dovecot-1.1: Log clearly with "auth failed, # attempts" if user ...
dovecot at dovecot.org
dovecot at dovecot.org
Wed Mar 26 21:30:19 EET 2008
details: http://hg.dovecot.org/dovecot-1.1/rev/65fbb6226141
changeset: 7438:65fbb6226141
user: Timo Sirainen <tss at iki.fi>
date: Wed Mar 26 21:30:15 2008 +0200
description:
Log clearly with "auth failed, # attempts" if user gets disconnected before
logging in.
diffstat:
8 files changed, 43 insertions(+), 21 deletions(-)
src/imap-login/client-authenticate.c | 8 +++++---
src/imap-login/client.c | 22 +++++++++++++++-------
src/imap-login/client.h | 2 ++
src/imap-login/imap-proxy.c | 6 +++---
src/pop3-login/client-authenticate.c | 4 ++--
src/pop3-login/client.c | 14 +++++++++++---
src/pop3-login/client.h | 2 ++
src/pop3-login/pop3-proxy.c | 6 +++---
diffs (247 lines):
diff -r 498975950370 -r 65fbb6226141 src/imap-login/client-authenticate.c
--- a/src/imap-login/client-authenticate.c Wed Mar 26 21:27:10 2008 +0200
+++ b/src/imap-login/client-authenticate.c Wed Mar 26 21:30:15 2008 +0200
@@ -156,7 +156,7 @@ static bool client_handle_args(struct im
}
client_send_tagline(client, str_c(reply));
if (!nologin) {
- client_destroy(client, "Login with referral");
+ client_destroy_success(client, "Login with referral");
return TRUE;
}
} else if (nologin || proxy_self) {
@@ -209,7 +209,7 @@ static void sasl_callback(struct client
}
client_send_tagline(client, "OK Logged in.");
- client_destroy(client, "Login");
+ client_destroy_success(client, "Login");
break;
case SASL_SERVER_REPLY_AUTH_FAILED:
case SASL_SERVER_REPLY_CLIENT_ERROR:
@@ -234,7 +234,9 @@ static void sasl_callback(struct client
else {
client_send_tagline(client,
t_strconcat("NO ", data, NULL));
- client_destroy(client, data);
+ /* authentication itself succeeded, we just hit some
+ internal failure. */
+ client_destroy_success(client, data);
}
break;
case SASL_SERVER_REPLY_CONTINUE:
diff -r 498975950370 -r 65fbb6226141 src/imap-login/client.c
--- a/src/imap-login/client.c Wed Mar 26 21:27:10 2008 +0200
+++ b/src/imap-login/client.c Wed Mar 26 21:30:15 2008 +0200
@@ -211,9 +211,7 @@ static int cmd_logout(struct imap_client
client_destroy(client, "Aborted login "
"(tried to use disabled plaintext authentication)");
} else {
- client_destroy(client, t_strdup_printf(
- "Aborted login (%u authentication attempts)",
- client->common.auth_attempts));
+ client_destroy(client, "Aborted login");
}
return 1;
}
@@ -284,8 +282,8 @@ static bool client_handle_input(struct i
if (fatal) {
client_send_line(client, t_strconcat("* BYE ",
msg, NULL));
- client_destroy(client, t_strconcat("Disconnected: ",
- msg, NULL));
+ client_destroy(client,
+ t_strconcat("Disconnected: ", msg, NULL));
return FALSE;
}
@@ -311,8 +309,8 @@ static bool client_handle_input(struct i
if (++client->bad_counter >= CLIENT_MAX_BAD_COMMANDS) {
client_send_line(client,
"* BYE Too many invalid IMAP commands.");
- client_destroy(client, "Disconnected: "
- "Too many invalid commands");
+ client_destroy(client,
+ "Disconnected: Too many invalid commands");
return FALSE;
}
client_send_tagline(client,
@@ -486,6 +484,10 @@ void client_destroy(struct imap_client *
return;
client->destroyed = TRUE;
+ if (!client->login_success && reason != NULL) {
+ reason = t_strdup_printf("%s (auth failed, %u attempts)",
+ reason, client->common.auth_attempts);
+ }
if (reason != NULL)
client_syslog(&client->common, reason);
@@ -541,6 +543,12 @@ void client_destroy(struct imap_client *
main_listen_start();
main_unref();
+}
+
+void client_destroy_success(struct imap_client *client, const char *reason)
+{
+ client->login_success = TRUE;
+ client_destroy(client, reason);
}
void client_destroy_internal_failure(struct imap_client *client)
diff -r 498975950370 -r 65fbb6226141 src/imap-login/client.h
--- a/src/imap-login/client.h Wed Mar 26 21:27:10 2008 +0200
+++ b/src/imap-login/client.h Wed Mar 26 21:30:15 2008 +0200
@@ -24,6 +24,7 @@ struct imap_client {
const char *cmd_tag, *cmd_name;
+ unsigned int login_success:1;
unsigned int cmd_finished:1;
unsigned int proxy_login_sent:1;
unsigned int skip_line:1;
@@ -33,6 +34,7 @@ struct imap_client {
};
void client_destroy(struct imap_client *client, const char *reason);
+void client_destroy_success(struct imap_client *client, const char *reason);
void client_destroy_internal_failure(struct imap_client *client);
void client_send_line(struct imap_client *client, const char *line);
