dovecot-1.1: Use auth-stream API to build all TAB-delimited stri...

dovecot at dovecot.org dovecot at dovecot.org
Sun Mar 9 13:04:50 EET 2008 

details:   http://hg.dovecot.org/dovecot-1.1/rev/08d31d752893
changeset: 7388:08d31d752893
user:      Timo Sirainen <tss at iki.fi>
date:      Sun Mar 09 12:37:26 2008 +0200
description:
Use auth-stream API to build all TAB-delimited strings to make sure strings
are escaped properly where necessary.

diffstat:

14 files changed, 233 insertions(+), 191 deletions(-)
src/auth/auth-client-connection.c |    5 -
src/auth/auth-master-connection.c |   14 ++-
src/auth/auth-master-connection.h |    5 -
src/auth/auth-request-handler.c   |  158 +++++++++++++++++++------------------
src/auth/auth-request-handler.h   |    6 -
src/auth/auth-request.c           |   51 ++++++-----
src/auth/auth-request.h           |    3 
src/auth/auth-stream.c            |   11 +-
src/auth/auth-stream.h            |    3 
src/auth/auth-worker-client.c     |  101 ++++++++++++-----------
src/auth/auth-worker-server.c     |   10 +-
src/auth/auth-worker-server.h     |    4 
src/auth/passdb-blocking.c        |   40 ++++-----
src/auth/userdb-blocking.c        |   13 +--

diffs (truncated from 869 to 300 lines):

diff -r 2bef36355718 -r 08d31d752893 src/auth/auth-client-connection.c
--- a/src/auth/auth-client-connection.c	Sun Mar 09 10:32:59 2008 +0200
+++ b/src/auth/auth-client-connection.c	Sun Mar 09 12:37:26 2008 +0200
@@ -9,6 +9,7 @@
 #include "str.h"
 #include "str-sanitize.h"
 #include "safe-memset.h"
+#include "auth-stream.h"
 #include "auth-request-handler.h"
 #include "auth-client-interface.h"
 #include "auth-client-connection.h"
@@ -63,7 +64,7 @@ static void auth_client_send(struct auth
 	}
 }
 
-static void auth_callback(const char *reply,
+static void auth_callback(struct auth_stream_reply *reply,
 			  struct auth_client_connection *conn)
 {
 	if (reply == NULL) {
@@ -72,7 +73,7 @@ static void auth_callback(const char *re
 		return;
 	}
 
-	auth_client_send(conn, reply);
+	auth_client_send(conn, auth_stream_reply_export(reply));
 }
 
 static bool
diff -r 2bef36355718 -r 08d31d752893 src/auth/auth-master-connection.c
--- a/src/auth/auth-master-connection.c	Sun Mar 09 10:32:59 2008 +0200
+++ b/src/auth/auth-master-connection.c	Sun Mar 09 12:37:26 2008 +0200
@@ -29,16 +29,20 @@ struct master_userdb_request {
 	struct auth_request *auth_request;
 };
 
-void auth_master_request_callback(const char *reply, void *context)
+void auth_master_request_callback(struct auth_stream_reply *reply,
+				  void *context)
 {
 	struct auth_master_connection *conn = context;
 	struct const_iovec iov[2];
+	const char *reply_str;
+
+	reply_str = auth_stream_reply_export(reply);
 
 	if (conn->listener->auth->verbose_debug)
-		i_info("master out: %s", reply);
-
-	iov[0].iov_base = reply;
-	iov[0].iov_len = strlen(reply);
+		i_info("master out: %s", reply_str);
+
+	iov[0].iov_base = reply_str;
+	iov[0].iov_len = strlen(reply_str);
 	iov[1].iov_base = "\n";
 	iov[1].iov_len = 1;
 
diff -r 2bef36355718 -r 08d31d752893 src/auth/auth-master-connection.h
--- a/src/auth/auth-master-connection.h	Sun Mar 09 10:32:59 2008 +0200
+++ b/src/auth/auth-master-connection.h	Sun Mar 09 12:37:26 2008 +0200
@@ -1,5 +1,7 @@
 #ifndef AUTH_MASTER_CONNECTION_H
 #define AUTH_MASTER_CONNECTION_H
+
+struct auth_stream_reply;
 
 struct auth_master_connection {
 	struct auth_master_listener *listener;
@@ -24,6 +26,7 @@ void auth_master_connection_send_handsha
 void auth_master_connection_send_handshake(struct auth_master_connection *conn);
 void auth_master_connections_send_handshake(void);
 
