dovecot-2.2: auth: Cache master user logins also.

dovecot at dovecot.org dovecot at dovecot.org
Thu Oct 24 15:00:27 EEST 2013 

details:   http://hg.dovecot.org/dovecot-2.2/rev/082ca23fa9f4
changeset: 16879:082ca23fa9f4
user:      Timo Sirainen <tss at iki.fi>
date:      Thu Oct 24 14:59:03 2013 +0300
description:
auth: Cache master user logins also.

diffstat:

 src/auth/auth-cache.c   |  26 +++++++++++++++++---------
 src/auth/auth-request.c |  12 +++++-------
 src/auth/auth-request.h |   2 +-
 src/auth/passdb-cache.c |   4 ++--
 4 files changed, 25 insertions(+), 19 deletions(-)

diffs (139 lines):

diff -r f89e645cba90 -r 082ca23fa9f4 src/auth/auth-cache.c
--- a/src/auth/auth-cache.c	Thu Oct 24 11:25:41 2013 +0300
+++ b/src/auth/auth-cache.c	Thu Oct 24 14:59:03 2013 +0300
@@ -273,19 +273,24 @@
 	const char *data = node->data;
 	unsigned int username_len;
 
-	/* The cache nodes begin with "P"/"U", passdb/userdb ID, "/" and
-	   then usually followed by the username. It's too much trouble to
-	   keep track of all the cache keys, so we'll just match it as if it
-	   was the username. If e.g. '%n' is used in the cache key instead of
-	   '%u', it means that cache entries can be removed only when @domain
-	   isn't in the username parameter. */
+	/* The cache nodes begin with "P"/"U", passdb/userdb ID, optional
+	   "+" master user, "\t" and then usually followed by the username.
+	   It's too much trouble to keep track of all the cache keys, so we'll
+	   just match it as if it was the username. If e.g. '%n' is used in the
+	   cache key instead of '%u', it means that cache entries can be
+	   removed only when @domain isn't in the username parameter. */
 	if (*data != 'P' && *data != 'U')
 		return FALSE;
 	data++;
 
 	while (*data >= '0' && *data <= '9')
 		data++;
-	if (*data != '/')
+	if (*data == '+') {
+		/* skip over +master_user */
+		while (*data != '\t' && *data != '\0')
+			data++;
+	}
+	if (*data != '\t')
 		return FALSE;
 	data++;
 
@@ -339,7 +344,9 @@
 
 	/* Uniquely identify the request's passdb/userdb with the P/U prefix
 	   and by "%!", which expands to the passdb/userdb ID number. */
-	key = t_strconcat(request->userdb_lookup ? "U" : "P", "%!/", key, NULL);
+	key = t_strconcat(request->userdb_lookup ? "U" : "P", "%!",
+			  request->master_user == NULL ? "" : "+%{master_user}",
+			  "\t", key, NULL);
 
 	str = t_str_new(256);
 	var_expand(str, key,
@@ -407,7 +414,8 @@
 	   a master user login */
 	current_username = request->user;
 	if (request->translated_username != NULL &&
-	    request->requested_login_user == NULL)
+	    request->requested_login_user == NULL &&
+	    request->master_user == NULL)
 		request->user = t_strdup_noconst(request->translated_username);
 
 	key = auth_request_expand_cache_key(request, key);
diff -r f89e645cba90 -r 082ca23fa9f4 src/auth/auth-request.c
--- a/src/auth/auth-request.c	Thu Oct 24 11:25:41 2013 +0300
+++ b/src/auth/auth-request.c	Thu Oct 24 14:59:03 2013 +0300
@@ -409,8 +409,7 @@
 		i_unreached();
 	}
 
-	if (passdb_cache == NULL || passdb->cache_key == NULL ||
-	    request->master_user != NULL)
+	if (passdb_cache == NULL || passdb->cache_key == NULL)
 		return;
 
 	if (result < 0) {
@@ -923,8 +922,7 @@
 	string_t *str;
 	const char *cache_value;
 
-	if (passdb_cache == NULL || userdb->cache_key == NULL ||
-	    request->master_user != NULL)
+	if (passdb_cache == NULL || userdb->cache_key == NULL)
 		return;
 
 	if (result == USERDB_RESULT_USER_UNKNOWN)
@@ -956,9 +954,6 @@
 	struct auth_cache_node *node;
 	bool expired, neg_expired;
 
-	if (request->master_user != NULL)
-		return FALSE;
-
 	value = auth_cache_lookup(passdb_cache, request, key, &node,
 				  &expired, &neg_expired);
 	if (value == NULL || (expired && !use_expired)) {
@@ -1951,6 +1946,7 @@
 	{ '\0', NULL, "real_rport" },
 	{ '\0', NULL, "domain_first" },
 	{ '\0', NULL, "domain_last" },
+	{ '\0', NULL, "master_user" },
 	/* be sure to update AUTH_REQUEST_VAR_TAB_COUNT */
 	{ '\0', NULL, NULL }
 };
@@ -2036,6 +2032,8 @@
 	tab[24].value = strrchr(auth_request->user, '@');
 	if (tab[24].value != NULL)
 		tab[24].value = escape_func(tab[24].value+1, auth_request);
+	tab[25].value = auth_request->master_user == NULL ? NULL :
+		escape_func(auth_request->master_user, auth_request);
 	return ret_tab;
 }
 
diff -r f89e645cba90 -r 082ca23fa9f4 src/auth/auth-request.h
--- a/src/auth/auth-request.h	Thu Oct 24 11:25:41 2013 +0300
+++ b/src/auth/auth-request.h	Thu Oct 24 14:59:03 2013 +0300
@@ -143,7 +143,7 @@
 #define AUTH_REQUEST_VAR_TAB_USER_IDX 0
 #define AUTH_REQUEST_VAR_TAB_USERNAME_IDX 1
 #define AUTH_REQUEST_VAR_TAB_DOMAIN_IDX 2
-#define AUTH_REQUEST_VAR_TAB_COUNT 25
+#define AUTH_REQUEST_VAR_TAB_COUNT 26
 extern const struct var_expand_table
 auth_request_var_expand_static_tab[AUTH_REQUEST_VAR_TAB_COUNT+1];
 
diff -r f89e645cba90 -r 082ca23fa9f4 src/auth/passdb-cache.c
--- a/src/auth/passdb-cache.c	Thu Oct 24 11:25:41 2013 +0300
+++ b/src/auth/passdb-cache.c	Thu Oct 24 14:59:03 2013 +0300
@@ -33,7 +33,7 @@
 	int ret;
 	bool expired, neg_expired;
 
-	if (passdb_cache == NULL || key == NULL || request->master_user != NULL)
+	if (passdb_cache == NULL || key == NULL)
 		return FALSE;
 
 	/* value = password \t ... */
@@ -97,7 +97,7 @@
 	struct auth_cache_node *node;
 	bool expired, neg_expired;
 
-	if (passdb_cache == NULL || request->master_user != NULL)
+	if (passdb_cache == NULL)
 		return FALSE;
 
 	value = auth_cache_lookup(passdb_cache, request, key, &node,

More information about the dovecot-cvs mailing list