From: Stephan Bosch Date: Fri, 17 Mar 2023 02:19:24 +0000 (+0100) Subject: auth: auth-request - Move SASL mechanism initialization to auth_request_init() X-Git-Tag: 2.4.2~241 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3cc7b652701ade2d0ff3f70987b6115b80a98e79;p=thirdparty%2Fdovecot%2Fcore.git auth: auth-request - Move SASL mechanism initialization to auth_request_init() --- diff --git a/src/auth/auth-request-fields.c b/src/auth/auth-request-fields.c index 8dbb8c9b0e..e332e0349d 100644 --- a/src/auth/auth-request-fields.c +++ b/src/auth/auth-request-fields.c @@ -10,16 +10,20 @@ #include "sasl-server-protected.h" // FIXME: remove #include "auth-request.h" -void auth_request_fields_init(struct auth_request *request) +void auth_request_fields_alloc(struct auth_request *request) { request->fields.extra_fields = auth_fields_init(request->pool); + /* Default to "insecure" until it's changed later */ + event_add_str(request->event, "transport", "insecure"); +} + +void auth_request_fields_init(struct auth_request *request) +{ if (request->mech != NULL) { request->fields.mech_name = request->mech->mech_name; event_add_str(request->event, "mechanism", request->mech->mech_name); } - /* Default to "insecure" until it's changed later */ - event_add_str(request->event, "transport", "insecure"); } static void diff --git a/src/auth/auth-request-handler.c b/src/auth/auth-request-handler.c index 47d3010977..90c3a56d12 100644 --- a/src/auth/auth-request-handler.c +++ b/src/auth/auth-request-handler.c @@ -607,9 +607,8 @@ auth_request_handler_find_mech(struct auth_request_handler *handler, int auth_request_handler_auth_begin(struct auth_request_handler *handler, const char *const *args) { - const struct sasl_server_mech_def *mech; struct auth_request *request; - const char *name, *arg, *initial_resp; + const char *mech_name, *name, *arg, *initial_resp; void *initial_resp_data; unsigned int id; buffer_t *buf; @@ -624,11 +623,9 @@ int auth_request_handler_auth_begin(struct auth_request_handler *handler, "sent broken AUTH request", handler->client_pid); return -1; } + mech_name = args[1]; - if (auth_request_handler_find_mech(handler, args[1], &mech) < 0) - return -1; - - request = auth_request_new(mech, handler->conn->conn.event); + request = auth_request_new(handler->conn->event); request->handler = handler; request->connect_uid = handler->connect_uid; request->client_pid = handler->client_pid; @@ -681,7 +678,12 @@ int auth_request_handler_auth_begin(struct auth_request_handler *handler, auth_request_unref(&request); return -1; } - auth_request_init(request); + + const struct sasl_server_mech_def *mech; + + if (auth_request_handler_find_mech(handler, mech_name, &mech) < 0) + return -1; + auth_request_init_sasl(request, mech); request->to_abort = timeout_add(MASTER_AUTH_SERVER_TIMEOUT_SECS * 1000, auth_request_timeout, request); diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c index ed3a483ff8..9a89494878 100644 --- a/src/auth/auth-request.c +++ b/src/auth/auth-request.c @@ -136,7 +136,7 @@ auth_request_post_alloc_init(struct auth_request *request, request->set = global_auth_settings; request->protocol_set = global_auth_settings; request->event = event_create(parent_event); - auth_request_fields_init(request); + auth_request_fields_alloc(request); level = request->set->verbose ? LOG_TYPE_INFO : LOG_TYPE_WARNING; event_set_min_log_level(request->event, level); @@ -149,9 +149,7 @@ auth_request_post_alloc_init(struct auth_request *request, p_array_init(&request->authdb_event, request->pool, 2); } -struct auth_request * -auth_request_new(const struct sasl_server_mech_def *mech, - struct event *parent_event) +struct auth_request *auth_request_new(struct event *parent_event) { struct auth_request *request; pool_t pool; @@ -159,20 +157,8 @@ auth_request_new(const struct sasl_server_mech_def *mech, pool = pool_alloconly_create(MEMPOOL_GROWING"auth_request", 1024); request = p_new(pool, struct auth_request, 1); request->pool = pool; - request->mech = mech; - auth_request_post_alloc_init(request, parent_event); - - enum log_type level = - (request->set->verbose ? LOG_TYPE_INFO : LOG_TYPE_WARNING); - const char *prefix = t_strconcat( - t_str_lcase(request->mech->mech_name), ": ", NULL); - - request->mech_event = event_create(request->event); - event_set_min_log_level(request->mech_event, level); - event_set_append_log_prefix(request->mech_event, prefix); - - auth_sasl_request_init(request, mech); + auth_request_post_alloc_init(request, parent_event); return request; } @@ -214,6 +200,23 @@ void auth_request_init(struct auth_request *request) request->protocol_set = auth->protocol_set; request->passdb = auth->passdbs; request->userdb = auth->userdbs; + + auth_request_fields_init(request); +} + +void auth_request_init_sasl(struct auth_request *request, + const struct sasl_server_mech_def *mech) +{ + request->mech = mech; + + const char *prefix = t_strconcat( + t_str_lcase(request->mech->mech_name), ": ", NULL); + + request->mech_event = event_create(request->event); + event_set_append_log_prefix(request->mech_event, prefix); + + auth_sasl_request_init(request, mech); + auth_request_init(request); } struct auth *auth_request_get_auth(struct auth_request *request) diff --git a/src/auth/auth-request.h b/src/auth/auth-request.h index cbef305000..42a7434a65 100644 --- a/src/auth/auth-request.h +++ b/src/auth/auth-request.h @@ -257,11 +257,13 @@ typedef void auth_request_proxy_cb_t(bool success, struct auth_request *); extern unsigned int auth_request_state_count[AUTH_REQUEST_STATE_MAX]; -struct auth_request * -auth_request_new(const struct sasl_server_mech_def *mech, - struct event *parent_event); +struct auth_request *auth_request_new(struct event *parent_event); struct auth_request *auth_request_new_dummy(struct event *parent_event); + void auth_request_init(struct auth_request *request); +void auth_request_init_sasl(struct auth_request *request, + const struct sasl_server_mech_def *mech); + struct auth *auth_request_get_auth(struct auth_request *request); void auth_request_set_state(struct auth_request *request, @@ -434,6 +436,8 @@ struct event_passthrough * auth_request_finished_event(struct auth_request *request, struct event *event); void auth_request_log_finished(struct auth_request *request); void auth_request_master_user_login_finish(struct auth_request *request); + +void auth_request_fields_alloc(struct auth_request *request); void auth_request_fields_init(struct auth_request *request); void auth_request_passdb_lookup_begin(struct auth_request *request); diff --git a/src/auth/test-auth-request-fields.c b/src/auth/test-auth-request-fields.c index 7fccb15692..25096d280f 100644 --- a/src/auth/test-auth-request-fields.c +++ b/src/auth/test-auth-request-fields.c @@ -56,6 +56,7 @@ test_auth_request_init(const struct sasl_server_mech_def *mech) request->set = global_auth_settings; request->refcount = 1; p_array_init(&request->authdb_event, pool, 1); + auth_request_fields_alloc(request); auth_request_fields_init(request); /* fill out fields that are always exported */ diff --git a/src/auth/test-mech.c b/src/auth/test-mech.c index 358bb8ccca..b1b29084c2 100644 --- a/src/auth/test-mech.c +++ b/src/auth/test-mech.c @@ -89,9 +89,7 @@ static void test_mech_prepare_request(struct auth_request **request_r, unsigned int running_test, const struct test_case *test_case) { - struct auth *auth = auth_default_protocol(); - - struct auth_request *request = auth_request_new(mech, NULL); + struct auth_request *request = auth_request_new(NULL); struct auth_settings *new_set = p_memdup(request->pool, global_auth_settings, sizeof(*global_auth_settings)); @@ -100,14 +98,16 @@ static void test_mech_prepare_request(struct auth_request **request_r, request->handler = handler; request->id = running_test+1; request->mech_password = NULL; + request->fields.protocol = "service"; request->state = AUTH_REQUEST_STATE_NEW; + request->mech = mech; request->set = new_set; request->protocol_set = global_auth_settings; request->connect_uid = running_test; - request->passdb = auth->passdbs; - request->userdb = auth->userdbs; handler->refcount = 1; + auth_request_init_sasl(request, mech); + request->failure_nodelay = TRUE; auth_request_state_count[AUTH_REQUEST_STATE_NEW] = 1;