When will passdb callback to mechanism yield PASSDB_RESULT_NEXT?

Aki Tuomi aki.tuomi at dovecot.fi
Mon May 29 10:11:44 EEST 2017



On 27.05.2017 23:02, Peter Mogensen wrote:
> Hi,
>
> code question...
>
> I've been trying to figure out the implications of the new
> "noauthenticate" passdb field.
>
> Internally it causes a passdb to result in PASSDB_RESULT_NEXT.
>
> When a SASL mechanism calls
> auth_request_lookup_credentials(...,callback) the passdb result is
> passed to the callback.
>
> But I can't really figure out when that result will ever be
> PASSDB_RESULT_NEXT. It seems the passdb fallthrough resolver will
> always replace it with PASSDB_RESULT_INTERNAL_FAILURE if it ends up
> being the last result.
>
> Can it ever leak into the callback or is it an internal intermediate
> value or the passdb resolver?
>
> /Peter

Hi!

PASSDB_RESULT_NEXT is internal result, that should not go out. It's
intention is to point out that authentication is done by next passdb,
and if there is no next passdb, it should fail because no one was able
to authenticate the user (or noauthenticate was seen).

Aki


More information about the dovecot mailing list