dovecot-2.0: lib-auth: Changed API to connect to only a single s...
dovecot at dovecot.org
dovecot at dovecot.org
Thu Oct 8 00:55:17 EEST 2009
details: http://hg.dovecot.org/dovecot-2.0/rev/097588a7903c
changeset: 9984:097588a7903c
user: Timo Sirainen <tss at iki.fi>
date: Wed Oct 07 17:46:14 2009 -0400
description:
lib-auth: Changed API to connect to only a single specified auth socket.
Login processes now always connect to socket called "auth".
diffstat:
18 files changed, 622 insertions(+), 965 deletions(-)
doc/example-config/conf.d/master.conf | 3
src/lib-auth/Makefile.am | 9
src/lib-auth/auth-client-private.h | 20 +
src/lib-auth/auth-client-request.c | 173 +++++++++
src/lib-auth/auth-client-request.h | 12
src/lib-auth/auth-client.c | 185 ++--------
src/lib-auth/auth-client.h | 54 +--
src/lib-auth/auth-server-connection.c | 571 +++++++++++++++++----------------
src/lib-auth/auth-server-connection.h | 43 --
src/lib-auth/auth-server-request.c | 419 ------------------------
src/lib-auth/auth-server-request.h | 13
src/login-common/client-common.h | 2
src/login-common/main.c | 4
src/login-common/sasl-server.c | 30 -
src/pop3-login/client-authenticate.c | 12
src/pop3-login/client.c | 12
src/pop3-login/client.h | 2
src/util/authtest.c | 23 -
diffs (truncated from 2030 to 300 lines):
diff -r 9716b5a4b14a -r 097588a7903c doc/example-config/conf.d/master.conf
--- a/doc/example-config/conf.d/master.conf Wed Oct 07 17:44:38 2009 -0400
+++ b/doc/example-config/conf.d/master.conf Wed Oct 07 17:46:14 2009 -0400
@@ -36,8 +36,7 @@ service auth {
# default
unix_listener {
- # The path must match the auth section name
- path = login/default
+ path = login/auth
mode = 0666
}
diff -r 9716b5a4b14a -r 097588a7903c src/lib-auth/Makefile.am
--- a/src/lib-auth/Makefile.am Wed Oct 07 17:44:38 2009 -0400
+++ b/src/lib-auth/Makefile.am Wed Oct 07 17:46:14 2009 -0400
@@ -5,16 +5,17 @@ AM_CPPFLAGS = \
libauth_la_SOURCES = \
auth-client.c \
+ auth-client-request.c \
auth-master.c \
- auth-server-connection.c \
- auth-server-request.c
+ auth-server-connection.c
headers = \
auth-client.h \
auth-client-interface.h \
+ auth-client-private.h \
+ auth-client-request.h \
auth-master.h \
- auth-server-connection.h \
- auth-server-request.h
+ auth-server-connection.h
if INSTALL_HEADERS
pkginc_libdir=$(pkgincludedir)
diff -r 9716b5a4b14a -r 097588a7903c src/lib-auth/auth-client-private.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/lib-auth/auth-client-private.h Wed Oct 07 17:46:14 2009 -0400
@@ -0,0 +1,20 @@
+#ifndef AUTH_CLIENT_PRIVATE_H
+#define AUTH_CLIENT_PRIVATE_H
+
+#include "auth-client.h"
+
+struct auth_client {
+ char *auth_socket_path;
+ unsigned int client_pid;
+
+ struct auth_server_connection *conn;
+
+ auth_connect_notify_callback_t *connect_notify_callback;
+ void *connect_notify_context;
+
+ unsigned int request_id_counter;
+
+ unsigned int debug:1;
+};
+
+#endif
diff -r 9716b5a4b14a -r 097588a7903c src/lib-auth/auth-client-request.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/lib-auth/auth-client-request.c Wed Oct 07 17:46:14 2009 -0400
@@ -0,0 +1,173 @@
+/* Copyright (c) 2003-2009 Dovecot authors, see the included COPYING file */
+
+#include "lib.h"
+#include "str.h"
+#include "strescape.h"
+#include "ostream.h"
+#include "auth-client-private.h"
