[dovecot-cvs] dovecot/src/auth auth-request.c, 1.28, 1.29 auth.c, 1.16, 1.17 auth.h, 1.13, 1.14 passdb.c, 1.35, 1.36 passdb.h, 1.26, 1.27

cras at dovecot.org cras at dovecot.org
Sat Sep 24 15:55:25 EEST 2005 

Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv5113/src/auth

Modified Files:
	auth-request.c auth.c auth.h passdb.c passdb.h 
Log Message:
Added deny password databases.



Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- auth-request.c	24 Sep 2005 10:50:38 -0000	1.28
+++ auth-request.c	24 Sep 2005 12:55:23 -0000	1.29
@@ -236,8 +236,14 @@
 			    strlen(request->passdb_password));
 	}
 
-	if (result != PASSDB_RESULT_OK &&
-	    request->passdb->next != NULL) {
+	if (result != PASSDB_RESULT_USER_UNKNOWN && request->passdb->deny) {
+		/* user found from deny passdb. deny this authentication. */
+		auth_request_log_info(request, "passdb",
+				      "User found from deny passdb");
+		result = PASSDB_RESULT_USER_DISABLED;
+	} else if (result != PASSDB_RESULT_OK &&
+		   result != PASSDB_RESULT_USER_DISABLED &&
+		   request->passdb->next != NULL) {
 		/* try next passdb. */
 		if (result == PASSDB_RESULT_INTERNAL_FAILURE)
 			request->passdb_internal_failure = TRUE;
@@ -249,9 +255,8 @@
 		auth_request_verify_plain(request, request->mech_password,
 			request->private_callback.verify_plain);
 		return;
-	}
-
-	if (request->passdb_internal_failure && result != PASSDB_RESULT_OK) {
+	} else if (request->passdb_internal_failure &&
+		   result != PASSDB_RESULT_OK) {
 		/* one of the passdb lookups returned internal failure.
 		   it may have had the correct password, so return internal
 		   failure instead of plain failure. */

Index: auth.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -d -r1.16 -r1.17
--- auth.c	16 Apr 2005 19:44:09 -0000	1.16
+++ auth.c	24 Sep 2005 12:55:23 -0000	1.17
@@ -17,6 +17,7 @@
 struct auth *auth_preinit(void)
 {
 	struct auth *auth;
+	struct auth_passdb *auth_passdb;
 	const char *driver, *args;
 	pool_t pool;
 	unsigned int i;
@@ -35,7 +36,10 @@
 			break;
 
                 args = getenv(t_strdup_printf("PASSDB_%u_ARGS", i));
-		passdb_preinit(auth, driver, args);
+		auth_passdb = passdb_preinit(auth, driver, args);
+
+		if (getenv(t_strdup_printf("PASSDB_%u_DENY", i)) != NULL)
+			auth_passdb->deny = TRUE;
 
 	}
 	t_pop();

Index: auth.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth.h,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- auth.h	7 Mar 2005 18:55:13 -0000	1.13
+++ auth.h	24 Sep 2005 12:55:23 -0000	1.14
@@ -11,6 +11,8 @@
 #ifdef HAVE_MODULES
 	struct auth_module *module;
 #endif
+        /* if user is found from this passdb, deny authentication immediately */
+	unsigned int deny:1;
 };
 
 struct auth_userdb {

Index: passdb.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb.c,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -d -r1.35 -r1.36
--- passdb.c	16 Mar 2005 20:18:13 -0000	1.35
+++ passdb.c	24 Sep 2005 12:55:23 -0000	1.36
@@ -116,7 +116,8 @@
 	callback(PASSDB_RESULT_OK, password, auth_request);
 }
 
-void passdb_preinit(struct auth *auth, const char *driver, const char *args)
+struct auth_passdb *passdb_preinit(struct auth *auth, const char *driver,
+				   const char *args)
 {
 	struct passdb_module **p;
         struct auth_passdb *auth_passdb, **dest;
@@ -153,6 +154,7 @@
 
 	if (auth_passdb->passdb->preinit != NULL)
 		auth_passdb->passdb->preinit(auth_passdb->args);
+	return auth_passdb;
 }
 
 void passdb_init(struct auth_passdb *passdb)

Index: passdb.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb.h,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -d -r1.26 -r1.27
--- passdb.h	7 Aug 2005 11:41:19 -0000	1.26
+++ passdb.h	24 Sep 2005 12:55:23 -0000	1.27
@@ -69,7 +69,8 @@
 
 const char *passdb_credentials_to_str(enum passdb_credentials credentials);
 
-void passdb_preinit(struct auth *auth, const char *driver, const char *args);
+struct auth_passdb *passdb_preinit(struct auth *auth, const char *driver,
+				   const char *args);
 void passdb_init(struct auth_passdb *passdb);
 void passdb_deinit(struct auth_passdb *passdb);

More information about the dovecot-cvs mailing list