auth: auth-policy - Use http_client_init_auto()

This adds auth_policy { .. } named filter, which can be used to override
http settings. auth_policy_server_timeout_msecs setting is replaced by
auth_policy { http_client_request_absolute_timeout }.

Note that http_client_max_connect_attempts is not explicitly set anymore,
since it was already the default value (0 and 1 are currently the same,
but this will change in a later commit).

diff --git a/src/auth/auth-policy.c b/src/auth/auth-policy.c
index 4dcb60d050614c171b47cbdaced16a05f55556c6..e922e3aea0eec68908a0fe375202d7e3b9a0bb9d 100644 (file)
--- a/src/auth/auth-policy.c
+++ b/src/auth/auth-policy.c
@@ -23,16 +23,6 @@
 #include "auth-common.h"
 #include "iostream-ssl.h"
 
-#define AUTH_POLICY_DNS_SOCKET_PATH "dns-client"
-
-static struct http_client_settings http_client_set = {
-       .dns_client_socket_path = AUTH_POLICY_DNS_SOCKET_PATH,
-       .max_connect_attempts = 1,
-       .max_idle_time_msecs = 10000,
-       .max_parallel_connections = 100,
-       .user_agent = "dovecot/auth-policy-client"
-};
-
 static char *auth_policy_json_template;
 
 static struct http_client *http_client;
@@ -153,11 +143,12 @@ auth_policy_open_and_close_to_key(struct json_ostream *json_output,
 
 void auth_policy_init(void)
 {
-       http_client_set.pool = null_pool;
-       http_client_set.request_absolute_timeout_msecs =
-               global_auth_settings->policy_server_timeout_msecs;
-
-       http_client = http_client_init(&http_client_set, auth_event);
+       const char *error;
+       struct event *event = event_create(auth_event);
+       event_set_ptr(event, SETTINGS_EVENT_FILTER_NAME, "auth_policy");
+       if (http_client_init_auto(event, &http_client, &error) < 0)
+               i_fatal("%s", error);
+       event_unref(&event);
 
        /* prepare template */
 

diff --git a/src/auth/auth-settings.c b/src/auth/auth-settings.c
index bc09cd44093248987b85027d457d230df796e4e4..2cf7e34f669bdb2fe0d7fde9a629b25c7c43aff6 100644 (file)
--- a/src/auth/auth-settings.c
+++ b/src/auth/auth-settings.c
@@ -238,9 +238,9 @@ static const struct setting_define auth_setting_defines[] = {
        DEF(TIME, failure_delay),
        DEF(TIME_MSECS, internal_failure_delay),
 
+       { .type = SET_FILTER_NAME, .key = "auth_policy", },
        DEF(STR, policy_server_url),
        DEF(STR, policy_server_api_header),
-       DEF(UINT, policy_server_timeout_msecs),
        DEF(STR, policy_hash_mech),
        DEF(STR, policy_hash_nonce),
        DEF(STR_NOVARS, policy_request_attributes),
@@ -304,7 +304,6 @@ static const struct auth_settings auth_default_settings = {
 
        .policy_server_url = "",
        .policy_server_api_header = "",
-       .policy_server_timeout_msecs = 2000,
        .policy_hash_mech = "sha256",
        .policy_hash_nonce = "",
        .policy_request_attributes = "login=%{requested_username} pwhash=%{hashed_password} remote=%{rip} device_id=%{client_id} protocol=%{protocol} session_id=%{session} fail_type=%{fail_type}",
@@ -340,12 +339,21 @@ static const struct setting_keyvalue auth_default_settings_keyvalue[] = {
        { NULL, NULL }
 };
 
+static const struct setting_keyvalue auth_default_filter_settings_keyvalue[] = {
+       { "auth_policy/http_client_request_absolute_timeout", "2s" },
+       { "auth_policy/http_client_max_idle_time", "10s" },
+       { "auth_policy/http_client_max_parallel_connections", "100" },
+       { "auth_policy/http_client_user_agent", "dovecot/auth-policy-client" },
+       { NULL, NULL }
+};
+
 const struct setting_parser_info auth_setting_parser_info = {
        .name = "auth",
 
        .defines = auth_setting_defines,
        .defaults = &auth_default_settings,
        .default_settings = auth_default_settings_keyvalue,
+       .default_filter_settings = auth_default_filter_settings_keyvalue,
 
        .struct_size = sizeof(struct auth_settings),
        .pool_offset1 = 1 + offsetof(struct auth_settings, pool),

diff --git a/src/auth/auth-settings.h b/src/auth/auth-settings.h
index 0c99e92c3766b5d5929426210cd7105a0c6c849e..7d7df2d0ab80a28bf9d3583db378becebb3629a3 100644 (file)
--- a/src/auth/auth-settings.h
+++ b/src/auth/auth-settings.h
@@ -62,7 +62,6 @@ struct auth_settings {
 
        const char *policy_server_url;
        const char *policy_server_api_header;
-       unsigned int policy_server_timeout_msecs;
        const char *policy_hash_mech;
        const char *policy_hash_nonce;
        const char *policy_request_attributes;