dovecot-2.0: auth: Separate auth and login connections. Non-logi...
dovecot at dovecot.org
dovecot at dovecot.org
Wed May 12 17:40:28 EEST 2010
details: http://hg.dovecot.org/dovecot-2.0/rev/1a3c9bd45b11
changeset: 11285:1a3c9bd45b11
user: Timo Sirainen <tss at iki.fi>
date: Wed May 12 16:40:22 2010 +0200
description:
auth: Separate auth and login connections. Non-login requests are freed immediately after auth finished.
The login connections are used by Dovecot internally, while the auth
connections are for SMTP AUTH etc.
diffstat:
src/auth/auth-client-connection.c | 4 +++-
src/auth/auth-client-connection.h | 3 ++-
src/auth/auth-master-connection.c | 9 ++++++---
src/auth/auth-request-handler.c | 7 +++++--
src/auth/auth-request-handler.h | 2 +-
src/auth/auth-settings.c | 2 +-
src/auth/main.c | 25 +++++++++++++++++++------
src/login-common/main.c | 2 +-
8 files changed, 38 insertions(+), 16 deletions(-)
diffs (191 lines):
diff -r a8a8686e6979 -r 1a3c9bd45b11 src/auth/auth-client-connection.c
--- a/src/auth/auth-client-connection.c Wed May 12 16:39:03 2010 +0200
+++ b/src/auth/auth-client-connection.c Wed May 12 16:40:22 2010 +0200
@@ -115,6 +115,7 @@
conn->refcount++;
conn->request_handler =
auth_request_handler_create(auth_callback, conn,
+ !conn->login_requests ? NULL :
auth_master_request_callback);
auth_request_handler_set(conn->request_handler, conn->connect_uid, pid);
@@ -263,7 +264,7 @@
}
struct auth_client_connection *
-auth_client_connection_create(struct auth *auth, int fd)
+auth_client_connection_create(struct auth *auth, int fd, bool login_requests)
{
static unsigned int connect_uid_counter = 0;
struct auth_client_connection *conn;
@@ -273,6 +274,7 @@
conn->auth = auth;
conn->refcount = 1;
conn->connect_uid = ++connect_uid_counter;
+ conn->login_requests = login_requests;
random_fill(conn->cookie, sizeof(conn->cookie));
conn->fd = fd;
diff -r a8a8686e6979 -r 1a3c9bd45b11 src/auth/auth-client-connection.h
--- a/src/auth/auth-client-connection.h Wed May 12 16:39:03 2010 +0200
+++ b/src/auth/auth-client-connection.h Wed May 12 16:40:22 2010 +0200
@@ -17,11 +17,12 @@
uint8_t cookie[MASTER_AUTH_COOKIE_SIZE];
struct auth_request_handler *request_handler;
+ unsigned int login_requests:1;
unsigned int version_received:1;
};
struct auth_client_connection *
-auth_client_connection_create(struct auth *auth, int fd);
+auth_client_connection_create(struct auth *auth, int fd, bool login_requests);
void auth_client_connection_destroy(struct auth_client_connection **conn);
struct auth_client_connection *
diff -r a8a8686e6979 -r 1a3c9bd45b11 src/auth/auth-master-connection.c
--- a/src/auth/auth-master-connection.c Wed May 12 16:39:03 2010 +0200
+++ b/src/auth/auth-master-connection.c Wed May 12 16:40:22 2010 +0200
@@ -100,9 +100,12 @@
client_pid);
(void)o_stream_send_str(conn->output,
t_strdup_printf("FAIL\t%u\n", id));
- } else {
- auth_request_handler_master_request(
- client_conn->request_handler, conn, id, client_id);
+ } else if (!auth_request_handler_master_request(
+ client_conn->request_handler, conn, id, client_id)) {
+ i_error("Master requested auth for non-login client %u",
+ client_pid);
+ (void)o_stream_send_str(conn->output,
+ t_strdup_printf("FAIL\t%u\n", id));
}
return TRUE;
}
diff -r a8a8686e6979 -r 1a3c9bd45b11 src/auth/auth-request-handler.c
--- a/src/auth/auth-request-handler.c Wed May 12 16:39:03 2010 +0200
+++ b/src/auth/auth-request-handler.c Wed May 12 16:40:22 2010 +0200
@@ -536,7 +536,7 @@
auth_request_handler_unref(&handler);
}
-void auth_request_handler_master_request(struct auth_request_handler *handler,
+bool auth_request_handler_master_request(struct auth_request_handler *handler,
struct auth_master_connection *master,
unsigned int id,
unsigned int client_id)
@@ -552,8 +552,10 @@
