From 1a669829132a4b68aaba32400e28bb2a4e19bcaa Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Wed, 2 Jun 2010 16:08:07 +0100 Subject: [PATCH] auth: Added passdb static. --HG-- branch : HEAD --- configure.in | 1 + doc/example-config/conf.d/10-auth.conf | 1 + .../conf.d/auth-static.conf.ext | 24 +++++ src/auth/Makefile.am | 1 + src/auth/passdb-static.c | 101 ++++++++++++++++++ src/auth/passdb.c | 2 + 6 files changed, 130 insertions(+) create mode 100644 doc/example-config/conf.d/auth-static.conf.ext create mode 100644 src/auth/passdb-static.c diff --git a/configure.in b/configure.in index 860f35beaa..26afccb896 100644 --- a/configure.in +++ b/configure.in @@ -1745,6 +1745,7 @@ passdb="" not_userdb="" not_passdb="" +passdb="$passdb static" userdb="$userdb static" if test $want_prefetch_userdb != no; then diff --git a/doc/example-config/conf.d/10-auth.conf b/doc/example-config/conf.d/10-auth.conf index 08c9291716..74eaa2c4ed 100644 --- a/doc/example-config/conf.d/10-auth.conf +++ b/doc/example-config/conf.d/10-auth.conf @@ -116,3 +116,4 @@ auth_mechanisms = plain #!include auth-passwdfile.conf.ext #!include auth-checkpassword.conf.ext #!include auth-vpopmail.conf.ext +#!include auth-static.conf.ext diff --git a/doc/example-config/conf.d/auth-static.conf.ext b/doc/example-config/conf.d/auth-static.conf.ext new file mode 100644 index 0000000000..238d5170f0 --- /dev/null +++ b/doc/example-config/conf.d/auth-static.conf.ext @@ -0,0 +1,24 @@ +# Static passdb. Included from auth.conf. + +# This can be used for situations where Dovecot doesn't need to verify the +# username or the password, or if there is a single password for all users: +# +# - proxy frontend, where the backend verifies the password +# - proxy backend, where the frontend already verified the password +# - authentication with SSL certificates +# - simple testing + +#passdb { +# driver = static +# args = proxy=y host=%1Mu.example.com nopassword=y +#} + +#passdb { +# driver = static +# args = password=test +#} + +#userdb { +# driver = static +# args = uid=vmail gid=vmail home=/home/%u +#} diff --git a/src/auth/Makefile.am b/src/auth/Makefile.am index 28c7f47872..12fba13a96 100644 --- a/src/auth/Makefile.am +++ b/src/auth/Makefile.am @@ -94,6 +94,7 @@ auth_SOURCES = \ passdb-sia.c \ passdb-vpopmail.c \ passdb-sql.c \ + passdb-static.c \ userdb.c \ userdb-blocking.c \ userdb-checkpassword.c \ diff --git a/src/auth/passdb-static.c b/src/auth/passdb-static.c new file mode 100644 index 0000000000..e2c55b1885 --- /dev/null +++ b/src/auth/passdb-static.c @@ -0,0 +1,101 @@ +/* Copyright (c) 2010 Dovecot authors, see the included COPYING file */ + +#include "auth-common.h" +#include "array.h" +#include "str.h" +#include "var-expand.h" +#include "passdb.h" + +#define STATIC_PASS_SCHEME "PLAIN" + +struct static_passdb_module { + struct passdb_module module; + ARRAY_TYPE(const_string) tmpl; +}; + +static void +static_verify_plain(struct auth_request *request, const char *password, + verify_plain_callback_t *callback) +{ + struct static_passdb_module *module = + (struct static_passdb_module *)request->passdb->passdb; + const struct var_expand_table *table; + const char *const *args, *static_password = ""; + unsigned int i, count; + string_t *str = t_str_new(128); + int ret; + + auth_request_log_debug(request, "static", "lookup"); + + table = auth_request_get_var_expand_table(request, NULL); + + args = array_get(&module->tmpl, &count); + i_assert((count % 2) == 0); + for (i = 0; i < count; i += 2) { + const char *key = args[i]; + const char *value = args[i+1]; + + if (value != NULL) { + str_truncate(str, 0); + var_expand(str, args[i+1], table); + value = str_c(str); + } + + if (strcmp(key, "password") == 0) + static_password = value; + else { + auth_request_set_field(request, key, value, + STATIC_PASS_SCHEME); + } + } + + ret = auth_request_password_verify(request, password, static_password, + STATIC_PASS_SCHEME, "static"); + if (ret <= 0) { + callback(PASSDB_RESULT_PASSWORD_MISMATCH, request); + return; + } + + callback(PASSDB_RESULT_OK, request); +} + +static struct passdb_module * +static_preinit(pool_t pool, const char *args) +{ + struct static_passdb_module *module; + + module = p_new(pool, struct static_passdb_module, 1); + p_array_init(&module->tmpl, pool, 16); + T_BEGIN { + const char *const *tmp; + + tmp = t_strsplit_spaces(args, " "); + for (; *tmp != NULL; tmp++) { + const char *key = *tmp; + const char *value = strchr(key, '='); + + if (value == NULL) + value = ""; + else + key = t_strdup_until(key, value++); + + key = p_strdup(pool, key); + value = p_strdup(pool, value); + array_append(&module->tmpl, &key, 1); + array_append(&module->tmpl, &value, 1); + } + } T_END; + return &module->module; +} + +struct passdb_module_interface passdb_static = { + "static", + + static_preinit, + NULL, + NULL, + + static_verify_plain, + NULL, + NULL +}; diff --git a/src/auth/passdb.c b/src/auth/passdb.c index a53c501ea9..7be58eeceb 100644 --- a/src/auth/passdb.c +++ b/src/auth/passdb.c @@ -259,6 +259,7 @@ extern struct passdb_module_interface passdb_vpopmail; extern struct passdb_module_interface passdb_ldap; extern struct passdb_module_interface passdb_sql; extern struct passdb_module_interface passdb_sia; +extern struct passdb_module_interface passdb_static; void passdbs_init(void) { @@ -274,6 +275,7 @@ void passdbs_init(void) passdb_register_module(&passdb_ldap); passdb_register_module(&passdb_sql); passdb_register_module(&passdb_sia); + passdb_register_module(&passdb_static); } void passdbs_deinit(void) -- 2.47.3