static void ldap_lookup_pass(struct auth_request *auth_request,
struct passdb_ldap_request *request)
{
struct passdb_module *_module = auth_request->passdb->passdb;
struct ldap_passdb_module *module =
(struct ldap_passdb_module *)_module;
struct ldap_connection *conn = module->conn;
struct ldap_request_search *srequest = &request->request.search;
const struct var_expand_table *vars;
const char **attr_names = (const char **)conn->pass_attr_names;
string_t *str;
srequest->request.type = LDAP_REQUEST_TYPE_SEARCH;
vars = auth_request_get_var_expand_table(auth_request, ldap_escape);
str = t_str_new(512);
var_expand(str, conn->set.base, vars);
srequest->base = p_strdup(auth_request->pool, str_c(str));
str_truncate(str, 0);
var_expand(str, conn->set.pass_filter, vars);
srequest->filter = p_strdup(auth_request->pool, str_c(str));
srequest->attr_map = &conn->pass_attr_map;
srequest->attributes = conn->pass_attr_names;
auth_request_log_debug(auth_request, "ldap", "pass search: "
"base=%s scope=%s filter=%s fields=%s",
srequest->base, conn->set.scope,
srequest->filter, attr_names == NULL ? "(all)" :
t_strarray_join(attr_names, ","));
srequest->request.callback = ldap_lookup_pass_callback;
db_ldap_request(conn, &srequest->request);
}
static void ldap_bind_lookup_dn(struct auth_request *auth_request,
struct passdb_ldap_request *request)
{
struct passdb_module *_module = auth_request->passdb->passdb;
struct ldap_passdb_module *module =
(struct ldap_passdb_module *)_module;
struct ldap_connection *conn = module->conn;
struct ldap_request_search *srequest = &request->request.search;
const struct var_expand_table *vars;
string_t *str;
srequest->request.type = LDAP_REQUEST_TYPE_SEARCH;
vars = auth_request_get_var_expand_table(auth_request, ldap_escape);
str = t_str_new(512);
var_expand(str, conn->set.base, vars);
srequest->base = p_strdup(auth_request->pool, str_c(str));
str_truncate(str, 0);
var_expand(str, conn->set.pass_filter, vars);
srequest->filter = p_strdup(auth_request->pool, str_c(str));
/* we don't need the attributes to perform authentication, but they
may contain some extra parameters. if a password is returned,
it's just ignored. */
srequest->attr_map = &conn->pass_attr_map;
srequest->attributes = conn->pass_attr_names;
auth_request_log_debug(auth_request, "ldap",
"bind search: base=%s filter=%s",
srequest->base, srequest->filter);
srequest->request.callback = ldap_bind_lookup_dn_callback;
db_ldap_request(conn, &srequest->request);
}
void var_expand_unit_test()
{
LOL lol[1];
LIST* l, *l2;
LIST *expected = list_new( list_new( L0, newstr( "axb" ) ), newstr( "ayb" ) );
LIST *e2;
char axyb[] = "a$(xy)b";
char azb[] = "a$($(z))b";
lol_init(lol);
var_set("xy", list_new( list_new( L0, newstr( "x" ) ), newstr( "y" ) ), VAR_SET );
var_set("z", list_new( L0, newstr( "xy" ) ), VAR_SET );
l = var_expand( 0, axyb, axyb + sizeof(axyb) - 1, lol, 0 );
for ( l2 = l, e2 = expected; l2 && e2; l2 = list_next(l2), e2 = list_next(e2) )
assert( !strcmp( e2->string, l2->string ) );
list_free(l);
l = var_expand( 0, azb, azb + sizeof(azb) - 1, lol, 0 );
for ( l2 = l, e2 = expected; l2 && e2; l2 = list_next(l2), e2 = list_next(e2) )
assert( !strcmp( e2->string, l2->string ) );
list_free(l);
list_free(expected);
lol_free(lol);
}
static const char *
client_get_log_str(struct client *client, const char *msg)
{
static const struct var_expand_table static_tab[3] = {
{ 's', NULL, NULL },
{ '$', NULL, NULL },
{ '\0', NULL, NULL }
};
static const struct var_expand_func_table func_table[] = {
{ "passdb", client_var_expand_func_passdb },
{ NULL, NULL }
};
const struct var_expand_table *var_expand_table;
struct var_expand_table *tab;
char *const *e;
string_t *str, *str2;