diff -r 498975950370 -r 65fbb6226141 src/imap-login/imap-proxy.c
--- a/src/imap-login/imap-proxy.c Wed Mar 26 21:27:10 2008 +0200
+++ b/src/imap-login/imap-proxy.c Wed Mar 26 21:30:15 2008 +0200
@@ -63,7 +63,7 @@ static int proxy_input_line(struct imap_
client->input = NULL;
client->output = NULL;
client->common.fd = -1;
- client_destroy(client, msg);
+ client_destroy_success(client, msg);
return -1;
} else if (strncmp(line, "P ", 2) == 0) {
/* If the backend server isn't Dovecot, the error message may
@@ -117,7 +117,7 @@ static void proxy_input(struct istream *
/* failed for some reason, probably server disconnected */
client_send_line(client, "* BYE Temporary login failure.");
- client_destroy(client, NULL);
+ client_destroy_success(client, NULL);
return;
}
@@ -132,7 +132,7 @@ static void proxy_input(struct istream *
return;
case -1:
/* disconnected */
- client_destroy(client, "Proxy: Remote disconnected");
+ client_destroy_success(client, "Proxy: Remote disconnected");
return;
}
diff -r 498975950370 -r 65fbb6226141 src/pop3-login/client-authenticate.c
--- a/src/pop3-login/client-authenticate.c Wed Mar 26 21:27:10 2008 +0200
+++ b/src/pop3-login/client-authenticate.c Wed Mar 26 21:30:15 2008 +0200
@@ -170,7 +170,7 @@ static void sasl_callback(struct client
}
client_send_line(client, "+OK Logged in.");
- client_destroy(client, "Login");
+ client_destroy_success(client, "Login");
break;
case SASL_SERVER_REPLY_AUTH_FAILED:
case SASL_SERVER_REPLY_CLIENT_ERROR:
@@ -197,7 +197,7 @@ static void sasl_callback(struct client
else {
client_send_line(client,
t_strconcat("-ERR [IN-USE] ", data, NULL));
- client_destroy(client, data);
+ client_destroy_success(client, data);
}
break;
case SASL_SERVER_REPLY_CONTINUE:
diff -r 498975950370 -r 65fbb6226141 src/pop3-login/client.c
--- a/src/pop3-login/client.c Wed Mar 26 21:27:10 2008 +0200
+++ b/src/pop3-login/client.c Wed Mar 26 21:30:15 2008 +0200
@@ -150,9 +150,7 @@ static bool cmd_quit(struct pop3_client
client_destroy(client, "Aborted login "
"(tried to use disabled plaintext authentication)");
} else {
- client_destroy(client, t_strdup_printf(
- "Aborted login (%u authentication attempts)",
- client->common.auth_attempts));
+ client_destroy(client, "Aborted login");
}
return TRUE;
}
@@ -341,12 +339,22 @@ struct client *client_create(int fd, boo
return &client->common;
}
+void client_destroy_success(struct pop3_client *client, const char *reason)
+{
+ client->login_success = TRUE;
+ client_destroy(client, reason);
+}
+
void client_destroy(struct pop3_client *client, const char *reason)
{
if (client->destroyed)
return;
client->destroyed = TRUE;
+ if (!client->login_success && reason != NULL) {
+ reason = t_strdup_printf("%s (auth failed, %u attempts)",
+ reason, client->common.auth_attempts);
+ }
if (reason != NULL)
client_syslog(&client->common, reason);
diff -r 498975950370 -r 65fbb6226141 src/pop3-login/client.h
--- a/src/pop3-login/client.h Wed Mar 26 21:27:10 2008 +0200
+++ b/src/pop3-login/client.h Wed Mar 26 21:30:15 2008 +0200
@@ -28,12 +28,14 @@ struct pop3_client {
char *apop_challenge;
struct auth_connect_id auth_id;
+ unsigned int login_success:1;
unsigned int authenticating:1;
unsigned int auth_connected:1;
unsigned int destroyed:1;
};
void client_destroy(struct pop3_client *client, const char *reason);
+void client_destroy_success(struct pop3_client *client, const char *reason);
void client_destroy_internal_failure(struct pop3_client *client);
void client_send_line(struct pop3_client *client, const char *line);
diff -r 498975950370 -r 65fbb6226141 src/pop3-login/pop3-proxy.c
--- a/src/pop3-login/pop3-proxy.c Wed Mar 26 21:27:10 2008 +0200
+++ b/src/pop3-login/pop3-proxy.c Wed Mar 26 21:30:15 2008 +0200
@@ -32,7 +32,7 @@ static void proxy_input(struct istream *
/* failed for some reason, probably server disconnected */
client_send_line(client,
"-ERR [IN-USE] Temporary login failure.");
- client_destroy(client, NULL);
+ client_destroy_success(client, NULL);
return;
}
@@ -47,7 +47,7 @@ static void proxy_input(struct istream *
return;
case -1:
/* disconnected */
- client_destroy(client, "Proxy: Remote disconnected");
+ client_destroy_success(client, "Proxy: Remote disconnected");
return;
}
@@ -114,7 +114,7 @@ static void proxy_input(struct istream *
client->input = NULL;
client->output = NULL;
client->common.fd = -1;
- client_destroy(client, msg);
+ client_destroy_success(client, msg);
return;
}
More information about the dovecot-cvs
mailing list