handler->client_pid, client_id);
auth_stream_reply_add(reply, "FAIL", NULL);
auth_stream_reply_add(reply, NULL, dec2str(id));
+ if (handler->master_callback == NULL)
+ return FALSE;
handler->master_callback(reply, master);
- return;
+ return TRUE;
}
auth_request_ref(request);
@@ -582,6 +584,7 @@
handler->refcount++;
auth_request_lookup_user(request, userdb_callback);
}
+ return TRUE;
}
void auth_request_handler_flush_failures(bool flush_all)
diff -r a8a8686e6979 -r 1a3c9bd45b11 src/auth/auth-request-handler.h
--- a/src/auth/auth-request-handler.h Wed May 12 16:39:03 2010 +0200
+++ b/src/auth/auth-request-handler.h Wed May 12 16:40:22 2010 +0200
@@ -33,7 +33,7 @@
const char *args);
bool auth_request_handler_auth_continue(struct auth_request_handler *handler,
const char *args);
-void auth_request_handler_master_request(struct auth_request_handler *handler,
+bool auth_request_handler_master_request(struct auth_request_handler *handler,
struct auth_master_connection *master,
unsigned int id,
unsigned int client_id);
diff -r a8a8686e6979 -r 1a3c9bd45b11 src/auth/auth-settings.c
--- a/src/auth/auth-settings.c Wed May 12 16:39:03 2010 +0200
+++ b/src/auth/auth-settings.c Wed May 12 16:40:22 2010 +0200
@@ -16,7 +16,7 @@
/* <settings checks> */
static struct file_listener_settings auth_unix_listeners_array[] = {
- { "login/auth", 0666, "", "" },
+ { "login/login", 0666, "", "" },
{ "auth-client", 0600, "", "" },
{ "auth-userdb", 0600, "", "" },
{ "auth-master", 0600, "", "" }
diff -r a8a8686e6979 -r 1a3c9bd45b11 src/auth/main.c
--- a/src/auth/main.c Wed May 12 16:39:03 2010 +0200
+++ b/src/auth/main.c Wed May 12 16:40:22 2010 +0200
@@ -33,6 +33,7 @@
enum auth_socket_type {
AUTH_SOCKET_UNKNOWN = 0,
AUTH_SOCKET_CLIENT,
+ AUTH_SOCKET_LOGIN_CLIENT,
AUTH_SOCKET_MASTER,
AUTH_SOCKET_USERDB
};
@@ -195,20 +196,29 @@
static void client_connected(const struct master_service_connection *conn)
{
enum auth_socket_type *type;
- const char *name, *suffix;
+ const char *path, *name, *suffix;
struct auth *auth;
type = array_idx_modifiable(&listen_fd_types, conn->listen_fd);
if (*type == AUTH_SOCKET_UNKNOWN) {
/* figure out if this is a server or network socket by
checking the socket path name. */
- if (net_getunixname(conn->listen_fd, &name) < 0)
+ if (net_getunixname(conn->listen_fd, &path) < 0)
i_fatal("getsockname(%d) failed: %m", conn->listen_fd);
+ name = strrchr(path, '/');
+ if (name == NULL)
+ name = path;
+ else
+ name++;
+
suffix = strrchr(name, '-');
- if (suffix == NULL)
- *type = AUTH_SOCKET_CLIENT;
- else {
+ if (suffix == NULL) {
+ if (strcmp(name, "login") == 0)
+ *type = AUTH_SOCKET_LOGIN_CLIENT;
+ else
+ *type = AUTH_SOCKET_CLIENT;
+ } else {
suffix++;
if (strcmp(suffix, "master") == 0)
*type = AUTH_SOCKET_MASTER;
@@ -227,8 +237,11 @@
case AUTH_SOCKET_USERDB:
(void)auth_master_connection_create(auth, conn->fd, TRUE);
break;
+ case AUTH_SOCKET_LOGIN_CLIENT:
+ (void)auth_client_connection_create(auth, conn->fd, TRUE);
+ break;
case AUTH_SOCKET_CLIENT:
- (void)auth_client_connection_create(auth, conn->fd);
+ (void)auth_client_connection_create(auth, conn->fd, FALSE);
break;
default:
i_unreached();
diff -r a8a8686e6979 -r 1a3c9bd45b11 src/login-common/main.c
--- a/src/login-common/main.c Wed May 12 16:39:03 2010 +0200
+++ b/src/login-common/main.c Wed May 12 16:40:22 2010 +0200
@@ -297,7 +297,7 @@
client_destroy_oldest);
master_service_set_die_callback(master_service, login_die);
- auth_client = auth_client_init("auth", (unsigned int)getpid(), FALSE);
+ auth_client = auth_client_init("login", (unsigned int)getpid(), FALSE);
auth_client_set_connect_notify(auth_client, auth_connect_notify, NULL);
master_auth = master_auth_init(master_service, login_binary.protocol);
More information about the dovecot-cvs
mailing list