-void auth_master_request_callback(const char *reply, void *context);
+void auth_master_request_callback(struct auth_stream_reply *reply,
+				  void *context);
 
 #endif
diff -r 2bef36355718 -r 08d31d752893 src/auth/auth-request-handler.c
--- a/src/auth/auth-request-handler.c	Sun Mar 09 10:32:59 2008 +0200
+++ b/src/auth/auth-request-handler.c	Sun Mar 09 12:37:26 2008 +0200
@@ -116,53 +116,51 @@ void auth_request_handler_check_timeouts
 	hash_iterate_deinit(&iter);
 }
 
-static const char *get_client_extra_fields(struct auth_request *request)
-{
-	string_t *str;
+static void get_client_extra_fields(struct auth_request *request,
+				    struct auth_stream_reply *reply)
+{
 	const char **fields, *extra_fields;
 	unsigned int src, dest;
 	bool seen_pass = FALSE;
 
 	if (auth_stream_is_empty(request->extra_fields))
-		return NULL;
+		return;
 
 	extra_fields = auth_stream_reply_export(request->extra_fields);
 
 	if (!request->proxy) {
 		/* we only wish to remove all fields prefixed with "userdb_" */
-		if (strstr(extra_fields, "userdb_") == NULL)
-			return extra_fields;
-	}
-
-	str = t_str_new(128);
+		if (strstr(extra_fields, "userdb_") == NULL) {
+			auth_stream_reply_import(reply, extra_fields);
+			return;
+		}
+	}
+
 	fields = t_strsplit(extra_fields, "\t");
 	for (src = dest = 0; fields[src] != NULL; src++) {
 		if (strncmp(fields[src], "userdb_", 7) != 0) {
-			if (str_len(str) > 0)
-				str_append_c(str, '\t');
 			if (!seen_pass && strncmp(fields[src], "pass=", 5) == 0)
 				seen_pass = TRUE;
-			str_append(str, fields[src]);
+			auth_stream_reply_import(reply, fields[src]);
 		}
 	}
 
 	if (request->proxy && !seen_pass && request->mech_password != NULL) {
 		/* we're proxying - send back the password that was
 		   sent by user (not the password in passdb). */
-		str_printfa(str, "\tpass=%s", request->mech_password);
-	}
-
-	return str_len(str) == 0 ? NULL : str_c(str);
+		auth_stream_reply_add(reply, "pass", request->mech_password);
+	}
 }
 
 static void
-auth_request_handle_failure(struct auth_request *request, const char *str)
+auth_request_handle_failure(struct auth_request *request,
+			    struct auth_stream_reply *reply)
 {
         struct auth_request_handler *handler = request->context;
 
 	if (request->delayed_failure) {
 		/* we came here from flush_failures() */
-		handler->callback(str, handler->context);
+		handler->callback(reply, handler->context);
 		return;
 	}
 
@@ -173,7 +171,7 @@ auth_request_handle_failure(struct auth_
 	if (request->no_failure_delay) {
 		/* passdb specifically requested not to delay the
 		   reply. */
-		handler->callback(str, handler->context);
+		handler->callback(reply, handler->context);
 		auth_request_unref(&request);
 		return;
 	}
@@ -194,56 +192,56 @@ auth_request_handle_failure(struct auth_
 
 static void auth_callback(struct auth_request *request,
 			  enum auth_client_result result,
-			  const void *reply, size_t reply_size)
+			  const void *auth_reply, size_t reply_size)
 {
         struct auth_request_handler *handler = request->context;
+	struct auth_stream_reply *reply;
 	string_t *str;
-	const char *fields;
-
-	str = t_str_new(128 + MAX_BASE64_ENCODED_SIZE(reply_size));
+
+	reply = auth_stream_reply_init(pool_datastack_create());
 	switch (result) {
 	case AUTH_CLIENT_RESULT_CONTINUE:
-		str_printfa(str, "CONT\t%u\t", request->id);
-		base64_encode(reply, reply_size, str);
-                request->accept_input = TRUE;
-		handler->callback(str_c(str), handler->context);
+		auth_stream_reply_add(reply, "CONT", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(request->id));
+
+		str = t_str_new(MAX_BASE64_ENCODED_SIZE(reply_size));
+		base64_encode(auth_reply, reply_size, str);
+		auth_stream_reply_add(reply, NULL, str_c(str));
+
+		request->accept_input = TRUE;
+		handler->callback(reply, handler->context);
 		break;
 	case AUTH_CLIENT_RESULT_SUCCESS:
 		auth_request_proxy_finish(request, TRUE);
 
