[dovecot-cvs] dovecot/src/auth db-passwd-file.c, 1.9,
1.10 userdb-ldap.c, 1.20, 1.21 userdb-sql.c, 1.4,
1.5 userdb-static.c, 1.9, 1.10 userdb.c, 1.13, 1.14 userdb.h,
1.13, 1.14
cras at dovecot.org
cras at dovecot.org
Thu Jan 6 22:13:28 EET 2005
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv1824
Modified Files:
db-passwd-file.c userdb-ldap.c userdb-sql.c userdb-static.c
userdb.c userdb.h
Log Message:
If UID or GID isn't numeric, look it up from passwd/group.
Index: db-passwd-file.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/db-passwd-file.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- db-passwd-file.c 31 May 2004 18:57:25 -0000 1.9
+++ db-passwd-file.c 6 Jan 2005 20:13:26 -0000 1.10
@@ -27,8 +27,8 @@
const char *p;
if (hash_lookup(pw->users, username) != NULL) {
- i_error("User %s already exists in password file %s",
- username, pw->path);
+ i_error("passwd-file %s: User %s exists more than once",
+ pw->path, username);
return;
}
@@ -54,8 +54,9 @@
pu->password = p_strconcat(pw->pool, "{DIGEST-MD5}",
pass, NULL);
if (strlen(pu->password) != 32 + 12) {
- i_error("User %s has invalid password in "
- "file %s", username, pw->path);
+ i_error("passwd-file %s: User %s "
+ "has invalid password",
+ pw->path, username);
return;
}
} else {
@@ -65,20 +66,20 @@
}
if (*args != NULL) {
- pu->uid = atoi(*args);
- if (pu->uid == 0) {
- i_error("User %s has UID 0 in password file %s",
- username, pw->path);
+ pu->uid = userdb_parse_uid(NULL, *args);
+ if (pu->uid == 0 || pu->uid == (uid_t)-1) {
+ i_error("passwd-file %s: User %s has invalid UID %s",
+ pw->path, username, *args);
return;
}
args++;
}
if (*args != NULL) {
- pu->gid = atoi(*args);
- if (pu->gid == 0) {
- i_error("User %s has GID 0 in password file %s",
- username, pw->path);
+ pu->gid = userdb_parse_gid(NULL, *args);
+ if (pu->gid == 0 || pu->gid == (gid_t)-1) {
+ i_error("passwd-file %s: User %s has invalid GID %s",
+ pw->path, username, *args);
return;
}
args++;
@@ -131,10 +132,10 @@
fd = open(pw->path, O_RDONLY);
if (fd == -1)
- i_fatal("Can't open passwd-file %s: %m", pw->path);
+ i_fatal("passwd-file %s: Can't open file: %m", pw->path);
if (fstat(fd, &st) != 0)
- i_fatal("fstat() failed for passwd-file %s: %m", pw->path);
+ i_fatal("passwd-file %s: fstat() failed: %m", pw->path);
pw->fd = fd;
pw->stamp = st.st_mtime;
@@ -165,7 +166,7 @@
{
if (pw->fd != -1) {
if (close(pw->fd) < 0)
- i_error("close(passwd_file) failed: %m");
+ i_error("passwd-file %s: close() failed: %m", pw->path);
pw->fd = -1;
}
@@ -184,7 +185,7 @@
struct stat st;
if (stat(pw->path, &st) < 0)
- i_fatal("stat() failed for %s: %m", pw->path);
+ i_fatal("passwd-file %s: stat() failed: %m", pw->path);
if (st.st_mtime != pw->stamp) {
passwd_file_close(pw);
Index: userdb-ldap.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/userdb-ldap.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -d -r1.20 -r1.21
--- userdb-ldap.c 6 Jan 2005 20:02:31 -0000 1.20
+++ userdb-ldap.c 6 Jan 2005 20:13:26 -0000 1.21
@@ -75,10 +75,10 @@
user->system_user = t_strdup(value);
break;
case ATTR_UID_NUMBER:
- user->uid = atoi(value);
+ user->uid = userdb_parse_uid(auth_request, value);
break;
case ATTR_GID_NUMBER:
- user->gid = atoi(value);
+ user->gid = userdb_parse_gid(auth_request, value);
break;
case ATTR_COUNT:
Index: userdb-sql.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/userdb-sql.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- userdb-sql.c 6 Jan 2005 15:41:53 -0000 1.4
+++ userdb-sql.c 6 Jan 2005 20:13:26 -0000 1.5
@@ -64,9 +64,13 @@
sql_result_find_field_value(result, "system_user");
user.home = sql_result_find_field_value(result, "home");
