[dovecot-cvs] dovecot/src/auth auth-cache.c, 1.8, 1.9 auth-cache.h,
1.1, 1.2 auth-request.c, 1.11, 1.12 passdb-cache.c, 1.6,
1.7 passdb-cache.h, 1.2, 1.3
cras at dovecot.org
cras at dovecot.org
Tue Mar 1 00:41:35 EET 2005
- Previous message: [dovecot-cvs] dovecot/src/auth Makefile.am, 1.44,
1.45 auth-master-connection.c, 1.28,
1.29 auth-master-connection.h, 1.9,
1.10 auth-request-balancer-child.c, 1.2,
NONE auth-request-balancer-worker.c, 1.1,
NONE auth-request-balancer.h, 1.1,
NONE auth-request-handler-balancer.c, 1.1,
NONE auth-request-handler-default.c, 1.5,
NONE auth-request-handler.c, 1.2, 1.3 auth-request-handler.h,
1.2, 1.3 auth-request.c, 1.10, 1.11 auth-request.h, 1.9,
1.10 auth.c, 1.13, 1.14 auth.h, 1.11, 1.12 common.h, 1.11,
1.12 main.c, 1.40, 1.41 passdb-bsdauth.c, 1.7,
1.8 passdb-checkpassword.c, 1.7, 1.8 passdb-ldap.c, 1.24,
1.25 passdb-pam.c, 1.21, 1.22 passdb-passwd-file.c, 1.15,
1.16 passdb-passwd.c, 1.10, 1.11 passdb-shadow.c, 1.11,
1.12 passdb-sql.c, 1.14, 1.15 passdb-vpopmail.c, 1.15,
1.16 passdb.c, 1.32, 1.33 passdb.h, 1.22, 1.23 userdb-ldap.c,
1.28, 1.29 userdb-passdb.c, 1.4, 1.5 userdb-passwd-file.c,
1.12, 1.13 userdb-passwd.c, 1.13, 1.14 userdb-sql.c, 1.7,
1.8 userdb-static.c, 1.11, 1.12 userdb-vpopmail.c, 1.14,
1.15 userdb.h, 1.20, 1.21
- Next message: [dovecot-cvs] dovecot/src/auth auth-worker-client.c, NONE,
1.1 auth-worker-client.h, NONE, 1.1 auth-worker-server.c, NONE,
1.1 auth-worker-server.h, NONE, 1.1 passdb-blocking.c, NONE,
1.1 passdb-blocking.h, NONE, 1.1 userdb-blocking.c, NONE,
1.1 userdb-blocking.h, NONE, 1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv21818
Modified Files:
auth-cache.c auth-cache.h auth-request.c passdb-cache.c
passdb-cache.h
Log Message:
Fallback to using expired records from auth cache if database lookups fail.
Index: auth-cache.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-cache.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- auth-cache.c 7 Jan 2005 18:51:10 -0000 1.8
+++ auth-cache.c 28 Feb 2005 22:41:33 -0000 1.9
@@ -126,11 +126,13 @@
const char *auth_cache_lookup(struct auth_cache *cache,
const struct auth_request *request,
- const char *key)
+ const char *key, int *expired_r)
{
string_t *str;
struct cache_node *node;
+ *expired_r = FALSE;
+
if (cache->hup_count != lib_signal_hup_count) {
/* SIGHUP received - clear cache */
i_info("SIGHUP received, clearing cache");
@@ -147,15 +149,14 @@
return NULL;
if (node->created < time(NULL) - (time_t)cache->ttl_secs) {
- /* TTL expired, destroy */
- auth_cache_node_destroy(cache, node);
- return NULL;
- }
-
- /* move to head */
- if (node != cache->head) {
- auth_cache_node_unlink(cache, node);
- auth_cache_node_link_head(cache, node);
+ /* TTL expired */
+ *expired_r = TRUE;
+ } else {
+ /* move to head */
+ if (node != cache->head) {
+ auth_cache_node_unlink(cache, node);
+ auth_cache_node_link_head(cache, node);
+ }
}
return node->data + strlen(node->data) + 1;
Index: auth-cache.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-cache.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- auth-cache.h 21 Oct 2004 02:23:12 -0000 1.1
+++ auth-cache.h 28 Feb 2005 22:41:33 -0000 1.2
@@ -21,7 +21,7 @@
auth_cache_parse_key(). */
const char *auth_cache_lookup(struct auth_cache *cache,
const struct auth_request *request,
- const char *key);
+ const char *key, int *expired_r);
