dovecot-1.0: Use auth-stream API to build all TAB-delimited stri...

dovecot at dovecot.org dovecot at dovecot.org
Sun Mar 9 13:04:55 EET 2008 

details:   http://hg.dovecot.org/dovecot-1.0/rev/6a1792255faf
changeset: 5537:6a1792255faf
user:      Timo Sirainen <tss at iki.fi>
date:      Sun Mar 09 12:36:55 2008 +0200
description:
Use auth-stream API to build all TAB-delimited strings to make sure strings
are escaped properly where necessary.

diffstat:

21 files changed, 217 insertions(+), 165 deletions(-)
src/auth/auth-client-connection.c |    5 -
src/auth/auth-master-connection.c |   14 ++-
src/auth/auth-master-connection.h |    5 +
src/auth/auth-request-handler.c   |  148 ++++++++++++++++++++-----------------
src/auth/auth-request-handler.h   |    4 -
src/auth/auth-request.c           |   45 ++++++-----
src/auth/auth-request.h           |    3 
src/auth/auth-stream.c            |   11 ++
src/auth/auth-stream.h            |    5 +
src/auth/auth-worker-client.c     |   72 ++++++++++--------
src/auth/auth-worker-server.c     |   10 +-
src/auth/auth-worker-server.h     |    4 -
src/auth/passdb-blocking.c        |   29 +++----
src/auth/userdb-blocking.c        |   13 +--
src/auth/userdb-ldap.c            |    2 
src/auth/userdb-passwd-file.c     |    2 
src/auth/userdb-passwd.c          |    2 
src/auth/userdb-prefetch.c        |    2 
src/auth/userdb-sql.c             |    2 
src/auth/userdb-static.c          |    2 
src/auth/userdb-vpopmail.c        |    2 

diffs (truncated from 857 to 300 lines):

diff -r 28fa25a294ff -r 6a1792255faf src/auth/auth-client-connection.c
--- a/src/auth/auth-client-connection.c	Sun Mar 09 10:35:09 2008 +0200
+++ b/src/auth/auth-client-connection.c	Sun Mar 09 12:36:55 2008 +0200
@@ -8,6 +8,7 @@
 #include "array.h"
 #include "str.h"
 #include "safe-memset.h"
+#include "auth-stream.h"
 #include "auth-request-handler.h"
 #include "auth-client-interface.h"
 #include "auth-client-connection.h"
@@ -64,7 +65,7 @@ static void auth_client_send(struct auth
 	t_pop();
 }
 
-static void auth_callback(const char *reply, void *context)
+static void auth_callback(struct auth_stream_reply *reply, void *context)
 {
 	struct auth_client_connection *conn = context;
 
@@ -74,7 +75,7 @@ static void auth_callback(const char *re
 		return;
 	}
 
-	auth_client_send(conn, reply);
+	auth_client_send(conn, auth_stream_reply_export(reply));
 }
 
 static bool
diff -r 28fa25a294ff -r 6a1792255faf src/auth/auth-master-connection.c
--- a/src/auth/auth-master-connection.c	Sun Mar 09 10:35:09 2008 +0200
+++ b/src/auth/auth-master-connection.c	Sun Mar 09 12:36:55 2008 +0200
@@ -30,16 +30,20 @@ struct master_userdb_request {
 
 static int master_output(void *context);
 
-void auth_master_request_callback(const char *reply, void *context)
+void auth_master_request_callback(struct auth_stream_reply *reply,
+				  void *context)
 {
 	struct auth_master_connection *conn = context;
 	struct const_iovec iov[2];
+	const char *reply_str;
+
+	reply_str = auth_stream_reply_export(reply);
 
 	if (conn->listener->auth->verbose_debug)
-		i_info("master out: %s", reply);
-
-	iov[0].iov_base = reply;
-	iov[0].iov_len = strlen(reply);
+		i_info("master out: %s", reply_str);
+
+	iov[0].iov_base = reply_str;
+	iov[0].iov_len = strlen(reply_str);
 	iov[1].iov_base = "\n";
 	iov[1].iov_len = 1;
 
diff -r 28fa25a294ff -r 6a1792255faf src/auth/auth-master-connection.h
--- a/src/auth/auth-master-connection.h	Sun Mar 09 10:35:09 2008 +0200
+++ b/src/auth/auth-master-connection.h	Sun Mar 09 12:36:55 2008 +0200
@@ -1,5 +1,7 @@
 #ifndef __AUTH_MASTER_CONNECTION_H
 #define __AUTH_MASTER_CONNECTION_H
+
+struct auth_stream_reply;
 
 struct auth_master_connection {
 	struct auth_master_listener *listener;
@@ -24,6 +26,7 @@ void auth_master_connection_send_handsha
 void auth_master_connection_send_handshake(struct auth_master_connection *conn);
 void auth_master_connections_send_handshake(void);
 
