From: Stephan Bosch Date: Sat, 21 Oct 2023 01:20:11 +0000 (+0200) Subject: auth: auth-request - Remove request->mech field X-Git-Tag: 2.4.2~195 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=4fd733964dbcdc04bf8fc4fd5c1681649a72e2a5;p=thirdparty%2Fdovecot%2Fcore.git auth: auth-request - Remove request->mech field --- diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c index 3bcdca71d9..c58ceef3d9 100644 --- a/src/auth/auth-request.c +++ b/src/auth/auth-request.c @@ -85,9 +85,9 @@ static const char *get_log_prefix(struct auth_request *auth_request) str_append_c(str, ','); str_append(str, ip); } - if (auth_request->mech != NULL) { + if (auth_request->sasl.req.mech_name != NULL) { str_append(str, ",sasl:"); - str_append(str, t_str_lcase(auth_request->mech->name)); + str_append(str, t_str_lcase(auth_request->sasl.req.mech_name)); } if (auth_request->fields.requested_login_user != NULL) str_append(str, ",master"); @@ -194,15 +194,14 @@ void auth_request_init(struct auth_request *request) void auth_request_init_sasl(struct auth_request *request, const struct sasl_server_mech *mech) { - request->mech = mech->def; + request->mech_event = event_create(request->event); - const char *prefix = t_strconcat( - t_str_lcase(request->mech->name), ": ", NULL); + auth_sasl_request_init(request, mech); - request->mech_event = event_create(request->event); + const char *prefix = t_strconcat( + t_str_lcase(request->sasl.req.mech_name), ": ", NULL); event_set_append_log_prefix(request->mech_event, prefix); - auth_sasl_request_init(request, mech); auth_request_init(request); } @@ -574,11 +573,13 @@ auth_request_want_skip_passdb(struct auth_request *request, /* if mechanism is not supported, skip */ const char *const *mechs = passdb->mechanisms_filter; const char *const *username_filter = passdb->username_filter; + const char *mech_name = (request->sasl.req.mech_name == NULL ? + NULL : request->sasl.req.mech_name); const char *username; username = request->fields.user; - if (!auth_request_mechanism_accepted(mechs, request->mech->name)) { + if (!auth_request_mechanism_accepted(mechs, mech_name)) { e_debug(request->event, "skipping passdb: mechanism filtered"); return TRUE; } diff --git a/src/auth/auth-request.h b/src/auth/auth-request.h index 5bd496caed..8b9fb75c59 100644 --- a/src/auth/auth-request.h +++ b/src/auth/auth-request.h @@ -8,7 +8,6 @@ #include "array.h" #include "net.h" #include "var-expand.h" -#include "sasl-server-protected.h" // FIXME: Use public API only #include "userdb.h" #include "passdb.h" #include "auth-sasl.h" @@ -135,7 +134,6 @@ struct auth_request { proxy DNS lookups) */ enum passdb_result passdb_result; - const struct sasl_server_mech_def *mech; struct { struct sasl_server_req_ctx req; sasl_server_passdb_callback_t *passdb_callback; diff --git a/src/auth/auth-sasl.c b/src/auth/auth-sasl.c index c6f9c7d5fb..772cd56154 100644 --- a/src/auth/auth-sasl.c +++ b/src/auth/auth-sasl.c @@ -3,7 +3,7 @@ #include "lib.h" #include "str.h" #include "settings-parser.h" -#include "sasl-server-private.h" // FIXME: remove +#include "sasl-server-protected.h" // FIXME: remove #include "auth.h" #include "auth-common.h" #include "auth-sasl.h" diff --git a/src/auth/sasl-server-mech-digest-md5.c b/src/auth/sasl-server-mech-digest-md5.c index 37ca46a3e9..f014bec840 100644 --- a/src/auth/sasl-server-mech-digest-md5.c +++ b/src/auth/sasl-server-mech-digest-md5.c @@ -627,6 +627,6 @@ void mech_digest_test_set_nonce(struct auth_request *auth_request, container_of(auth_request->sasl.req.request->mech, struct digest_auth_request, auth_request); - i_assert(auth_request->mech == &mech_digest_md5); + i_assert(request->auth_request.mech->def == &mech_digest_md5); request->nonce = p_strdup(auth_request->pool, nonce); } diff --git a/src/auth/test-auth-request-fields.c b/src/auth/test-auth-request-fields.c index e9c7758539..ee672bdcdb 100644 --- a/src/auth/test-auth-request-fields.c +++ b/src/auth/test-auth-request-fields.c @@ -44,15 +44,13 @@ static const struct test_auth_request_field auth_request_field_names[] = { { "userdb_uextrafield2", NULL, PREFIX"userextravalue2" }, }; -static