/* Insert key => value into cache. */
void auth_cache_insert(struct auth_cache *cache,
const struct auth_request *request,
Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- auth-request.c 28 Feb 2005 22:19:21 -0000 1.11
+++ auth-request.c 28 Feb 2005 22:41:33 -0000 1.12
@@ -148,8 +148,27 @@
void auth_request_verify_plain_callback(enum passdb_result result,
struct auth_request *request)
{
+ const char *cache_key;
+ int expired;
+
auth_request_save_cache(request, result);
+ cache_key = passdb_cache == NULL ? NULL :
+ request->auth->passdb->cache_key;
+ if (result == PASSDB_RESULT_INTERNAL_FAILURE && cache_key != NULL) {
+ /* lookup failed. if we're looking here only because the
+ request was expired in cache, fallback to using cached
+ expired record. */
+ if (passdb_cache_verify_plain(request, cache_key,
+ request->mech_password,
+ &result, &expired)) {
+ request->private_callback.verify_plain(result, request);
+ safe_memset(request->mech_password, 0,
+ strlen(request->mech_password));
+ return;
+ }
+ }
+
if (request->proxy) {
/* we're proxying - send back the password that was
sent by user (not the password in passdb). */
@@ -159,10 +178,11 @@
if (request->passdb_password != NULL) {
safe_memset(request->passdb_password, 0,
- strlen(request->mech_password));
+ strlen(request->passdb_password));
}
safe_memset(request->mech_password, 0, strlen(request->mech_password));
+
request->private_callback.verify_plain(result, request);
}
@@ -173,6 +193,7 @@
struct passdb_module *passdb = request->auth->passdb;
enum passdb_result result;
const char *cache_key;
+ int expired;
request->mech_password = p_strdup(request->pool, password);
request->private_callback.verify_plain = callback;
@@ -180,7 +201,7 @@
cache_key = passdb_cache == NULL ? NULL : passdb->cache_key;
if (cache_key != NULL) {
if (passdb_cache_verify_plain(request, cache_key, password,
- &result)) {
+ &result, &expired) && !expired) {
callback(result, request);
return;
}
@@ -198,11 +219,32 @@
const char *credentials,
struct auth_request *request)
{
+ const char *cache_key, *scheme;
+ int expired;
+
auth_request_save_cache(request, result);
if (request->passdb_password != NULL) {
safe_memset(request->passdb_password, 0,
- strlen(request->mech_password));
+ strlen(request->passdb_password));
+ }
+
+ cache_key = passdb_cache == NULL ? NULL :
+ request->auth->passdb->cache_key;
+ if (result == PASSDB_RESULT_INTERNAL_FAILURE && cache_key != NULL) {
+ /* lookup failed. if we're looking here only because the
+ request was expired in cache, fallback to using cached
+ expired record. */
+ if (passdb_cache_lookup_credentials(request, cache_key,
+ &credentials, &scheme,
+ &expired)) {
+ passdb_handle_credentials(credentials != NULL ?
+ PASSDB_RESULT_OK : PASSDB_RESULT_USER_UNKNOWN,
+ request->credentials, credentials, scheme,
+ request->private_callback.lookup_credentials,
+ request);
+ return;
+ }
}
request->private_callback.lookup_credentials(result, credentials,
@@ -215,11 +257,13 @@
{
struct passdb_module *passdb = request->auth->passdb;
const char *cache_key, *result, *scheme;
+ int expired;
cache_key = passdb_cache == NULL ? NULL : passdb->cache_key;
if (cache_key != NULL) {
if (passdb_cache_lookup_credentials(request, cache_key,
- &result, &scheme)) {
+ &result, &scheme,
+ &expired) && !expired) {
passdb_handle_credentials(result != NULL ?