-void auth_master_request_callback(const char *reply, void *context);
+void auth_master_request_callback(struct auth_stream_reply *reply,
+				  void *context);
 
 #endif
diff -r 28fa25a294ff -r 6a1792255faf src/auth/auth-request-handler.c
--- a/src/auth/auth-request-handler.c	Sun Mar 09 10:35:09 2008 +0200
+++ b/src/auth/auth-request-handler.c	Sun Mar 09 12:36:55 2008 +0200
@@ -107,97 +107,97 @@ void auth_request_handler_check_timeouts
 	hash_iterate_deinit(iter);
 }
 
-static const char *get_client_extra_fields(struct auth_request *request)
-{
-	string_t *str;
+static void get_client_extra_fields(struct auth_request *request,
+				    struct auth_stream_reply *reply)
+{
 	const char **fields, *extra_fields;
 	unsigned int src, dest;
 	bool seen_pass = FALSE;
 
 	if (auth_stream_is_empty(request->extra_fields))
-		return NULL;
+		return;
 
 	extra_fields = auth_stream_reply_export(request->extra_fields);
 
 	if (!request->proxy) {
 		/* we only wish to remove all fields prefixed with "userdb_" */
-		if (strstr(extra_fields, "userdb_") == NULL)
-			return extra_fields;
-	}
-
-	str = t_str_new(128);
+		if (strstr(extra_fields, "userdb_") == NULL) {
+			auth_stream_reply_import(reply, extra_fields);
+			return;
+		}
+	}
+
 	fields = t_strsplit(extra_fields, "\t");
 	for (src = dest = 0; fields[src] != NULL; src++) {
 		if (strncmp(fields[src], "userdb_", 7) != 0) {
-			if (str_len(str) > 0)
-				str_append_c(str, '\t');
 			if (!seen_pass && strncmp(fields[src], "pass=", 5) == 0)
 				seen_pass = TRUE;
-			str_append(str, fields[src]);
+			auth_stream_reply_import(reply, fields[src]);
 		}
 	}
 
 	if (request->proxy && !seen_pass && request->mech_password != NULL) {
 		/* we're proxying - send back the password that was
 		   sent by user (not the password in passdb). */
-		str_printfa(str, "\tpass=%s", request->mech_password);
-	}
-
-	return str_len(str) == 0 ? NULL : str_c(str);
+		auth_stream_reply_add(reply, "pass", request->mech_password);
+	}
 }
 
 static void auth_callback(struct auth_request *request,
 			  enum auth_client_result result,
-			  const void *reply, size_t reply_size)
+			  const void *auth_reply, size_t reply_size)
 {
         struct auth_request_handler *handler = request->context;
+	struct auth_stream_reply *reply;
 	string_t *str;
-	const char *fields;
 
 	t_push();
 
-	str = t_str_new(128 + MAX_BASE64_ENCODED_SIZE(reply_size));
+	reply = auth_stream_reply_init(pool_datastack_create());
 	switch (result) {
 	case AUTH_CLIENT_RESULT_CONTINUE:
-		str_printfa(str, "CONT\t%u\t", request->id);
-		base64_encode(reply, reply_size, str);
+		auth_stream_reply_add(reply, "CONT", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(request->id));
+
+		str = t_str_new(MAX_BASE64_ENCODED_SIZE(reply_size));
+		base64_encode(auth_reply, reply_size, str);
+		auth_stream_reply_add(reply, NULL, str_c(str));
+
                 request->accept_input = TRUE;
-		handler->callback(str_c(str), handler->context);
+		handler->callback(reply, handler->context);
 		break;
 	case AUTH_CLIENT_RESULT_SUCCESS:
-		str_printfa(str, "OK\t%u\tuser=%s", request->id, request->user);
+		auth_stream_reply_add(reply, "OK", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(request->id));
+		auth_stream_reply_add(reply, "user", request->user);
+
 		if (reply_size > 0) {
-			str_append(str, "\tresp=");
-			base64_encode(reply, reply_size, str);
-		}
-		fields = get_client_extra_fields(request);
-		if (fields != NULL) {
-			str_append_c(str, '\t');
-			str_append(str, fields);
-		}
+			str = t_str_new(MAX_BASE64_ENCODED_SIZE(reply_size));
+			base64_encode(auth_reply, reply_size, str);
+			auth_stream_reply_add(reply, "resp", str_c(str));
+		}
+		get_client_extra_fields(request, reply);
 