-		str_printfa(str, "OK\t%u\tuser=%s", request->id, request->user);
+		auth_stream_reply_add(reply, "OK", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(request->id));
+		auth_stream_reply_add(reply, "user", request->user);
 		if (reply_size > 0) {
-			str_append(str, "\tresp=");
-			base64_encode(reply, reply_size, str);
-		}
-		fields = get_client_extra_fields(request);
-		if (fields != NULL) {
-			str_append_c(str, '\t');
-			str_append(str, fields);
-		}
-
+			str = t_str_new(MAX_BASE64_ENCODED_SIZE(reply_size));
+			base64_encode(auth_reply, reply_size, str);
+			auth_stream_reply_add(reply, "resp", str_c(str));
+		}
+		get_client_extra_fields(request, reply);
 		if (request->no_login || handler->master_callback == NULL) {
 			/* this request doesn't have to wait for master
 			   process to pick it up. delete it */
 			auth_request_handler_remove(handler, request);
 		}
-		handler->callback(str_c(str), handler->context);
+		handler->callback(reply, handler->context);
 		break;
 	case AUTH_CLIENT_RESULT_FAILURE:
 		auth_request_proxy_finish(request, FALSE);
 
-		str_printfa(str, "FAIL\t%u", request->id);
+		auth_stream_reply_add(reply, "FAIL", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(request->id));
 		if (request->user != NULL)
-			str_printfa(str, "\tuser=%s", request->user);
+			auth_stream_reply_add(reply, "user", request->user);
 		if (request->internal_failure)
-			str_append(str, "\ttemp");
-		fields = get_client_extra_fields(request);
-		if (fields != NULL) {
-			str_append_c(str, '\t');
-			str_append(str, fields);
-		}
-
-		auth_request_handle_failure(request, str_c(str));
+			auth_stream_reply_add(reply, "temp", NULL);
+		get_client_extra_fields(request, reply);
+
+		auth_request_handle_failure(request, reply);
 		break;
 	}
 	/* NOTE: request may be destroyed now */
@@ -255,13 +253,16 @@ static void auth_request_handler_auth_fa
 					   struct auth_request *request,
 					   const char *reason)
 {
-	string_t *reply = t_str_new(64);
+	struct auth_stream_reply *reply;
 
 	auth_request_log_info(request, request->mech->mech_name, "%s", reason);
 
-	str_printfa(reply, "FAIL\t%u\treason=%s", request->id, reason);
-	handler->callback(str_c(reply), handler->context);
-
+	reply = auth_stream_reply_init(pool_datastack_create());
+	auth_stream_reply_add(reply, "FAIL", NULL);
+	auth_stream_reply_add(reply, NULL, dec2str(request->id));
+	auth_stream_reply_add(reply, "reason", reason);
+
+	handler->callback(reply, handler->context);
 	auth_request_handler_remove(handler, request);
 }
 
@@ -391,10 +392,13 @@ bool auth_request_handler_auth_continue(
 
 	request = hash_lookup(handler->requests, POINTER_CAST(id));
 	if (request == NULL) {
-		string_t *reply = t_str_new(64);
-
-		str_printfa(reply, "FAIL\t%u\treason=Timeouted", id);
-		handler->callback(str_c(reply), handler->context);
+		struct auth_stream_reply *reply;
+
+		reply = auth_stream_reply_init(pool_datastack_create());
+		auth_stream_reply_add(reply, "FAIL", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(id));
+		auth_stream_reply_add(reply, "reason", "Timeouted");
+		handler->callback(reply, handler->context);
 		return TRUE;
 	}
 
@@ -425,8 +429,7 @@ static void userdb_callback(enum userdb_
 			    struct auth_request *request)
 {
         struct auth_request_handler *handler = request->context;
-	struct auth_stream_reply *reply = request->userdb_reply;
-	string_t *str;
+	struct auth_stream_reply *reply;
 
 	i_assert(request->state == AUTH_REQUEST_STATE_USERDB);
 
@@ -435,24 +438,29 @@ static void userdb_callback(enum userdb_
 	if (request->userdb_lookup_failed)
 		result = USERDB_RESULT_INTERNAL_FAILURE;
 
-	str = t_str_new(256);

More information about the dovecot-cvs mailing list