dovecot-2.2: auth: Added ":protected" suffix to passdb and userd...
dovecot at dovecot.org
dovecot at dovecot.org
Mon Aug 31 21:12:34 UTC 2015
details: http://hg.dovecot.org/dovecot-2.2/rev/c0e61e4f47ec
changeset: 19054:c0e61e4f47ec
user: Timo Sirainen <tss at iki.fi>
date: Tue Sep 01 00:11:37 2015 +0300
description:
auth: Added ":protected" suffix to passdb and userdb field names.
This means that if the field is set only if it hasn't already been set.
Usually an earlier passdb/userdb would have set the field and this is
setting a default (e.g. per-user settings override per-domain settings).
diffstat:
src/auth/auth-request.c | 31 +++++++++++++++++++++++--------
1 files changed, 23 insertions(+), 8 deletions(-)
diffs (65 lines):
diff -r 6adcfddd354d -r c0e61e4f47ec src/auth/auth-request.c
--- a/src/auth/auth-request.c Mon Aug 31 23:54:24 2015 +0300
+++ b/src/auth/auth-request.c Tue Sep 01 00:11:37 2015 +0300
@@ -1447,11 +1447,20 @@
const char *name, const char *value,
const char *default_scheme)
{
+ unsigned int name_len = strlen(name);
+
i_assert(*name != '\0');
i_assert(value != NULL);
i_assert(request->passdb != NULL);
+ if (name_len > 10 && strcmp(name+name_len-10, ":protected") == 0) {
+ /* set this field only if it hasn't been set before */
+ name = t_strndup(name, name_len-10);
+ if (auth_fields_exists(request->extra_fields, name))
+ return;
+ }
+
if (strcmp(name, "password") == 0) {
auth_request_set_password(request, value,
default_scheme, FALSE);
@@ -1510,14 +1519,12 @@
return;
}
- if ((passdb_cache != NULL &&
- request->passdb->passdb->cache_key != NULL) || worker) {
- /* we'll need to get this field stored into cache,
- or we're a worker and we'll need to send this to the main
- auth process that can store it in the cache. */
- auth_fields_add(request->extra_fields, name, value,
- AUTH_FIELD_FLAG_HIDDEN);
- }
+ /* add the field unconditionally to extra_fields. this is required if
+ a) auth cache is used, b) if we're a worker and we'll need to send
+ this to the main auth process that can store it in the cache,
+ c) for easily checking :protected fields' existence. */
+ auth_fields_add(request->extra_fields, name, value,
+ AUTH_FIELD_FLAG_HIDDEN);
}
void auth_request_set_null_field(struct auth_request *request, const char *name)
@@ -1605,11 +1612,19 @@
void auth_request_set_userdb_field(struct auth_request *request,
const char *name, const char *value)
{
+ unsigned int name_len = strlen(name);
uid_t uid;
gid_t gid;
i_assert(value != NULL);
+ if (name_len > 10 && strcmp(name+name_len-10, ":protected") == 0) {
+ /* set this field only if it hasn't been set before */
+ name = t_strndup(name, name_len-10);
+ if (auth_fields_exists(request->userdb_reply, name))
+ return;
+ }
+
if (strcmp(name, "uid") == 0) {
uid = userdb_parse_uid(request, value);
if (uid == (uid_t)-1) {
More information about the dovecot-cvs
mailing list