[dovecot-cvs] dovecot/src/auth auth-request.c, 1.93, 1.94 auth-request.h, 1.34, 1.35 auth-worker-client.c, 1.31, 1.32 db-sql.c, 1.11, 1.12 db-sql.h, 1.4, 1.5 mech-apop.c, 1.24, 1.25 mech-cram-md5.c, 1.25, 1.26 mech-digest-md5.c, 1.43, 1.44 mech-ntlm.c, 1.27, 1.28 mech-otp.c, 1.1, 1.2 mech-rpa.c, 1.28, 1.29 mech-skey.c, 1.1, 1.2 passdb-sql.c, 1.31, 1.32 passdb.c, 1.47, 1.48 passdb.h, 1.37, 1.38 userdb-static.c, 1.23, 1.24
tss at dovecot.org
tss at dovecot.org
Fri Mar 30 17:12:49 EEST 2007
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv21144/auth
Modified Files:
auth-request.c auth-request.h auth-worker-client.c db-sql.c
db-sql.h mech-apop.c mech-cram-md5.c mech-digest-md5.c
mech-ntlm.c mech-otp.c mech-rpa.c mech-skey.c passdb-sql.c
passdb.c passdb.h userdb-static.c
Log Message:
Moved all storage destruction code to mail-storage.c and made destroy()
optional. Removed set_callbacks(). Made autodetect() optional.
Index: auth-request.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.c,v
retrieving revision 1.93
retrieving revision 1.94
diff -u -d -r1.93 -r1.94
--- auth-request.c 25 Mar 2007 18:31:37 -0000 1.93
+++ auth-request.c 30 Mar 2007 14:12:46 -0000 1.94
@@ -180,6 +180,14 @@
request->mech->auth_continue(request, data, data_size);
}
+void auth_request_reset_passdb_lookup(struct auth_request *request)
+{
+ request->passdb_password = NULL;
+
+ if (request->extra_fields != NULL)
+ auth_stream_reply_reset(request->extra_fields);
+}
+
static void auth_request_save_cache(struct auth_request *request,
enum passdb_result result)
{
@@ -200,6 +208,7 @@
return success. */
return;
case PASSDB_RESULT_INTERNAL_FAILURE:
+ case PASSDB_RESULT_END_OF_LIST:
i_unreached();
}
@@ -336,7 +345,7 @@
*result != PASSDB_RESULT_USER_DISABLED) {
/* try next passdb. */
request->passdb = request->passdb->next;
- request->passdb_password = NULL;
+ auth_request_reset_passdb_lookup(request);
if (*result == PASSDB_RESULT_INTERNAL_FAILURE) {
/* remember that we have had an internal failure. at
@@ -344,9 +353,6 @@
successfully login. */
request->passdb_internal_failure = TRUE;
}
- if (request->extra_fields != NULL)
- auth_stream_reply_reset(request->extra_fields);
-
return FALSE;
} else if (request->passdb_internal_failure) {
/* last passdb lookup returned internal failure. it may have
@@ -445,27 +451,33 @@
}
}
-static void
+static bool
auth_request_lookup_credentials_callback_finish(enum passdb_result result,
const char *password,
struct auth_request *request)
{
if (!auth_request_handle_passdb_callback(&result, request)) {
+ if (result != PASSDB_RESULT_END_OF_LIST) {
+ /* see if we can get more credentials */
+ return FALSE;
+ }
+
/* try next passdb */
auth_request_lookup_credentials(request, request->credentials,
request->private_callback.lookup_credentials);
+ return TRUE;
} else {
if (request->auth->verbose_debug_passwords &&
result == PASSDB_RESULT_OK) {
auth_request_log_debug(request, "password",
"Credentials: %s", password);
}
- request->private_callback.