+#include "auth-server-connection.h"
+#include "auth-client-request.h"
+
+#include <stdlib.h>
+
+struct auth_client_request {
+ pool_t pool;
+
+ struct auth_server_connection *conn;
+ unsigned int id;
+
+ struct auth_request_info request_info;
+
+ auth_request_callback_t *callback;
+ void *context;
+};
+
+static void auth_server_send_new_request(struct auth_server_connection *conn,
+ struct auth_client_request *request)
+{
+ struct auth_request_info *info = &request->request_info;
+ string_t *str;
+
+ str = t_str_new(512);
+ str_printfa(str, "AUTH\t%u\t", request->id);
+ str_tabescape_write(str, info->mech);
+ str_append(str, "\tservice=");
+ str_tabescape_write(str, info->service);
+
+ if ((info->flags & AUTH_REQUEST_FLAG_SECURED) != 0)
+ str_append(str, "\tsecured");
+ if ((info->flags & AUTH_REQUEST_FLAG_VALID_CLIENT_CERT) != 0)
+ str_append(str, "\tvalid-client-cert");
+
+ if (info->cert_username != NULL) {
+ str_append(str, "\tcert_username=");
+ str_tabescape_write(str, info->cert_username);
+ }
+ if (info->local_ip.family != 0)
+ str_printfa(str, "\tlip=%s", net_ip2addr(&info->local_ip));
+ if (info->remote_ip.family != 0)
+ str_printfa(str, "\trip=%s", net_ip2addr(&info->remote_ip));
+ if (info->local_port != 0)
+ str_printfa(str, "\tlport=%u", info->local_port);
+ if (info->remote_port != 0)
+ str_printfa(str, "\trport=%u", info->remote_port);
+ if (info->initial_resp_base64 != NULL) {
+ str_append(str, "\tresp=");
+ str_tabescape_write(str, info->initial_resp_base64);
+ }
+ str_append_c(str, '\n');
+
+ if (o_stream_send(conn->output, str_data(str), str_len(str)) < 0)
+ i_error("Error sending request to auth server: %m");
+}
+
+struct auth_client_request *
+auth_client_request_new(struct auth_client *client,
+ const struct auth_request_info *request_info,
+ auth_request_callback_t *callback, void *context)
+{
+ struct auth_client_request *request;
+ pool_t pool;
+
+ pool = pool_alloconly_create("auth client request", 512);
+ request = p_new(pool, struct auth_client_request, 1);
+ request->pool = pool;
+ request->conn = client->conn;
+
+ request->request_info = *request_info;
+ request->request_info.mech = p_strdup(pool, request_info->mech);
+ request->request_info.service = p_strdup(pool, request_info->service);
+ request->request_info.cert_username =
+ p_strdup(pool, request_info->cert_username);
+ request->request_info.initial_resp_base64 =
+ p_strdup(pool, request_info->initial_resp_base64);
+
+ request->callback = callback;
+ request->context = context;
+
+ request->id =
+ auth_server_connection_add_request(request->conn, request);
+ T_BEGIN {
+ auth_server_send_new_request(request->conn, request);
+ } T_END;
+ return request;
+}
+
+void auth_client_request_continue(struct auth_client_request *request,
+ const char *data_base64)
+{
+ struct const_iovec iov[3];
+ const char *prefix;
+
+ prefix = t_strdup_printf("CONT\t%u\t", request->id);
+
+ iov[0].iov_base = prefix;
+ iov[0].iov_len = strlen(prefix);
+ iov[1].iov_base = data_base64;
+ iov[1].iov_len = strlen(data_base64);
+ iov[2].iov_base = "\n";
+ iov[2].iov_len = 1;
+
+ if (o_stream_sendv(request->conn->output, iov, 3) < 0)
+ i_error("Error sending continue request to auth server: %m");
+}
+
+void auth_client_request_abort(struct auth_client_request **_request)
+{
