[dovecot-cvs] dovecot/src/auth auth-request.c, 1.28, 1.29 auth.c,
1.16, 1.17 auth.h, 1.13, 1.14 passdb.c, 1.35, 1.36 passdb.h,
1.26, 1.27
cras at dovecot.org
cras at dovecot.org
Sat Sep 24 15:55:25 EEST 2005
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv5113/src/auth
Modified Files:
auth-request.c auth.c auth.h passdb.c passdb.h
Log Message:
Added deny password databases.
Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- auth-request.c 24 Sep 2005 10:50:38 -0000 1.28
+++ auth-request.c 24 Sep 2005 12:55:23 -0000 1.29
@@ -236,8 +236,14 @@
strlen(request->passdb_password));
}
- if (result != PASSDB_RESULT_OK &&
- request->passdb->next != NULL) {
+ if (result != PASSDB_RESULT_USER_UNKNOWN && request->passdb->deny) {
+ /* user found from deny passdb. deny this authentication. */
+ auth_request_log_info(request, "passdb",
+ "User found from deny passdb");
+ result = PASSDB_RESULT_USER_DISABLED;
+ } else if (result != PASSDB_RESULT_OK &&
+ result != PASSDB_RESULT_USER_DISABLED &&
+ request->passdb->next != NULL) {
/* try next passdb. */
if (result == PASSDB_RESULT_INTERNAL_FAILURE)
request->passdb_internal_failure = TRUE;
@@ -249,9 +255,8 @@
auth_request_verify_plain(request, request->mech_password,
request->private_callback.verify_plain);
return;
- }
-
- if (request->passdb_internal_failure && result != PASSDB_RESULT_OK) {
+ } else if (request->passdb_internal_failure &&
+ result != PASSDB_RESULT_OK) {
/* one of the passdb lookups returned internal failure.
it may have had the correct password, so return internal
failure instead of plain failure. */
Index: auth.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -d -r1.16 -r1.17
--- auth.c 16 Apr 2005 19:44:09 -0000 1.16
+++ auth.c 24 Sep 2005 12:55:23 -0000 1.17
@@ -17,6 +17,7 @@
struct auth *auth_preinit(void)
{
struct auth *auth;
+ struct auth_passdb *auth_passdb;
const char *driver, *args;
pool_t pool;
unsigned int i;
@@ -35,7 +36,10 @@
break;
args = getenv(t_strdup_printf("PASSDB_%u_ARGS", i));
- passdb_preinit(auth, driver, args);
+ auth_passdb = passdb_preinit(auth, driver, args);
+
+ if (getenv(t_strdup_printf("PASSDB_%u_DENY", i)) != NULL)
+ auth_passdb->deny = TRUE;
}
t_pop();
Index: auth.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth.h,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- auth.h 7 Mar 2005 18:55:13 -0000 1.13
+++ auth.h 24 Sep 2005 12:55:23 -0000 1.14
@@ -11,6 +11,8 @@
#ifdef HAVE_MODULES
struct auth_module *module;
#endif
+ /* if user is found from this passdb, deny authentication immediately */
+ unsigned int deny:1;
};
struct auth_userdb {
Index: passdb.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb.c,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -d -r1.35 -r1.36
--- passdb.c 16 Mar 2005 20:18:13 -0000 1.35
+++ passdb.c 24 Sep 2005 12:55:23 -0000 1.36
@@ -116,7 +116,8 @@
callback(PASSDB_RESULT_OK, password, auth_request);
}
-void passdb_preinit(struct auth *auth, const char *driver, const char *args)
+struct auth_passdb *passdb_preinit(struct auth *auth, const char *driver,
+ const char *args)
{
struct passdb_module **p;
struct auth_passdb *auth_passdb, **dest;
@@ -153,6 +154,7 @@
if (auth_passdb->passdb->preinit != NULL)
auth_passdb->passdb->preinit(auth_passdb->args);
+ return auth_passdb;
}
void passdb_init(struct auth_passdb *passdb)
Index: passdb.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb.h,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -d -r1.26 -r1.27
--- passdb.h 7 Aug 2005 11:41:19 -0000 1.26
+++ passdb.h 24 Sep 2005 12:55:23 -0000 1.27
@@ -69,7 +69,8 @@
const char *passdb_credentials_to_str(enum passdb_credentials credentials);
-void passdb_preinit(struct auth *auth, const char *driver, const char *args);
+struct auth_passdb *passdb_preinit(struct auth *auth, const char *driver,
+ const char *args);
void passdb_init(struct auth_passdb *passdb);
void passdb_deinit(struct auth_passdb *passdb);
More information about the dovecot-cvs
mailing list