[dovecot-cvs] dovecot/src/auth auth-login-interface.h,1.2,1.3 login-connection.c,1.19,1.20 mech-digest-md5.c,1.7,1.8 mech-plain.c,1.6,1.7 mech.c,1.6,1.7 mech.h,1.4,1.5
cras at procontrol.fi
cras at procontrol.fi
Sun Feb 2 12:16:44 EET 2003
Update of /home/cvs/dovecot/src/auth
In directory danu:/tmp/cvs-serv24541/auth
Modified Files:
auth-login-interface.h login-connection.c mech-digest-md5.c
mech-plain.c mech.c mech.h
Log Message:
auth: kill login connection if it leaves requests hanging too long.
Index: auth-login-interface.h
===================================================================
RCS file: /home/cvs/dovecot/src/auth/auth-login-interface.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- auth-login-interface.h 2 Feb 2003 00:08:28 -0000 1.2
+++ auth-login-interface.h 2 Feb 2003 10:16:42 -0000 1.3
@@ -4,6 +4,10 @@
/* max. size for auth_login_request_continue.data[] */
#define AUTH_LOGIN_MAX_REQUEST_DATA_SIZE 4096
+/* Login process must finish with single authentication requests in this time,
+ or the whole connection will be killed. */
+#define AUTH_REQUEST_TIMEOUT 120
+
enum auth_mech {
AUTH_MECH_PLAIN = 0x01,
AUTH_MECH_DIGEST_MD5 = 0x02,
Index: login-connection.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/login-connection.c,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -d -r1.19 -r1.20
--- login-connection.c 2 Feb 2003 09:30:18 -0000 1.19
+++ login-connection.c 2 Feb 2003 10:16:42 -0000 1.20
@@ -18,6 +18,7 @@
AUTH_LOGIN_MAX_REQUEST_DATA_SIZE)
#define MAX_OUTBUF_SIZE (1024*50)
+static struct timeout *to;
static struct auth_login_handshake_output handshake_output;
static struct login_connection *connections;
@@ -254,6 +255,32 @@
i_free(conn);
}
+static void auth_request_hash_timeout_check(void *key __attr_unused__,
+ void *value, void *context)
+{
+ struct login_connection *conn = context;
+ struct auth_request *auth_request = value;
+
+ if (auth_request->created + AUTH_REQUEST_TIMEOUT < ioloop_time) {
+ i_warning("Login process has too old (%us) requests, "
+ "killing it.",
+ (unsigned int)(ioloop_time - auth_request->created));
+
+ login_connection_destroy(conn);
+ hash_foreach_stop();
+ }
+}
+
+static void request_timeout(void *context __attr_unused__)
+{
+ struct login_connection *conn;
+
+ for (conn = connections; conn != NULL; conn = conn->next) {
+ hash_foreach(conn->auth_requests,
+ auth_request_hash_timeout_check, conn);
+ }
+}
+
void login_connections_init(void)
{
const char *env;
@@ -267,6 +294,7 @@
handshake_output.auth_mechanisms = auth_mechanisms;
connections = NULL;
+ to = timeout_add(5000, request_timeout, NULL);
}
void login_connections_deinit(void)
@@ -278,4 +306,6 @@
login_connection_destroy(connections);
connections = next;
}
+
+ timeout_remove(to);
}
Index: mech-digest-md5.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-digest-md5.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- mech-digest-md5.c 2 Feb 2003 09:30:18 -0000 1.7
+++ mech-digest-md5.c 2 Feb 2003 10:16:42 -0000 1.8
@@ -543,8 +543,7 @@
}
static int
-mech_digest_md5_auth_continue(struct login_connection *conn,
- struct auth_request *auth_request,
+mech_digest_md5_auth_continue(struct auth_request *auth_request,
struct auth_login_request_continue *request,
const unsigned char *data,
mech_callback_t *callback)
@@ -588,7 +587,7 @@
/* failed */
reply.result = AUTH_LOGIN_RESULT_FAILURE;
reply.data_size = strlen(error)+1;
- callback(&reply, error, conn);
+ callback(&reply, error, auth_request->conn);
return FALSE;
}
Index: mech-plain.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech-plain.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- mech-plain.c 2 Feb 2003 09:30:18 -0000 1.6
+++ mech-plain.c 2 Feb 2003 10:16:42 -0000 1.7
@@ -13,8 +13,7 @@
}
static int
-mech_plain_auth_continue(struct login_connection *conn,
- struct auth_request *auth_request,
+mech_plain_auth_continue(struct auth_request *auth_request,
struct auth_login_request_continue *request,
const unsigned char *data, mech_callback_t *callback)
{
Index: mech.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- mech.c 2 Feb 2003 09:30:18 -0000 1.6
+++ mech.c 2 Feb 2003 10:16:42 -0000 1.7
@@ -1,6 +1,7 @@
/* Copyright (C) 2002 Timo Sirainen */
#include "common.h"
+#include "ioloop.h"
#include "buffer.h"
#include "hash.h"
#include "mech.h"
@@ -90,6 +91,7 @@
}
if (auth_request != NULL) {
+ auth_request->created = ioloop_time;
auth_request->conn = conn;
auth_request->id = request->id;
auth_request->protocol = request->protocol;
@@ -113,7 +115,7 @@
failure_reply.id = request->id;
callback(&failure_reply, NULL, conn);
} else {
- if (!auth_request->auth_continue(conn, auth_request,
+ if (!auth_request->auth_continue(auth_request,
request, data, callback))
mech_request_free(conn, auth_request, request->id);
}
Index: mech.h
===================================================================
RCS file: /home/cvs/dovecot/src/auth/mech.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- mech.h 2 Feb 2003 00:19:34 -0000 1.4
+++ mech.h 2 Feb 2003 10:16:42 -0000 1.5
@@ -14,11 +14,12 @@
struct login_connection *conn;
unsigned int id;
+ time_t created;
+
enum auth_protocol protocol;
mech_callback_t *callback;
- int (*auth_continue)(struct login_connection *conn,
- struct auth_request *auth_request,
+ int (*auth_continue)(struct auth_request *auth_request,
struct auth_login_request_continue *request,
const unsigned char *data,
mech_callback_t *callback);
More information about the dovecot-cvs
mailing list