+ struct auth_client_request *request = *_request;
+
+ *_request = NULL;
+
+ request->callback(request, AUTH_REQUEST_STATUS_FAIL, NULL, NULL,
+ request->context);
+ request->callback = NULL;
+}
+
+unsigned int auth_client_request_get_id(struct auth_client_request *request)
+{
+ return request->id;
+}
+
+unsigned int
+auth_client_request_get_server_pid(struct auth_client_request *request)
+{
+ return request->conn->server_pid;
+}
+
+bool auth_client_request_is_aborted(struct auth_client_request *request)
+{
+ return request->callback == NULL;
+}
+
+void auth_client_request_server_input(struct auth_client_request *request,
+ enum auth_request_status status,
+ const char *const *args)
+{
+ const char *const *tmp, *base64_data = NULL;
+
+ if (request->callback == NULL) {
+ /* aborted already */
+ return;
+ }
+
+ switch (status) {
+ case AUTH_REQUEST_STATUS_OK:
+ for (tmp = args; *tmp != NULL; tmp++) {
+ if (strncmp(*tmp, "resp=", 5) == 0) {
+ base64_data = *tmp + 5;
+ break;
+ }
+ }
+ break;
+ case AUTH_REQUEST_STATUS_CONTINUE:
+ base64_data = args[0];
+ args = NULL;
+ break;
+ case AUTH_REQUEST_STATUS_FAIL:
+ break;
+ }
+
+ request->callback(request, status, base64_data, args, request->context);
+ if (status != AUTH_REQUEST_STATUS_CONTINUE)
+ pool_unref(&request->pool);
+}
diff -r 9716b5a4b14a -r 097588a7903c src/lib-auth/auth-client-request.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/lib-auth/auth-client-request.h Wed Oct 07 17:46:14 2009 -0400
@@ -0,0 +1,12 @@
+#ifndef AUTH_CLIENT_REQUEST_H
+#define AUTH_CLIENT_REQUEST_H
+
+struct auth_server_connection;
+
+bool auth_client_request_is_aborted(struct auth_client_request *request);
+
+void auth_client_request_server_input(struct auth_client_request *request,
+ enum auth_request_status status,
+ const char *const *args);
+
+#endif
diff -r 9716b5a4b14a -r 097588a7903c src/lib-auth/auth-client.c
--- a/src/lib-auth/auth-client.c Wed Oct 07 17:44:38 2009 -0400
+++ b/src/lib-auth/auth-client.c Wed Oct 07 17:46:14 2009 -0400
@@ -1,118 +1,39 @@
-/* Copyright (c) 2003-2009 Dovecot authors, see the included COPYING file */
+/* Copyright (c) 2005-2009 Dovecot authors, see the included COPYING file */
#include "lib.h"
-#include "buffer.h"
-#include "ioloop.h"
-#include "hash.h"
-#include "auth-client.h"
+#include "array.h"
+#include "auth-client-private.h"
#include "auth-server-connection.h"
-#include <dirent.h>
-#include <sys/stat.h>
-
-#define AUTH_CLIENT_SOCKET_MAX_WAIT_TIME 10
-
-struct auth_client *auth_client_new(unsigned int client_pid)
+struct auth_client *
+auth_client_init(const char *auth_socket_path, unsigned int client_pid,
+ bool debug)
{
struct auth_client *client;
client = i_new(struct auth_client, 1);
- client->pid = client_pid;
- client->available_auth_mechs = buffer_create_dynamic(default_pool, 128);
-
- auth_client_connect_missing_servers(client);
+ client->client_pid = client_pid;
+ client->auth_socket_path = i_strdup(auth_socket_path);
+ client->debug = debug;
+ client->conn = auth_server_connection_init(client);
+ (void)auth_server_connection_connect(client->conn);
return client;
}
-void auth_client_free(struct auth_client **_client)
+void auth_client_deinit(struct auth_client **_client)
{
struct auth_client *client = *_client;
More information about the dovecot-cvs
mailing list