#include "network.h"
#include "istream.h"
#include "ostream.h"
+#include "str.h"
#include "auth-master.h"
#include <stdlib.h>
struct auth_master_user_lookup_ctx {
struct auth_master_connection *conn;
pool_t pool;
- const char *user;
struct auth_user_reply *user_reply;
int return_value;
};
+struct auth_master_pass_lookup_ctx {
+ struct auth_master_connection *conn;
+ int return_value;
+
+ pool_t pool;
+ const char **fields;
+};
+
struct auth_master_user_list_ctx {
struct auth_master_connection *conn;
pool_t pool;
return 0;
}
+static int parse_reply(struct auth_master_connection *conn,
+ const char *cmd, const char *const *args,
+ const char *expected_reply)
+{
+ io_loop_stop(conn->ioloop);
+
+ if (strcmp(cmd, expected_reply) == 0)
+ return 1;
+ if (strcmp(cmd, "NOTFOUND") == 0)
+ return 0;
+ if (strcmp(cmd, "FAIL") == 0) {
+ i_error("Lookup failed: %s",
+ *args != NULL ? *args : "Internal failure");
+ return -1;
+ }
+ i_error("Unknown reply: %s", cmd);
+ return -1;
+}
+
static bool auth_user_reply_callback(const char *cmd, const char *const *args,
void *context)
{
struct auth_master_user_lookup_ctx *ctx = context;
- io_loop_stop(ctx->conn->ioloop);
- if (strcmp(cmd, "USER") == 0) {
+ ctx->return_value = parse_reply(ctx->conn, cmd, args, "USER");
+ if (ctx->return_value > 0)
auth_parse_input(ctx, args);
- ctx->return_value = 1;
- return TRUE;
- }
- if (strcmp(cmd, "NOTFOUND") == 0) {
- ctx->return_value = 0;
- return TRUE;
- }
- if (strcmp(cmd, "FAIL") == 0) {
- i_error("userdb lookup(%s) failed: %s", ctx->user,
- *args != NULL ? *args : "Internal failure");
- return TRUE;
- }
- return FALSE;
+ return TRUE;
}
static bool
return 0;
}
+static unsigned int
+auth_master_next_request_id(struct auth_master_connection *conn)
+{
+ if (++conn->request_counter == 0) {
+ /* avoid zero */
+ conn->request_counter++;
+ }
+ return conn->request_counter;
+}
+
+static void
+auth_user_info_export(string_t *str, const struct auth_user_info *info)
+{
+ str_append(str, "service=");
+ str_append(str, info->service);
+
+ if (info->local_ip.family != 0)
+ str_printfa(str, "\tlip=%s", net_ip2addr(&info->local_ip));
+ if (info->local_port != 0)
+ str_printfa(str, "\tlport=%d", info->local_port);
+ if (info->remote_ip.family != 0)
+ str_printfa(str, "\trip=%s", net_ip2addr(&info->remote_ip));
+ if (info->remote_port != 0)
+ str_printfa(str, "\trport=%d", info->remote_port);
+}
+
int auth_master_user_lookup(struct auth_master_connection *conn,
- const char *user, const char *service,
+ const char *user, const struct auth_user_info *info,
pool_t pool, struct auth_user_reply *reply_r)
{
struct auth_master_user_lookup_ctx ctx;
- const char *str;
+ string_t *str;
- if (!is_valid_string(user) || !is_valid_string(service)) {
+ if (!is_valid_string(user) || !is_valid_string(info->service)) {
/* non-allowed characters, the user can't exist */
return 0;
}
ctx.conn = conn;
ctx.return_value = -1;
ctx.pool = pool;
- ctx.user = user;
ctx.user_reply = reply_r;
- if (++conn->request_counter == 0) {
- /* avoid zero */
- conn->request_counter++;
- }
-
conn->reply_callback = auth_user_reply_callback;
conn->reply_context = &ctx;
+ str = t_str_new(128);
+ str_printfa(str, "USER\t%u\t%s\t",
+ auth_master_next_request_id(conn), user);
+ auth_user_info_export(str, info);
+ str_append_c(str, '\n');
+
conn->prefix = t_strdup_printf("userdb lookup(%s)", user);
- str = t_strdup_printf("USER\t%u\t%s\tservice=%s\n",
- conn->request_counter, user, service);
- (void)auth_master_run_cmd(conn, str);
+ (void)auth_master_run_cmd(conn, str_c(str));
conn->prefix = DEFAULT_USERDB_LOOKUP_PREFIX;
return ctx.return_value;
}
+static bool auth_pass_reply_callback(const char *cmd, const char *const *args,