PASSDB_RESULT_OK :
PASSDB_RESULT_USER_UNKNOWN,
Index: passdb-cache.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-cache.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- passdb-cache.c 26 Feb 2005 22:55:03 -0000 1.6
+++ passdb-cache.c 28 Feb 2005 22:41:33 -0000 1.7
@@ -34,7 +34,7 @@
int passdb_cache_verify_plain(struct auth_request *request, const char *key,
const char *password,
- enum passdb_result *result_r)
+ enum passdb_result *result_r, int *expired_r)
{
const char *value, *cached_pw, *scheme, *const *list;
int ret;
@@ -43,7 +43,7 @@
return FALSE;
/* value = password \t ... */
- value = auth_cache_lookup(passdb_cache, request, key);
+ value = auth_cache_lookup(passdb_cache, request, key, expired_r);
if (value == NULL)
return FALSE;
@@ -76,14 +76,14 @@
int passdb_cache_lookup_credentials(struct auth_request *request,
const char *key, const char **result_r,
- const char **scheme_r)
+ const char **scheme_r, int *expired_r)
{
const char *value, *const *list;
if (passdb_cache == NULL)
return FALSE;
- value = auth_cache_lookup(passdb_cache, request, key);
+ value = auth_cache_lookup(passdb_cache, request, key, expired_r);
if (value == NULL)
return FALSE;
Index: passdb-cache.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-cache.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- passdb-cache.h 26 Feb 2005 22:55:03 -0000 1.2
+++ passdb-cache.h 28 Feb 2005 22:41:33 -0000 1.3
@@ -8,10 +8,10 @@
int passdb_cache_verify_plain(struct auth_request *request, const char *key,
const char *password,
- enum passdb_result *result_r);
+ enum passdb_result *result_r, int *expired_r);
int passdb_cache_lookup_credentials(struct auth_request *request,
const char *key, const char **result_r,
- const char **scheme_r);
+ const char **scheme_r, int *expired_r);
void passdb_cache_init(void);
void passdb_cache_deinit(void);
- Previous message: [dovecot-cvs] dovecot/src/auth Makefile.am, 1.44,
1.45 auth-master-connection.c, 1.28,
1.29 auth-master-connection.h, 1.9,
1.10 auth-request-balancer-child.c, 1.2,
NONE auth-request-balancer-worker.c, 1.1,
NONE auth-request-balancer.h, 1.1,
NONE auth-request-handler-balancer.c, 1.1,
NONE auth-request-handler-default.c, 1.5,
NONE auth-request-handler.c, 1.2, 1.3 auth-request-handler.h,
1.2, 1.3 auth-request.c, 1.10, 1.11 auth-request.h, 1.9,
1.10 auth.c, 1.13, 1.14 auth.h, 1.11, 1.12 common.h, 1.11,
1.12 main.c, 1.40, 1.41 passdb-bsdauth.c, 1.7,
1.8 passdb-checkpassword.c, 1.7, 1.8 passdb-ldap.c, 1.24,
1.25 passdb-pam.c, 1.21, 1.22 passdb-passwd-file.c, 1.15,
1.16 passdb-passwd.c, 1.10, 1.11 passdb-shadow.c, 1.11,
1.12 passdb-sql.c, 1.14, 1.15 passdb-vpopmail.c, 1.15,
1.16 passdb.c, 1.32, 1.33 passdb.h, 1.22, 1.23 userdb-ldap.c,
1.28, 1.29 userdb-passdb.c, 1.4, 1.5 userdb-passwd-file.c,
1.12, 1.13 userdb-passwd.c, 1.13, 1.14 userdb-sql.c, 1.7,
1.8 userdb-static.c, 1.11, 1.12 userdb-vpopmail.c, 1.14,
1.15 userdb.h, 1.20, 1.21
- Next message: [dovecot-cvs] dovecot/src/auth auth-worker-client.c, NONE,
1.1 auth-worker-client.h, NONE, 1.1 auth-worker-server.c, NONE,
1.1 auth-worker-server.h, NONE, 1.1 passdb-blocking.c, NONE,
1.1 passdb-blocking.h, NONE, 1.1 userdb-blocking.c, NONE,
1.1 userdb-blocking.h, NONE, 1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list