dovecot-2.2: auth: Added %{session_pid} variable for userdb look...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.2/rev/9ef23179892a
changeset: 16909:9ef23179892a
user:      Timo Sirainen <tss at iki.fi>
date:      Sat Nov 02 13:52:30 2013 +0200
description:
auth: Added %{session_pid} variable for userdb lookups in login requests.
session_pid is now always sent to auth process. A new request_auth_token
parameter was added to specify if auth_token should be returned or not.

diffstat:

 src/auth/auth-request-handler.c    |  3 ++-
 src/auth/auth-request.c            |  7 ++++++-
 src/auth/auth-request.h            |  3 ++-
 src/lib-master/master-login-auth.c |  3 ++-
 4 files changed, 12 insertions(+), 4 deletions(-)

diffs (78 lines):

diff -r 58dfed53ab43 -r 9ef23179892a src/auth/auth-request-handler.c
--- a/src/auth/auth-request-handler.c	Sat Nov 02 13:34:17 2013 +0200
+++ b/src/auth/auth-request-handler.c	Sat Nov 02 13:52:30 2013 +0200
@@ -669,7 +669,8 @@
 			str_append(str, "\tanonymous");
 		}
 		/* generate auth_token when master service provided session_pid */
-		if (request->session_pid != (pid_t)-1) {
+		if (request->request_auth_token &&
+		    request->session_pid != (pid_t)-1) {
 			const char *auth_token =
 				auth_token_get(request->service,
 					       dec2str(request->session_pid),
diff -r 58dfed53ab43 -r 9ef23179892a src/auth/auth-request.c
--- a/src/auth/auth-request.c	Sat Nov 02 13:34:17 2013 +0200
+++ b/src/auth/auth-request.c	Sat Nov 02 13:52:30 2013 +0200
@@ -331,7 +331,9 @@
 	if (strcmp(key, "session_pid") == 0) {
 		if (str_to_pid(value, &pid) == 0)
 			request->session_pid = pid;
-	} else
+	} else if (strcmp(key, "request_auth_token") == 0)
+		request->request_auth_token = TRUE;
+	else
 		return FALSE;
 	return TRUE;
 }
@@ -1950,6 +1952,7 @@
 	{ '\0', NULL, "domain_first" },
 	{ '\0', NULL, "domain_last" },
 	{ '\0', NULL, "master_user" },
+	{ '\0', NULL, "session_pid" },
 	/* be sure to update AUTH_REQUEST_VAR_TAB_COUNT */
 	{ '\0', NULL, NULL }
 };
@@ -2037,6 +2040,8 @@
 		tab[24].value = escape_func(tab[24].value+1, auth_request);
 	tab[25].value = auth_request->master_user == NULL ? NULL :
 		escape_func(auth_request->master_user, auth_request);
+	tab[26].value = auth_request->session_pid == (pid_t)-1 ? NULL :
+		dec2str(auth_request->session_pid);
 	return ret_tab;
 }
 
diff -r 58dfed53ab43 -r 9ef23179892a src/auth/auth-request.h
--- a/src/auth/auth-request.h	Sat Nov 02 13:34:17 2013 +0200
+++ b/src/auth/auth-request.h	Sat Nov 02 13:52:30 2013 +0200
@@ -108,6 +108,7 @@
 	unsigned int no_penalty:1;
 	unsigned int valid_client_cert:1;
 	unsigned int cert_username:1;
+	unsigned int request_auth_token:1;
 
 	/* success/failure states: */
 	unsigned int successful:1;
@@ -143,7 +144,7 @@
 #define AUTH_REQUEST_VAR_TAB_USER_IDX 0
 #define AUTH_REQUEST_VAR_TAB_USERNAME_IDX 1
 #define AUTH_REQUEST_VAR_TAB_DOMAIN_IDX 2
-#define AUTH_REQUEST_VAR_TAB_COUNT 26
+#define AUTH_REQUEST_VAR_TAB_COUNT 27
 extern const struct var_expand_table
 auth_request_var_expand_static_tab[AUTH_REQUEST_VAR_TAB_COUNT+1];
 
diff -r 58dfed53ab43 -r 9ef23179892a src/lib-master/master-login-auth.c
--- a/src/lib-master/master-login-auth.c	Sat Nov 02 13:34:17 2013 +0200
+++ b/src/lib-master/master-login-auth.c	Sat Nov 02 13:52:30 2013 +0200
@@ -440,8 +440,9 @@
 	str_printfa(str, "REQUEST\t%u\t%u\t%u\t", req->id,
 		    req->client_pid, req->auth_id);
 	binary_to_hex_append(str, req->cookie, sizeof(req->cookie));
+	str_printfa(str, "\tsession_pid=%s", my_pid);
 	if (auth->request_auth_token)
-		str_printfa(str, "\tsession_pid=%s", my_pid);
+		str_append(str, "\trequest_auth_token");
 	str_append_c(str, '\n');
 	o_stream_nsend(auth->output, str_data(str), str_len(str));
 }