+ return request->private_callback.
lookup_credentials(result, password, request);
}
}
-void auth_request_lookup_credentials_callback(enum passdb_result result,
+bool auth_request_lookup_credentials_callback(enum passdb_result result,
const char *password,
struct auth_request *request)
{
@@ -475,7 +487,9 @@
request->state = AUTH_REQUEST_STATE_MECH_CONTINUE;
- if (result != PASSDB_RESULT_INTERNAL_FAILURE)
+ if (result == PASSDB_RESULT_END_OF_LIST) {
+ /* no more results */
+ } else if (result != PASSDB_RESULT_INTERNAL_FAILURE)
auth_request_save_cache(request, result);
else {
/* lookup failed. if we're looking here only because the
@@ -494,8 +508,12 @@
}
}
- auth_request_lookup_credentials_callback_finish(result, password,
- request);
+ if (!auth_request_lookup_credentials_callback_finish(result, password,
+ request)) {
+ request->state = AUTH_REQUEST_STATE_PASSDB;
+ return FALSE;
+ }
+ return TRUE;
}
void auth_request_lookup_credentials(struct auth_request *request,
@@ -534,8 +552,9 @@
auth_request_lookup_credentials_callback);
} else {
/* this passdb doesn't support credentials */
- auth_request_lookup_credentials_callback(
+ bool ret = auth_request_lookup_credentials_callback(
PASSDB_RESULT_SCHEME_NOT_AVAILABLE, NULL, request);
+ i_assert(ret);
}
}
Index: auth-request.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-request.h,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -d -r1.34 -r1.35
--- auth-request.h 10 Mar 2007 14:04:34 -0000 1.34
+++ auth-request.h 30 Mar 2007 14:12:46 -0000 1.35
@@ -110,6 +110,7 @@
const unsigned char *data, size_t data_size);
void auth_request_continue(struct auth_request *request,
const unsigned char *data, size_t data_size);
+void auth_request_reset_passdb_lookup(struct auth_request *request);
void auth_request_verify_plain(struct auth_request *request,
const char *password,
@@ -156,9 +157,10 @@
void auth_request_verify_plain_callback(enum passdb_result result,
struct auth_request *request);
-void auth_request_lookup_credentials_callback(enum passdb_result result,
+bool auth_request_lookup_credentials_callback(enum passdb_result result,
const char *credentials,
- struct auth_request *request);
+ struct auth_request *request)
+ __attr_warn_unused_result__;
void auth_request_set_credentials(struct auth_request *request,
enum passdb_credentials credentials,
const char *data,
Index: auth-worker-client.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/auth-worker-client.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -d -r1.31 -r1.32
--- auth-worker-client.c 16 Feb 2007 12:08:32 -0000 1.31
+++ auth-worker-client.c 30 Mar 2007 14:12:46 -0000 1.32
@@ -164,7 +164,7 @@
verify_plain(auth_request, password, verify_plain_callback);
}
-static void
+static bool
lookup_credentials_callback(enum passdb_result result, const char *credentials,
struct auth_request *request)
{
@@ -195,6 +195,7 @@
auth_request_unref(&request);
auth_worker_client_check_throttle(client);
auth_worker_client_unref(&client);
+ return TRUE;
}
static void
Index: db-sql.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/db-sql.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- db-sql.c 15 Dec 2006 18:38:08 -0000 1.11
+++ db-sql.c 30 Mar 2007 14:12:46 -0000 1.12
@@ -20,6 +20,7 @@
DEF(SET_STR, user_query),
DEF(SET_STR, update_query),
DEF(SET_STR, default_pass_scheme),
+ DEF(SET_BOOL, allow_multiple_rows),
{ 0, NULL, 0 }
};
@@ -30,7 +31,8 @@
MEMBER(password_query) "SELECT password FROM users WHERE userid = '%u'",
MEMBER(user_query) "SELECT home, uid, gid FROM users WHERE userid = '%u'",
MEMBER(update_query) "UPDATE users SET password = '%w' WHERE userid = '%u'",
- MEMBER(default_pass_scheme) "PLAIN-MD5"
+ MEMBER(default_pass_scheme) "PLAIN-MD5",
+ MEMBER(allow_multiple_rows) FALSE
};
static struct sql_connection *connections = NULL;