struct auth_request * -test_auth_request_init(const struct sasl_server_mech_def *mech) +static struct auth_request *test_auth_request_init(void) { struct auth_request *request; pool_t pool = pool_alloconly_create("test auth request", 1024); request = p_new(pool, struct auth_request, 1); request->pool = pool; request->event = event_create(NULL); - request->mech = mech; request->set = global_auth_settings; request->refcount = 1; p_array_init(&request->authdb_event, pool, 1); @@ -74,8 +72,7 @@ static void test_auth_request_deinit(struct auth_request *request) static void test_auth_request_fields_list(void) { - struct auth_request *request = - test_auth_request_init(&mech_dovecot_token); + struct auth_request *request = test_auth_request_init(); string_t *exported = t_str_new(512); for (unsigned int i = 0; i < N_ELEMENTS(auth_request_field_names); i++) { const struct test_auth_request_field *test = @@ -126,7 +123,7 @@ test_auth_request_export_cmp(struct auth_request *request, static void test_auth_request_fields_secured(void) { - struct auth_request *request = test_auth_request_init(NULL); + struct auth_request *request = test_auth_request_init(); test_assert(auth_request_import(request, "secured", "")); test_assert(test_auth_request_export_cmp(request, "secured", "")); @@ -144,8 +141,7 @@ static void test_auth_request_fields_secured(void) static void test_auth_request_export_import(void) { - struct auth_request *request_a = - test_auth_request_init(mech_module_find(SASL_MECH_NAME_PLAIN)); + struct auth_request *request_a = test_auth_request_init(); string_t *exported_a = t_str_new(128); string_t *exported_b = t_str_new(128); request_a->passdb_success = TRUE; @@ -156,8 +152,7 @@ static void test_auth_request_export_import(void) test_auth_request_deinit(request_a); /* then import it */ - struct auth_request *request_b = - test_auth_request_init(mech_module_find(SASL_MECH_NAME_PLAIN)); + struct auth_request *request_b = test_auth_request_init(); const char *const *args = t_strsplit_tabescaped(str_c(exported_a)); for (; *args != NULL; args++) { const char *value = strchr(*args, '='); diff --git a/src/auth/test-mech.c b/src/auth/test-mech.c index ca3f563a72..229a2fc673 100644 --- a/src/auth/test-mech.c +++ b/src/auth/test-mech.c @@ -62,10 +62,11 @@ request_handler_reply_mock_callback(struct auth_request *request, if (request->passdb_result == PASSDB_RESULT_OK) request->failed = FALSE; - else if (request->mech == &mech_otp) { + else if (strcmp(request->fields.mech_name, SASL_MECH_NAME_OTP) == 0) { if (null_strcmp(request->fields.user, "otp_phase_2") == 0) request->failed = FALSE; - } else if (request->mech == &mech_oauthbearer) { + } else if (strcmp(request->fields.mech_name, + SASL_MECH_NAME_OAUTHBEARER) == 0) { } }; @@ -113,7 +114,6 @@ static void test_mech_prepare_request(struct auth_request **request_r, else mech = sasl_server_mech_find(auth->sasl_inst, mech_name); i_assert(mech != NULL); - request->mech = mech->def; auth_request_init_sasl(request, mech); @@ -143,7 +143,8 @@ test_mech_handle_challenge(struct auth_request *request, string_t *out = t_str_new(16); str_append_data(out, in, in_len); const char *challenge = request->context; - if (request->mech == &mech_login) { + + if (strcmp(request->fields.mech_name, SASL_MECH_NAME_LOGIN) == 0) { /* We do not care about any specific password just give the username input as password also in case it's wanted. */ if (expected_success) { @@ -153,10 +154,13 @@ test_mech_handle_challenge(struct auth_request *request, test_assert_strcmp_idx(challenge, "Username:", running_test); } - } else if (request->mech == &mech_cram_md5 && *in != '\0') { + } else if (strcmp(request->fields.mech_name, + SASL_MECH_NAME_CRAM_MD5) == 0 && + *in != '\0') { str_truncate(out, 0); str_append(out, "testuser b913a602c7eda7a495b4e6e7334d3890"); - } else if (request->mech == &mech_digest_md5) { + } else if (strcmp(request->fields.mech_name, + SASL_MECH_NAME_DIGEST_MD5) == 0) { mech_digest_test_set_nonce(request, "OA6MG9tEQGm2hh"); } auth_request_continue(request, out->data, out->used);