dovecot: Pass extra_fields from auth worker to server also if au...

dovecot at dovecot.org dovecot at dovecot.org
Tue Aug 7 13:19:13 EEST 2007 

details:   http://hg.dovecot.org/dovecot/rev/974066ba68a3
changeset: 6214:974066ba68a3
user:      Timo Sirainen <tss at iki.fi>
date:      Tue Aug 07 13:17:50 2007 +0300
description:
Pass extra_fields from auth worker to server also if authentication failed.

diffstat:

2 files changed, 53 insertions(+), 93 deletions(-)
src/auth/auth-worker-client.c |   22 +++----
src/auth/passdb-blocking.c    |  124 +++++++++++++----------------------------

diffs (204 lines):

diff -r e33a87152c41 -r 974066ba68a3 src/auth/auth-worker-client.c
--- a/src/auth/auth-worker-client.c	Tue Aug 07 13:15:28 2007 +0300
+++ b/src/auth/auth-worker-client.c	Tue Aug 07 13:17:50 2007 +0300
@@ -93,9 +93,11 @@ static void verify_plain_callback(enum p
 	str = t_str_new(64);
 	str_printfa(str, "%u\t", request->id);
 
-	if (result != PASSDB_RESULT_OK)
-		str_printfa(str, "FAIL\t%d", result);
-	else {
+	if (result != PASSDB_RESULT_OK) {
+		str_printfa(str, "FAIL\t%d\t", result);
+		if (request->passdb_password != NULL)
+			str_append(str, request->passdb_password);
+	} else {
 		str_append(str, "OK\t");
 		str_append(str, request->user);
 		str_append_c(str, '\t');
@@ -103,18 +105,18 @@ static void verify_plain_callback(enum p
 			str_append(str, request->passdb_password);
 		if (request->no_password)
 			str_append(str, "\tnopassword");
-		if (request->extra_fields != NULL) {
-			const char *field =
-				auth_stream_reply_export(request->extra_fields);
-
-			str_append_c(str, '\t');
-			str_append(str, field);
-		}
 		if (request->userdb_reply != NULL) {
 			const char *data =
 				auth_stream_reply_export(request->userdb_reply);
 			add_userdb_replies(str, data);
 		}
+	}
+	if (request->extra_fields != NULL) {
+		const char *field =
+			auth_stream_reply_export(request->extra_fields);
+
+		str_append_c(str, '\t');
+		str_append(str, field);
 	}
 	str_append_c(str, '\n');
 	o_stream_send(client->output, str_data(str), str_len(str));
diff -r e33a87152c41 -r 974066ba68a3 src/auth/passdb-blocking.c
--- a/src/auth/passdb-blocking.c	Tue Aug 07 13:15:28 2007 +0300
+++ b/src/auth/passdb-blocking.c	Tue Aug 07 13:17:50 2007 +0300
@@ -9,104 +9,56 @@
 
 #include <stdlib.h>
 
+static void
+auth_worker_reply_parse_args(struct auth_request *request,
+			     const char *const *args)
+{
+	if (**args != '\0')
+		request->passdb_password = p_strdup(request->pool, *args);
+	args++;
+
+	if (*args != NULL) {
+		i_assert(auth_stream_is_empty(request->extra_fields) ||
+			 request->master_user != NULL);
+		auth_request_set_fields(request, args, NULL);
+	}
+}
+
 static enum passdb_result
-check_failure(struct auth_request *request, const char **reply)
+auth_worker_reply_parse(struct auth_request *request, const char *reply)
 {
 	enum passdb_result ret;
-	const char *p;
+	const char *const *args;
 
-	/* OK / FAIL */
-	if (strncmp(*reply, "OK\t", 3) == 0) {
-		*reply += 3;
+	args = t_strsplit(reply, "\t");
+
+	if (strcmp(*args, "OK") == 0 && args[1] != NULL && args[2] != NULL) {
+		/* OK \t user \t password [\t extra] */
+		auth_request_set_field(request, "user", args[1], NULL);
+		auth_worker_reply_parse_args(request, args + 2);
 		return PASSDB_RESULT_OK;
 	}
 
