From: Timo Sirainen <tss@iki.fi>
Date: Thu, 10 Dec 2009 01:19:03 +0000 (-0500)
Subject: *-login: Get auth connection cookie earlier so its lookup can't fail.
X-Git-Tag: 2.0.beta1~31
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=66c3f635f2f33905af527d49b27f95322aa7dfa7;p=thirdparty%2Fdovecot%2Fcore.git

*-login: Get auth connection cookie earlier so its lookup can't fail.

--HG--
branch : HEAD
---

diff --git a/src/lib-auth/auth-client-request.c b/src/lib-auth/auth-client-request.c
index a1e71755e4..5de6e9fa8f 100644
--- a/src/lib-auth/auth-client-request.c
+++ b/src/lib-auth/auth-client-request.c
@@ -134,6 +134,11 @@ auth_client_request_get_server_pid(struct auth_client_request *request)
 	return request->conn->server_pid;
 }
 
+const char *auth_client_request_get_cookie(struct auth_client_request *request)
+{
+	return request->conn->cookie;
+}
+
 bool auth_client_request_is_aborted(struct auth_client_request *request)
 {
 	return request->callback == NULL;
diff --git a/src/lib-auth/auth-client.c b/src/lib-auth/auth-client.c
index 121db484e2..9504a7f44d 100644
--- a/src/lib-auth/auth-client.c
+++ b/src/lib-auth/auth-client.c
@@ -74,10 +74,3 @@ void auth_client_get_connect_id(struct auth_client *client,
 	*server_pid_r = client->conn->server_pid;
 	*connect_uid_r = client->conn->connect_uid;
 }
-
-const char *auth_client_get_cookie(struct auth_client *client)
-{
-	i_assert(auth_client_is_connected(client));
-
-	return client->conn->cookie;
-}
diff --git a/src/lib-auth/auth-client.h b/src/lib-auth/auth-client.h
index 3bbe71a9d6..73694a420c 100644
--- a/src/lib-auth/auth-client.h
+++ b/src/lib-auth/auth-client.h
@@ -68,7 +68,6 @@ auth_client_find_mech(struct auth_client *client, const char *name);
 void auth_client_get_connect_id(struct auth_client *client,
 				unsigned int *server_pid_r,
 				unsigned int *connect_uid_r);
-const char *auth_client_get_cookie(struct auth_client *client);
 
 /* Create a new authentication request. callback is called whenever something
    happens for the request. */
@@ -87,5 +86,7 @@ unsigned int auth_client_request_get_id(struct auth_client_request *request);
 /* Return the PID of the server that handled this request. */
 unsigned int
 auth_client_request_get_server_pid(struct auth_client_request *request);
+/* Return cookie of the server that handled this request. */
+const char *auth_client_request_get_cookie(struct auth_client_request *request);
 
 #endif
diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
index bfce1dc4ec..bf5f8a3ba1 100644
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -26,6 +26,7 @@
 struct anvil_request {
 	struct client *client;
 	unsigned int auth_pid, auth_id;
+	unsigned char cookie[MASTER_AUTH_COOKIE_SIZE];
 };
 
 const struct auth_mech_desc *
@@ -109,24 +110,18 @@ static void master_send_request(struct anvil_request *anvil_request)
 	struct client *client = anvil_request->client;
 	struct master_auth_request req;
 	const unsigned char *data;
-	const char *cookie;
 	size_t size;
 	buffer_t *buf;
 
-	buf = buffer_create_dynamic(pool_datastack_create(), 256);
-
 	memset(&req, 0, sizeof(req));
 	req.auth_pid = anvil_request->auth_pid;
 	req.auth_id = anvil_request->auth_id;
 	req.local_ip = client->local_ip;
 	req.remote_ip = client->ip;
 	req.client_pid = getpid();
+	memcpy(req.cookie, anvil_request->cookie, sizeof(req.cookie));
 
-	cookie = auth_client_get_cookie(auth_client);
-	if (hex_to_binary(cookie, buf) == 0 && buf->used == sizeof(req.cookie))
-		memcpy(req.cookie, buf->data, sizeof(req.cookie));
-
-	buffer_set_used_size(buf, 0);
+	buf = buffer_create_dynamic(pool_datastack_create(), 256);
 	buffer_append(buf, client->master_data_prefix,
 		      client->master_data_prefix_len);
 
@@ -159,13 +154,19 @@ anvil_check_too_many_connections(struct client *client,
 				 struct auth_client_request *request)
 {
 	struct anvil_request *req;
-	const char *query;
+	const char *query, *cookie;
+	buffer_t buf;
 
 	req = i_new(struct anvil_request, 1);
 	req->client = client;
 	req->auth_pid = auth_client_request_get_server_pid(request);
 	req->auth_id = auth_client_request_get_id(request);
 
+	buffer_create_data(&buf, req->cookie, sizeof(req->cookie));
+	cookie = auth_client_request_get_cookie(request);
+	if (strlen(cookie) == MASTER_AUTH_COOKIE_SIZE*2)
+		(void)hex_to_binary(cookie, &buf);
+
 	if (client->virtual_user == NULL ||
 	    client->set->mail_max_userip_connections == 0) {
 		anvil_lookup_callback(NULL, req);