Index: db-sql.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/db-sql.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- db-sql.h 8 Nov 2006 20:22:08 -0000 1.4
+++ db-sql.h 30 Mar 2007 14:12:46 -0000 1.5
@@ -10,6 +10,8 @@
const char *user_query;
const char *update_query;
const char *default_pass_scheme;
+
+ bool allow_multiple_rows;
};
struct sql_connection {
Index: mech-apop.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-apop.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- mech-apop.c 26 Jan 2007 13:40:51 -0000 1.24
+++ mech-apop.c 30 Mar 2007 14:12:46 -0000 1.25
@@ -43,7 +43,7 @@
return memcmp(digest, request->digest, 16) == 0;
}
-static void
+static bool
apop_credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
@@ -53,10 +53,9 @@
switch (result) {
case PASSDB_RESULT_OK:
- if (verify_credentials(request, credentials))
- auth_request_success(auth_request, NULL, 0);
- else
- auth_request_fail(auth_request);
+ if (!verify_credentials(request, credentials))
+ return FALSE;
+ auth_request_success(auth_request, NULL, 0);
break;
case PASSDB_RESULT_INTERNAL_FAILURE:
auth_request_internal_failure(auth_request);
@@ -65,6 +64,7 @@
auth_request_fail(auth_request);
break;
}
+ return TRUE;
}
static void
Index: mech-cram-md5.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-cram-md5.c,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -r1.25 -r1.26
--- mech-cram-md5.c 8 Nov 2006 20:22:08 -0000 1.25
+++ mech-cram-md5.c 30 Mar 2007 14:12:46 -0000 1.26
@@ -107,7 +107,7 @@
return TRUE;
}
-static void credentials_callback(enum passdb_result result,
+static bool credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
{
@@ -116,10 +116,11 @@
switch (result) {
case PASSDB_RESULT_OK:
- if (verify_credentials(request, credentials))
- auth_request_success(auth_request, NULL, 0);
- else
- auth_request_fail(auth_request);
+ if (!verify_credentials(request, credentials)) {
+ /* see if we have more credentials */
+ return FALSE;
+ }
+ auth_request_success(auth_request, NULL, 0);
break;
case PASSDB_RESULT_INTERNAL_FAILURE:
auth_request_internal_failure(auth_request);
@@ -128,6 +129,7 @@
auth_request_fail(auth_request);
break;
}
+ return TRUE;
}
static void
Index: mech-digest-md5.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-digest-md5.c,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -d -r1.43 -r1.44
--- mech-digest-md5.c 8 Nov 2006 20:22:08 -0000 1.43
+++ mech-digest-md5.c 30 Mar 2007 14:12:46 -0000 1.44
@@ -518,7 +518,7 @@
return !failed;
}
-static void credentials_callback(enum passdb_result result,
+static bool credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
{
@@ -527,10 +527,8 @@
switch (result) {
case PASSDB_RESULT_OK:
- if (!verify_credentials(request, credentials)) {
- auth_request_fail(auth_request);
- return;
- }
+ if (!verify_credentials(request, credentials))
+ return FALSE;
request->authenticated = TRUE;
auth_request->callback(auth_request,
@@ -545,6 +543,7 @@
auth_request_fail(auth_request);
break;
}
+ return TRUE;
}
static void
Index: mech-ntlm.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-ntlm.c,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -d -r1.27 -r1.28
--- mech-ntlm.c 8 Nov 2006 20:22:08 -0000 1.27
+++ mech-ntlm.c 30 Mar 2007 14:12:46 -0000 1.28
@@ -61,7 +61,7 @@
return memcmp(lm_response, client_response, LM_RESPONSE_SIZE) == 0;
}
-static void
+static bool
lm_credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
@@ -71,10 +71,10 @@
switch (result) {
case PASSDB_RESULT_OK:
- if (lm_verify_credentials(request, credentials))
- auth_request_success(auth_request, NULL, 0);
- else
- auth_request_fail(auth_request);
+ if (!lm_verify_credentials(request, credentials))
+ return FALSE;
+
+ auth_request_success(auth_request, NULL, 0);
break;
case PASSDB_RESULT_INTERNAL_FAILURE:
auth_request_internal_failure(auth_request);
@@ -83,6 +83,7 @@
auth_request_fail(auth_request);
break;
}
