dovecot-1.2: auth: Improved logging for "password scheme not ava...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-1.2/rev/90e2a21a4298
changeset: 8764:90e2a21a4298
user:      Timo Sirainen <tss at iki.fi>
date:      Sat Feb 21 14:51:32 2009 -0500
description:
auth: Improved logging for "password scheme not available" failures.

diffstat:

3 files changed, 19 insertions(+), 21 deletions(-)
src/auth/auth-request.c |   26 +++++++++++---------------
src/auth/passdb-cache.c |    3 ---
src/auth/passdb.c       |   11 ++++++++---

diffs (92 lines):

diff -r 992cfb5ebdb0 -r 90e2a21a4298 src/auth/auth-request.c
--- a/src/auth/auth-request.c	Sat Feb 21 14:38:51 2009 -0500
+++ b/src/auth/auth-request.c	Sat Feb 21 14:51:32 2009 -0500
@@ -556,12 +556,11 @@ void auth_request_lookup_credentials_cal
 						    &result, TRUE)) {
 			auth_request_log_info(request, "passdb",
 				"Fallbacking to expired data from cache");
-		}
-		if (result == PASSDB_RESULT_OK) {
-			if (!passdb_get_credentials(request, cache_cred,
-						    cache_scheme,
-						    &credentials, &size))
-				result = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
+			passdb_handle_credentials(
+				result, cache_cred, cache_scheme,
+				auth_request_lookup_credentials_finish,
+				request);
+			return;
 		}
 	}
 
@@ -575,8 +574,6 @@ void auth_request_lookup_credentials(str
 {
 	struct passdb_module *passdb = request->passdb->passdb;
 	const char *cache_key, *cache_cred, *cache_scheme;
-	const unsigned char *credentials;
-	size_t size;
 	enum passdb_result result;
 
 	i_assert(request->state == AUTH_REQUEST_STATE_MECH_CONTINUE);
@@ -589,13 +586,10 @@ void auth_request_lookup_credentials(str
 		if (passdb_cache_lookup_credentials(request, cache_key,
 						    &cache_cred, &cache_scheme,
 						    &result, FALSE)) {
-			if (result == PASSDB_RESULT_OK &&
-			    !passdb_get_credentials(request, cache_cred,
-						    cache_scheme,
-						    &credentials, &size))
-				result = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
-			auth_request_lookup_credentials_finish(
-				result, credentials, size, request);
+			passdb_handle_credentials(
+				result, cache_cred, cache_scheme,
+				auth_request_lookup_credentials_finish,
+				request);
 			return;
 		}
 	}
@@ -604,6 +598,8 @@ void auth_request_lookup_credentials(str
 
 	if (passdb->iface.lookup_credentials == NULL) {
 		/* this passdb doesn't support credentials */
+		auth_request_log_debug(request, "password",
+			"passdb doesn't support credential lookups");
 		auth_request_lookup_credentials_callback(
 			PASSDB_RESULT_SCHEME_NOT_AVAILABLE, NULL, 0, request);
 	} else if (passdb->blocking) {
diff -r 992cfb5ebdb0 -r 90e2a21a4298 src/auth/passdb-cache.c
--- a/src/auth/passdb-cache.c	Sat Feb 21 14:38:51 2009 -0500
+++ b/src/auth/passdb-cache.c	Sat Feb 21 14:51:32 2009 -0500
@@ -119,9 +119,6 @@ bool passdb_cache_lookup_credentials(str
 	*password_r = *list[0] == '\0' ? NULL : list[0];
 	*scheme_r = password_get_scheme(password_r);
 	i_assert(*scheme_r != NULL || *password_r == NULL);
-
-	if (*password_r == NULL)
-		*result_r = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
 	return TRUE;
 }
 
diff -r 992cfb5ebdb0 -r 90e2a21a4298 src/auth/passdb.c
--- a/src/auth/passdb.c	Sat Feb 21 14:38:51 2009 -0500
+++ b/src/auth/passdb.c	Sat Feb 21 14:51:32 2009 -0500
@@ -123,10 +123,15 @@ void passdb_handle_credentials(enum pass
 		return;
 	}
 
-	if (password == NULL ||
-	    !passdb_get_credentials(auth_request, password, scheme,
-				    &credentials, &size))
+	if (password == NULL) {
+		auth_request_log_info(auth_request, "password",
+			"Requested %s scheme, but we have a NULL password",
+			auth_request->credentials_scheme);
 		result = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
+	} else if (!passdb_get_credentials(auth_request, password, scheme,
+					   &credentials, &size)) {
+		result = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
+	}
 
 	callback(result, credentials, size, auth_request);
 }