+ void *context)
+{
+ struct auth_master_pass_lookup_ctx *ctx = context;
+ unsigned int i, len;
+
+ ctx->return_value = parse_reply(ctx->conn, cmd, args, "PASS");
+ if (ctx->return_value > 0) {
+ len = str_array_length(args);
+ ctx->fields = p_new(ctx->pool, const char *, len + 1);
+ for (i = 0; i < len; i++)
+ ctx->fields[i] = p_strdup(ctx->pool, args[i]);
+ }
+ return TRUE;
+}
+
+int auth_master_pass_lookup(struct auth_master_connection *conn,
+ const char *user, const struct auth_user_info *info,
+ pool_t pool, const char *const **fields_r)
+{
+ struct auth_master_pass_lookup_ctx ctx;
+ string_t *str;
+
+ if (!is_valid_string(user) || !is_valid_string(info->service)) {
+ /* non-allowed characters, the user can't exist */
+ return 0;
+ }
+
+ memset(&ctx, 0, sizeof(ctx));
+ ctx.conn = conn;
+ ctx.return_value = -1;
+ ctx.pool = pool;
+
+ conn->reply_callback = auth_pass_reply_callback;
+ conn->reply_context = &ctx;
+
+ str = t_str_new(128);
+ str_printfa(str, "PASS\t%u\t%s\t",
+ auth_master_next_request_id(conn), user);
+ auth_user_info_export(str, info);
+ str_append_c(str, '\n');
+
+ conn->prefix = t_strdup_printf("passdb lookup(%s)", user);
+ (void)auth_master_run_cmd(conn, str_c(str));
+ conn->prefix = DEFAULT_USERDB_LOOKUP_PREFIX;
+
+ *fields_r = ctx.fields;
+ return ctx.return_value;
+}
+
static bool
auth_user_list_reply_callback(const char *cmd, const char *const *args,
void *context)
ctx->conn = conn;
i_array_init(&ctx->users, 128);
- if (++conn->request_counter == 0) {
- /* avoid zero */
- conn->request_counter++;
- }
-
conn->reply_callback = auth_user_list_reply_callback;
conn->reply_context = ctx;
- str = t_strdup_printf("LIST\t%u\n", conn->request_counter);
+ str = t_strdup_printf("LIST\t%u\n", auth_master_next_request_id(conn));
conn->prefix = "userdb list";
if (auth_master_run_cmd(conn, str) < 0)
ctx->failed = TRUE;
static int
service_auth_userdb_lookup(struct auth_master_connection *conn,
struct setting_parser_context *set_parser,
- const char *name,
+ const char *service_name,
+ const struct mail_storage_service_input *input,
const struct mail_user_settings *user_set,
const char **user, const char **system_groups_user_r,
const char **error_r)
{
+ struct auth_user_info info;
struct auth_user_reply reply;
const char *system_groups_user, *orig_user = *user;
unsigned int len;
pool_t pool;
int ret;
+ memset(&info, 0, sizeof(info));
+ info.service = service_name;
+ info.local_ip = input->local_ip;
+ info.remote_ip = input->remote_ip;
+
pool = pool_alloconly_create("userdb lookup", 1024);
- ret = auth_master_user_lookup(conn, *user, name, pool, &reply);
+ ret = auth_master_user_lookup(conn, *user, &info, pool, &reply);
if (ret > 0) {
len = reply.chroot == NULL ? 0 : strlen(reply.chroot);
conn = auth_master_init(user_set->auth_socket_path,
mail_set->mail_debug);
if (service_auth_userdb_lookup(conn, service->set_parser,
- service->name, user_set, &user,
+ service->name, &input,
+ user_set, &user,
&system_groups_user,
&error) <= 0)
i_fatal("%s", error);
return ctx;
}
+struct auth_master_connection *
+mail_storage_service_multi_get_auth_conn(struct mail_storage_service_multi_ctx *ctx)
+{
+ return ctx->conn;
+}
+
int mail_storage_service_multi_lookup(struct mail_storage_service_multi_ctx *ctx,
const struct mail_storage_service_input *input,
pool_t pool,
if ((ctx->flags & MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP) != 0) {
orig_user = username = user->input.username;
ret = service_auth_userdb_lookup(ctx->conn, user->set_parser,
- ctx->service->name,
+ ctx->service->name, input,
user->user_set, &username,
&user->system_groups_user,
error_r);
projects / thirdparty / dovecot / core.git / commitdiff