+ return TRUE;
}
static int ntlm_verify_credentials(struct ntlm_auth_request *request,
@@ -145,7 +146,7 @@
}
}
-static void
+static bool
ntlm_credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
@@ -159,16 +160,14 @@
ret = ntlm_verify_credentials(request, credentials);
if (ret > 0) {
auth_request_success(auth_request, NULL, 0);
- return;
- }
- if (ret < 0) {
- auth_request_fail(auth_request);
- return;
+ return TRUE;
}
+ if (ret < 0)
+ return FALSE;
break;
case PASSDB_RESULT_INTERNAL_FAILURE:
auth_request_internal_failure(auth_request);
- return;
+ return TRUE;
default:
break;
}
@@ -177,6 +176,7 @@
try with LM credentials */
auth_request_lookup_credentials(auth_request, PASSDB_CREDENTIALS_LANMAN,
lm_credentials_callback);
+ return TRUE;
}
static void
Index: mech-otp.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-otp.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- mech-otp.c 12 Nov 2006 19:36:41 -0000 1.1
+++ mech-otp.c 30 Mar 2007 14:12:46 -0000 1.2
@@ -54,7 +54,7 @@
answer, strlen(answer));
}
-static void
+static bool
skey_credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
@@ -70,9 +70,10 @@
auth_request_fail(auth_request);
break;
}
+ return TRUE;
}
-static void
+static bool
otp_credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
@@ -91,6 +92,7 @@
skey_credentials_callback);
break;
}
+ return TRUE;
}
static void
Index: mech-rpa.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-rpa.c,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- mech-rpa.c 26 Jan 2007 13:58:48 -0000 1.28
+++ mech-rpa.c 30 Mar 2007 14:12:46 -0000 1.29
@@ -453,7 +453,7 @@
return memcmp(response, request->user_response, 16) == 0;
}
-static void
+static bool
rpa_credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
@@ -466,14 +466,13 @@
switch (result) {
case PASSDB_RESULT_OK:
if (!verify_credentials(request, credentials))
- auth_request_fail(auth_request);
- else {
- token4 = mech_rpa_build_token4(request, &token4_size);
- auth_request->callback(auth_request,
- AUTH_CLIENT_RESULT_CONTINUE,
- token4, token4_size);
- request->phase = 2;
- }
+ return FALSE;
+
+ token4 = mech_rpa_build_token4(request, &token4_size);
+ auth_request->callback(auth_request,
+ AUTH_CLIENT_RESULT_CONTINUE,
+ token4, token4_size);
+ request->phase = 2;
break;
case PASSDB_RESULT_INTERNAL_FAILURE:
auth_request_internal_failure(auth_request);
@@ -482,6 +481,7 @@
auth_request_fail(auth_request);
break;
}
+ return TRUE;
}
static void
Index: mech-skey.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-skey.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- mech-skey.c 12 Nov 2006 19:36:41 -0000 1.1
+++ mech-skey.c 30 Mar 2007 14:12:46 -0000 1.2
@@ -60,7 +60,7 @@
answer, strlen(answer));
}
-static void
+static bool
otp_credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
@@ -76,9 +76,10 @@
auth_request_fail(auth_request);
break;
}
+ return TRUE;
}
-static void
+static bool
skey_credentials_callback(enum passdb_result result,
const char *credentials,
struct auth_request *auth_request)
@@ -97,6 +98,7 @@
otp_credentials_callback);
break;
}
+ return TRUE;
}
static void
Index: passdb-sql.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-sql.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -d -r1.31 -r1.32
--- passdb-sql.c 15 Dec 2006 18:38:08 -0000 1.31
+++ passdb-sql.c 30 Mar 2007 14:12:46 -0000 1.32
@@ -52,76 +52,131 @@
}
}
+static int sql_query_next_row(struct sql_result *result,
+ struct passdb_sql_request *sql_request)
+{
+ struct auth_request *auth_request = sql_request->auth_request;
+ struct passdb_module *_module = auth_request->passdb->passdb;
+ struct sql_passdb_module *module = (struct sql_passdb_module *)_module;
+ int ret;
+
+ ret = sql_result_next_row(result);
+ if (ret <= 0) {
+ if (ret == 0)
+ return 0;
+
+ auth_request_log_error(auth_request, "sql",
+ "Password query failed: %s",
