return funcs->request_set_authid(req->rctx, authid_type, authid);
  }
diff --git a/src/auth/sasl-server.h b/src/auth/sasl-server.h

index eadbd57625f463c869de885e529863ea03623a4e..0ed6e3b5bf9339d4290b8c8e993759f80b7fb7a6 100644 (file)
--- a/src/auth/sasl-server.h
+++ b/src/auth/sasl-server.h
@@ -142,6 +142,12 @@ void sasl_server_request_initial(struct sasl_server_req_ctx *rctx,
  void sasl_server_request_input(struct sasl_server_req_ctx *rctx,
                                const unsigned char *data, size_t data_size);
  
+/* Test */
+
+// FIXME: get rid of this
+void sasl_server_request_test_set_authid(struct sasl_server_req_ctx *rctx,
+                                        const char *authid);
+
  /*
   * Instance
   */
diff --git a/src/auth/test-mech.c b/src/auth/test-mech.c

index dc3878437d60353e6df072b4566bef688c63d2cc..495d11262337f7ad0216432eec83f0ed264ff854 100644 (file)
--- a/src/auth/test-mech.c
+++ b/src/auth/test-mech.c
@@ -117,6 +117,10 @@ static void test_mech_prepare_request(struct auth_request **request_r,
                 request->fields.user =
                         p_strdup(request->pool, test_case->username);
         }
+       if (test_case->set_username_before_test) {
+               sasl_server_request_test_set_authid(&request->sasl.req,
+                                                   test_case->username);
+       }
         if (test_case->set_cert_username)
                 request->fields.cert_username = TRUE;
  
@@ -183,7 +187,7 @@ static void test_mechs(void)
                 {&mech_digest_md5, UCHAR_LEN("username=\"test\xc3\xbaser@example.com\",realm=\"example.com\",nonce=\"OA6MG9tEQGm2hh\",cnonce=\"OA6MHXh6VqTrRk\",nc=00000001,digest-uriresponse=d388dad90d4bbd760a152321f2143af7,qop=\"auth\",authzid=\"masteruser\""), "test\xc3\xbaser@example.com", NULL, TRUE, FALSE, FALSE},
                 {&mech_digest_md5, UCHAR_LEN("username=\"test\xc3\xbaser@example.com\",realm=\"example.com\",nonce=\"OA6MG9tEQGm2hh\",cnonce=\"OA6MHXh6VqTrRk\",charset=\"utf-8\",cipher=unsupported,nc=00000001,digest-uri=imap/server.com,response=d388dad90d4bbd760a152321f2143af7,qop=\"auth\",authzid=\"masteruser\""), "test\xc3\xbaser@example.com", NULL, TRUE, FALSE, FALSE},
                 {&mech_digest_md5, UCHAR_LEN("username=\"testuser\",realm=\"example.com\",nonce=\"OA6MG9tEQGm2hh\",cnonce=\"OA6MHXh6VqTrRk\",charset=\"utf-8\",cipher=unsupported,nc=00000001,digest-uri=imap/server.com,response=d388dad90d4bbd760a152321f2143af7,qop=\"auth\",authzid=\"masteruser\""), "testuser@example.com", NULL, TRUE, FALSE, FALSE},
-               {&mech_external, UCHAR_LEN(""), "testuser", NULL, TRUE, TRUE, TRUE},
+               {&mech_external, UCHAR_LEN(""), "testuser", NULL, TRUE, FALSE, TRUE},
                 {&mech_dovecot_token, NULL, 0, "testuser", NULL, TRUE, FALSE, FALSE},
                 {&mech_login, UCHAR_LEN("testuser"), "testuser", NULL, TRUE, FALSE, FALSE},
                 {&mech_plain, UCHAR_LEN("\0testuser\0testpass"), "testuser", NULL, TRUE, FALSE, FALSE},
@@ -338,6 +342,7 @@ static void test_mechs(void)
                         test_assert_strcmp_idx(test_case->username, username,
                                                running_test);
                 } else if (!test_case->set_username_before_test &&
+                          !test_case->set_cert_username &&
                            !test_case->success) {
                         /* If the username is not set by the testlogic and we
                            expect failure, verify that the mechanism failed by
author	Stephan Bosch <stephan.bosch@open-xchange.com>
	Wed, 22 Mar 2023 17:43:50 +0000 (18:43 +0100)
committer	timo.sirainen <timo.sirainen@open-xchange.com>
	Thu, 9 Oct 2025 08:41:22 +0000 (08:41 +0000)
src/auth/sasl-server-protected.h		patch \| blob \| blame \| history
src/auth/sasl-server-request.c		patch \| blob \| blame \| history
src/auth/sasl-server.h		patch \| blob \| blame \| history
src/auth/test-mech.c		patch \| blob \| blame \| history