 		if (request->no_login || handler->master_callback == NULL) {
 			/* this request doesn't have to wait for master
 			   process to pick it up. delete it */
 			auth_request_handler_remove(handler, request);
 		}
-		handler->callback(str_c(str), handler->context);
+		handler->callback(reply, handler->context);
 		break;
 	case AUTH_CLIENT_RESULT_FAILURE:
-		str_printfa(str, "FAIL\t%u", request->id);
+		auth_stream_reply_add(reply, "FAIL", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(request->id));
+
 		if (request->user != NULL)
-			str_printfa(str, "\tuser=%s", request->user);
+			auth_stream_reply_add(reply, "user", request->user);
 		if (request->internal_failure)
-			str_append(str, "\ttemp");
-		fields = get_client_extra_fields(request);
-		if (fields != NULL) {
-			str_append_c(str, '\t');
-			str_append(str, fields);
-		}
+			auth_stream_reply_add(reply, "temp", NULL);
+		get_client_extra_fields(request, reply);
 
 		if (request->delayed_failure) {
 			/* we came here from flush_failures() */
-			handler->callback(str_c(str), handler->context);
+			handler->callback(reply, handler->context);
 			break;
 		}
 
@@ -208,7 +208,7 @@ static void auth_callback(struct auth_re
 		if (request->no_failure_delay) {
 			/* passdb specifically requested not to delay the
 			   reply. */
-			handler->callback(str_c(str), handler->context);
+			handler->callback(reply, handler->context);
 			auth_request_unref(&request);
 		} else {
 			/* failure. don't announce it immediately to avoid
@@ -231,13 +231,16 @@ static void auth_request_handler_auth_fa
 					   struct auth_request *request,
 					   const char *reason)
 {
-	string_t *reply = t_str_new(64);
+	struct auth_stream_reply *reply;
 
 	auth_request_log_info(request, request->mech->mech_name, "%s", reason);
 
-	str_printfa(reply, "FAIL\t%u\treason=%s", request->id, reason);
-	handler->callback(str_c(reply), handler->context);
-
+	reply = auth_stream_reply_init(pool_datastack_create());
+	auth_stream_reply_add(reply, "FAIL", NULL);
+	auth_stream_reply_add(reply, NULL, dec2str(request->id));
+	auth_stream_reply_add(reply, "reason", reason);
+
+	handler->callback(reply, handler->context);
 	auth_request_handler_remove(handler, request);
 }
 
@@ -367,10 +370,13 @@ bool auth_request_handler_auth_continue(
 
 	request = hash_lookup(handler->requests, POINTER_CAST(id));
 	if (request == NULL) {
-		string_t *reply = t_str_new(64);
-
-		str_printfa(reply, "FAIL\t%u\treason=Timeouted", id);
-		handler->callback(str_c(reply), handler->context);
+		struct auth_stream_reply *reply;
+
+		reply = auth_stream_reply_init(pool_datastack_create());
+		auth_stream_reply_add(reply, "FAIL", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(id));
+		auth_stream_reply_add(reply, "reason", "Timeouted");
+		handler->callback(reply, handler->context);
 		return TRUE;
 	}
 
@@ -398,34 +404,38 @@ bool auth_request_handler_auth_continue(
 }
 
 static void userdb_callback(enum userdb_result result,
-			    struct auth_stream_reply *reply,
+			    struct auth_stream_reply *userdb_reply,
 			    struct auth_request *request)
 {
         struct auth_request_handler *handler = request->context;
-	string_t *str;
+	struct auth_stream_reply *reply;
 
 	i_assert(request->state == AUTH_REQUEST_STATE_USERDB);
 
 	request->state = AUTH_REQUEST_STATE_FINISHED;
 
-	str = t_str_new(256);
+	reply = auth_stream_reply_init(pool_datastack_create());
 	switch (result) {
 	case USERDB_RESULT_INTERNAL_FAILURE:
-		str_printfa(str, "FAIL\t%u", request->id);
+		auth_stream_reply_add(reply, "FAIL", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(request->id));
 		break;
 	case USERDB_RESULT_USER_UNKNOWN:
-		str_printfa(str, "NOTFOUND\t%u", request->id);
+		auth_stream_reply_add(reply, "NOTFOUND", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(request->id));
 		break;
 	case USERDB_RESULT_OK:
+		auth_stream_reply_add(reply, "USER", NULL);
+		auth_stream_reply_add(reply, NULL, dec2str(request->id));

More information about the dovecot-cvs mailing list