+ sql_result_get_error(result));
+ return -1;
+ }
+
+ sql_query_save_results(result, sql_request);
+
+ /* Note that we really want to check if the password field is
+ found. Just checking if password is set isn't enough,
+ because with proxies we might want to return NULL as
+ password. */
+ if (sql_result_find_field(result, "password") < 0) {
+ auth_request_log_error(auth_request, "sql",
+ "Password query must return a field named 'password'");
+ }
+
+ if (!module->conn->set.allow_multiple_rows) {
+ if (sql_result_next_row(result) > 0) {
+ auth_request_log_error(auth_request, "sql",
+ "Password query returned multiple matches "
+ "and allow_multiple_rows=no");
+ return -1;
+ }
+ }
+ return 1;
+}
+
static void sql_query_callback(struct sql_result *result,
struct passdb_sql_request *sql_request)
{
struct auth_request *auth_request = sql_request->auth_request;
enum passdb_result passdb_result;
const char *user, *password, *scheme;
+ unsigned int row;
int ret;
+ bool send_last = FALSE;
passdb_result = PASSDB_RESULT_INTERNAL_FAILURE;
+
user = auth_request->user;
- password = NULL;
+ for (row = 0;; row++) {
+ if (row > 0)
+ auth_request_reset_passdb_lookup(auth_request);
- ret = sql_result_next_row(result);
- if (ret < 0) {
- auth_request_log_error(auth_request, "sql",
- "Password query failed: %s",
- sql_result_get_error(result));
- } else if (ret == 0) {
- auth_request_log_info(auth_request, "sql", "unknown user");
- passdb_result = PASSDB_RESULT_USER_UNKNOWN;
- } else {
- sql_query_save_results(result, sql_request);
+ ret = sql_query_next_row(result, sql_request);
+ if (row > 0 && ret == 0) {
+ /* no more rows. use the last result. */
+ send_last = TRUE;
+ break;
+ }
- /* Note that we really want to check if the password field is
- found. Just checking if password is set isn't enough,
- because with proxies we might want to return NULL as
- password. */
- if (sql_result_find_field(result, "password") < 0) {
- auth_request_log_error(auth_request, "sql",
- "Password query must return a field named "
- "'password'");
- } else if (sql_result_next_row(result) > 0) {
- auth_request_log_error(auth_request, "sql",
- "Password query returned multiple matches");
- } else {
+ switch (ret) {
+ case 1:
/* passdb_password may change on the way,
so we'll need to strdup. */
password = t_strdup(auth_request->passdb_password);
if (password == NULL)
auth_request->no_password = TRUE;
passdb_result = PASSDB_RESULT_OK;
+ break;
+ case 0:
+ auth_request_log_info(auth_request, "sql",
+ "unknown user");
+ passdb_result = PASSDB_RESULT_USER_UNKNOWN;
+ password = NULL;
+ break;
+ default:
+ passdb_result = PASSDB_RESULT_INTERNAL_FAILURE;
+ password = NULL;
+ break;
}
- }
- scheme = password_get_scheme(&password);
- /* auth_request_set_field() sets scheme */
- i_assert(password == NULL || scheme != NULL);
+ scheme = password_get_scheme(&password);
+ /* auth_request_set_field() sets scheme */
+ i_assert(password == NULL || scheme != NULL);
- if (auth_request->credentials != -1) {
- passdb_handle_credentials(passdb_result, password, scheme,
- sql_request->callback.lookup_credentials,
- auth_request);
- auth_request_unref(&auth_request);
- return;
- }
+ if (auth_request->credentials != -1) {
+ lookup_credentials_callback_t *callback =
+ sql_request->callback.lookup_credentials;
- /* verify plain */
- if (password == NULL) {
- sql_request->callback.verify_plain(passdb_result, auth_request);
- auth_request_unref(&auth_request);
- return;
+ if (passdb_handle_credentials(passdb_result, password,
+ scheme, callback,
+ auth_request))
+ break;
+ } else {
+ /* verify plain */
+ if (password == NULL)
+ break;
+
+ if (auth_request_password_verify(auth_request,
+ auth_request->mech_password,
+ password, scheme, "sql") > 0) {
+ passdb_result = PASSDB_RESULT_OK;
+ break;
+ }
+ passdb_result = PASSDB_RESULT_PASSWORD_MISMATCH;
+ }
+