-	/* FAIL \t result \t password */
-	if (strncmp(*reply, "FAIL\t", 5) == 0) {
-		*reply += 5;
-		ret = atoi(t_strcut(*reply, '\t'));
-
-		p = strchr(*reply, '\t');
-		if (p == NULL)
-			*reply += strlen(*reply);
-		else
-			*reply = p + 1;
-		if (ret != PASSDB_RESULT_OK)
+	if (strcmp(*args, "FAIL") == 0 && args[1] != NULL && args[2] != NULL) {
+		/* FAIL \t result \t password [\t extra] */
+		ret = atoi(args[1]);
+		if (ret != PASSDB_RESULT_OK) {
+			auth_worker_reply_parse_args(request, args + 2);
 			return ret;
-
-		auth_request_log_error(request, "blocking",
-			"Received invalid FAIL result from worker: %d", ret);
-		return PASSDB_RESULT_INTERNAL_FAILURE;
-	} else {
-		auth_request_log_error(request, "blocking",
-			"Received unknown reply from worker: %s", *reply);
-		return PASSDB_RESULT_INTERNAL_FAILURE;
-	}
-}
-
-static int get_pass_reply(struct auth_request *request, const char *reply,
-			  const char **password_r, const char **scheme_r)
-{
-	const char *p, *p2;
-
-	/* user \t {scheme}password [\t extra] */
-	p = strchr(reply, '\t');
-
-	/* username may have changed, update it */
-	auth_request_set_field(request, "user", p == NULL ? reply :
-			       t_strdup_until(reply, p), NULL);
-	if (p == NULL) {
-		/* we didn't get a password. */
-		*password_r = NULL;
-		*scheme_r = NULL;
-		return 0;
-	}
-	p2 = strchr(++p, '\t');
-	if (p2 == NULL) {
-		*password_r = p;
-		reply = "";
-	} else {
-		*password_r = t_strdup_until(p, p2);
-		reply = p2 + 1;
-	}
-
-	if (**password_r == '\0') {
-		*password_r = NULL;
-		*scheme_r = NULL;
-	} else {
-		request->passdb_password =
-			p_strdup(request->pool, *password_r);
-
-		*scheme_r = password_get_scheme(password_r);
-		if (*scheme_r == NULL) {
-			auth_request_log_error(request, "blocking",
-				"Received reply from worker without "
-				"password scheme");
-			return -1;
 		}
 	}
 
-	if (*reply != '\0') {
-		i_assert(auth_stream_is_empty(request->extra_fields) ||
-			 request->master_user != NULL);
-
-		auth_request_set_fields(request, t_strsplit(reply, "\t"), NULL);
-	}
-	return 0;
+	auth_request_log_error(request, "blocking",
+		"Received invalid reply from worker: %s", reply);
+	return PASSDB_RESULT_INTERNAL_FAILURE;
 }
 
 static void
 verify_plain_callback(struct auth_request *request, const char *reply)
 {
 	enum passdb_result result;
-	const char *password, *scheme;
 
-	result = check_failure(request, &reply);
-	if (result > 0) {
-		if (get_pass_reply(request, reply, &password, &scheme) < 0)
-			result = PASSDB_RESULT_INTERNAL_FAILURE;
-	}
-
+	result = auth_worker_reply_parse(request, reply);
 	auth_request_verify_plain_callback(result, request);
 }
 
@@ -132,10 +84,16 @@ lookup_credentials_callback(struct auth_
 	enum passdb_result result;
 	const char *password = NULL, *scheme = NULL;
 
-	result = check_failure(request, &reply);
-	if (result > 0) {
-		if (get_pass_reply(request, reply, &password, &scheme) < 0)
+	result = auth_worker_reply_parse(request, reply);
+	if (result == PASSDB_RESULT_OK && request->passdb_password != NULL) {
+		password = request->passdb_password;
+		scheme = password_get_scheme(&password);
+		if (scheme == NULL) {
+			auth_request_log_error(request, "blocking",
+				"Received reply from worker without "
+				"password scheme");
 			result = PASSDB_RESULT_INTERNAL_FAILURE;
+		}
 	}
 
 	passdb_handle_credentials(result, password, scheme,

More information about the dovecot-cvs mailing list