user.mail = sql_result_find_field_value(result, "mail");
- user.uid = (uid_t)strtoul(uid, NULL, 10);
- user.gid = (gid_t)strtoul(gid, NULL, 10);
- sql_request->callback(&user, sql_request->context);
+
+ user.uid = userdb_parse_uid(auth_request, uid);
+ user.gid = userdb_parse_gid(auth_request, uid);
+ if (user.uid == (uid_t)-1 || user.gid == (gid_t)-1)
+ sql_request->callback(NULL, sql_request->context);
+ else
+ sql_request->callback(&user, sql_request->context);
}
i_free(sql_request);
}
Index: userdb-static.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/userdb-static.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- userdb-static.c 6 Dec 2004 16:39:02 -0000 1.9
+++ userdb-static.c 6 Jan 2005 20:13:26 -0000 1.10
@@ -56,18 +56,26 @@
static_mail_template = NULL;
for (tmp = t_strsplit_spaces(args, " "); *tmp != NULL; tmp++) {
- if (strncasecmp(*tmp, "uid=", 4) == 0)
- static_uid = atoi(*tmp + 4);
- else if (strncasecmp(*tmp, "gid=", 4) == 0)
- static_gid = atoi(*tmp + 4);
- else if (strncasecmp(*tmp, "home=", 5) == 0) {
+ if (strncasecmp(*tmp, "uid=", 4) == 0) {
+ static_uid = userdb_parse_uid(NULL, *tmp + 4);
+ if (static_uid == (uid_t)-1) {
+ i_fatal("static userdb: Invalid uid: %s",
+ *tmp + 4);
+ }
+ } else if (strncasecmp(*tmp, "gid=", 4) == 0) {
+ static_gid = userdb_parse_gid(NULL, *tmp + 4);
+ if (static_gid == (gid_t)-1) {
+ i_fatal("static userdb: Invalid gid: %s",
+ *tmp + 4);
+ }
+ } else if (strncasecmp(*tmp, "home=", 5) == 0) {
i_free(static_home_template);
static_home_template = i_strdup(*tmp + 5);
} else if (strncasecmp(*tmp, "mail=", 5) == 0) {
i_free(static_mail_template);
static_mail_template = i_strdup(*tmp + 5);
} else {
- i_fatal("Invalid static userdb option: '%s'", *tmp);
+ i_fatal("static userdb: Invalid option: '%s'", *tmp);
}
}
Index: userdb.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/userdb.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- userdb.c 6 Dec 2004 16:39:02 -0000 1.13
+++ userdb.c 6 Jan 2005 20:13:26 -0000 1.14
@@ -5,6 +5,8 @@
#include "userdb.h"
#include <stdlib.h>
+#include <pwd.h>
+#include <grp.h>
#ifdef HAVE_MODULES
static struct auth_module *userdb_module = NULL;
@@ -35,6 +37,42 @@
struct userdb_module *userdb;
static char *userdb_args;
+uid_t userdb_parse_uid(struct auth_request *request, const char *str)
+{
+ struct passwd *pw;
+
+ if (*str >= '0' && *str <= '9')
+ return (uid_t)strtoul(str, NULL, 10);
+
+ pw = getpwnam(str);
+ if (pw == NULL) {
+ if (request != NULL) {
+ i_error("userdb(%s): Invalid UID field '%s'",
+ get_log_prefix(request), str);
+ }
+ return (uid_t)-1;
+ }
+ return pw->pw_uid;
+}
+
+gid_t userdb_parse_gid(struct auth_request *request, const char *str)
+{
+ struct group *gr;
+
+ if (*str >= '0' && *str <= '9')
+ return (gid_t)strtoul(str, NULL, 10);
+
+ gr = getgrnam(str);
+ if (gr == NULL) {
+ if (request != NULL) {
+ i_error("userdb(%s): Invalid GID field '%s'",
+ get_log_prefix(request), str);
+ }
+ return (gid_t)-1;
+ }
+ return gr->gr_gid;
+}
+
void userdb_preinit(void)
{
struct userdb_module **p;
Index: userdb.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/userdb.h,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- userdb.h 6 Dec 2004 16:39:02 -0000 1.13
+++ userdb.h 6 Jan 2005 20:13:26 -0000 1.14
@@ -35,6 +35,9 @@
extern struct userdb_module userdb_ldap;
extern struct userdb_module userdb_sql;
+uid_t userdb_parse_uid(struct auth_request *request, const char *str);
+gid_t userdb_parse_gid(struct auth_request *request, const char *str);
+
void userdb_preinit(void);
void userdb_init(void);
void userdb_deinit(void);
More information about the dovecot-cvs
mailing list