+ /* see if there's another row */
}
- ret = auth_request_password_verify(auth_request,
- auth_request->mech_password,
- password, scheme, "sql");
+ if (auth_request->credentials == -1)
+ sql_request->callback.verify_plain(passdb_result, auth_request);
+ else if (send_last) {
+ lookup_credentials_callback_t *callback =
+ sql_request->callback.lookup_credentials;
- sql_request->callback.verify_plain(ret > 0 ? PASSDB_RESULT_OK :
- PASSDB_RESULT_PASSWORD_MISMATCH,
- auth_request);
+ if (!passdb_handle_credentials(PASSDB_RESULT_END_OF_LIST, NULL,
+ NULL, callback, auth_request))
+ i_unreached();
+ }
auth_request_unref(&auth_request);
}
Index: passdb.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb.c,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -d -r1.47 -r1.48
--- passdb.c 15 Feb 2007 11:51:33 -0000 1.47
+++ passdb.c 30 Mar 2007 14:12:46 -0000 1.48
@@ -118,21 +118,19 @@
return password;
}
-void passdb_handle_credentials(enum passdb_result result,
+bool passdb_handle_credentials(enum passdb_result result,
const char *password, const char *scheme,
lookup_credentials_callback_t *callback,
struct auth_request *auth_request)
{
- if (result != PASSDB_RESULT_OK) {
- callback(result, NULL, auth_request);
- return;
- }
+ if (result != PASSDB_RESULT_OK)
+ return callback(result, NULL, auth_request);
password = password == NULL ? NULL :
passdb_get_credentials(auth_request, password, scheme);
if (password == NULL)
result = PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
- callback(result, password, auth_request);
+ return callback(result, password, auth_request);
}
struct auth_passdb *passdb_preinit(struct auth *auth, const char *driver,
Index: passdb.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb.h,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -d -r1.37 -r1.38
--- passdb.h 16 Dec 2006 13:37:32 -0000 1.37
+++ passdb.h 30 Mar 2007 14:12:46 -0000 1.38
@@ -27,6 +27,7 @@
PASSDB_RESULT_USER_UNKNOWN = -3,
PASSDB_RESULT_USER_DISABLED = -4,
PASSDB_RESULT_PASS_EXPIRED = -5,
+ PASSDB_RESULT_END_OF_LIST = -6,
PASSDB_RESULT_PASSWORD_MISMATCH = 0,
PASSDB_RESULT_OK = 1
@@ -34,7 +35,11 @@
typedef void verify_plain_callback_t(enum passdb_result result,
struct auth_request *request);
-typedef void lookup_credentials_callback_t(enum passdb_result result,
+/* Returns TRUE if successful, FALSE if more credentials are wanted
+ (ie. support for multiple passwords). If FALSE is returned, the caller must
+ call this function again. If there are no more results,
+ result=PASSDB_RESULT_END_OF_LIST */
+typedef bool lookup_credentials_callback_t(enum passdb_result result,
const char *password,
struct auth_request *request);
typedef void set_credentials_callback_t(enum passdb_result result,
@@ -80,10 +85,11 @@
passdb_get_credentials(struct auth_request *auth_request,
const char *password, const char *scheme);
-void passdb_handle_credentials(enum passdb_result result,
+bool passdb_handle_credentials(enum passdb_result result,
const char *password, const char *scheme,
lookup_credentials_callback_t *callback,
- struct auth_request *auth_request);
+ struct auth_request *auth_request)
+ __attr_warn_unused_result__;
const char *passdb_credentials_to_str(enum passdb_credentials credentials,
const char *wanted_scheme);
Index: userdb-static.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/userdb-static.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -d -r1.23 -r1.24
--- userdb-static.c 21 Mar 2007 20:13:00 -0000 1.23
+++ userdb-static.c 30 Mar 2007 14:12:46 -0000 1.24
@@ -60,7 +60,7 @@
t_pop();
}
-static void
+static bool
static_credentials_callback(enum passdb_result result,
const char *password __attr_unused__,
struct auth_request *auth_request)
@@ -92,6 +92,7 @@
}
i_free(ctx);
+ return TRUE;
}
static void static_lookup(struct auth_request *auth_request,
More information about the dovecot-cvs
mailing list