unsigned int pos;
var_expand_table = get_var_expand_table(client);
tab = t_malloc(sizeof(static_tab));
memcpy(tab, static_tab, sizeof(static_tab));
str = t_str_new(256);
str2 = t_str_new(128);
for (e = client->set->log_format_elements_split; *e != NULL; e++) {
pos = str_len(str);
var_expand_with_funcs(str, *e, var_expand_table,
func_table, client);
if (have_username_key(*e)) {
/* username is added even if it's empty */
} else {
str_truncate(str2, 0);
var_expand(str2, *e, login_var_expand_empty_tab);
if (strcmp(str_c(str)+pos, str_c(str2)) == 0) {
/* empty %variables, don't add */
str_truncate(str, pos);
continue;
}
}
if (str_len(str) > 0)
str_append(str, ", ");
}
if (str_len(str) > 0)
str_truncate(str, str_len(str)-2);
tab[0].value = t_strdup(str_c(str));
tab[1].value = msg;
str_truncate(str, 0);
var_expand(str, client->set->login_log_format, tab);
return str_c(str);
}
void var_expand_unit_test()
{
LOL lol[1];
LIST* l, *l2;
LIST *expected = list_new( list_new( L0, newstr( "axb" ) ), newstr( "ayb" ) );
LIST *e2;
char axyb[] = "a$(xy)b";
char azb[] = "a$($(z))b";
char path[] = "$(p:W)";
# ifdef OS_CYGWIN
char cygpath[256];
cygwin_conv_to_posix_path("c:\\foo\\bar", cygpath);
# else
char cygpath[] = "/cygdrive/c/foo/bar";
# endif
lol_init(lol);
var_set("xy", list_new( list_new( L0, newstr( "x" ) ), newstr( "y" ) ), VAR_SET );
var_set("z", list_new( L0, newstr( "xy" ) ), VAR_SET );
var_set("p", list_new( L0, newstr( cygpath ) ), VAR_SET );
l = var_expand( 0, axyb, axyb + sizeof(axyb) - 1, lol, 0 );
for ( l2 = l, e2 = expected; l2 && e2; l2 = list_next(l2), e2 = list_next(e2) )
assert( !strcmp( e2->string, l2->string ) );
assert(l2 == 0 && e2 == 0);
list_free(l);
l = var_expand( 0, azb, azb + sizeof(azb) - 1, lol, 0 );
for ( l2 = l, e2 = expected; l2 && e2; l2 = list_next(l2), e2 = list_next(e2) )
assert( !strcmp( e2->string, l2->string ) );
assert(l2 == 0 && e2 == 0);
list_free(l);
l = var_expand( 0, path, path + sizeof(path) - 1, lol, 0 );
assert(l != 0);
assert(list_next(l) == 0);
# ifdef OS_CYGWIN
assert( !strcmp( l->string, "c:\\foo\\bar" ) );
# else
assert( !strcmp( l->string, cygpath ) );
# endif
list_free(l);
list_free(expected);
lol_free(lol);
}
static enum passdb_result
static_save_fields(struct auth_request *request, const char **password_r)
{
struct static_passdb_module *module =
(struct static_passdb_module *)request->passdb->passdb;
const struct var_expand_table *table;
string_t *str = t_str_new(128);
auth_request_log_debug(request, AUTH_SUBSYS_DB, "lookup");
passdb_template_export(module->tmpl, request);
if (module->static_password_tmpl != NULL) {
table = auth_request_get_var_expand_table(request, NULL);
var_expand(str, module->static_password_tmpl, table);
*password_r = str_c(str);
} else if (auth_fields_exists(request->extra_fields, "nopassword")) {
*password_r = "";
} else {
auth_request_log_info(request, AUTH_SUBSYS_DB,
"No password returned (and no nopassword)");
*password_r = NULL;
return PASSDB_RESULT_PASSWORD_MISMATCH;
}
return PASSDB_RESULT_OK;
}
static void test_var_expand_builtin(void)
{
static struct var_expand_test tests[] = {
{ "%{hostname}", NULL, 1 },
{ "%{pid}", NULL, 1 },
{ "a%{env:FOO}b", "abaRb", 1 },
{ "%50Hv", "1f", 1 },
{ "%50Hw", "2e", 1 },
{ "%50Nv", "25", 1 },
{ "%50Nw", "e", 1 },
{ "%{nonexistent}", "UNSUPPORTED_VARIABLE_nonexistent", 0 },
{ "%{nonexistent:default}", "UNSUPPORTED_VARIABLE_nonexistent", 0 },
};
static const struct var_expand_table table[] = {
{ 'v', "value", NULL },
{ 'w', "value2", NULL },
{ '\0', NULL, NULL }
};
string_t *str = t_str_new(128);
const char *error;
unsigned int i;
tests[0].out = my_hostname;
tests[1].out = my_pid;
env_put("FOO=baR");
test_begin("var_expand - builtin");
for (i = 0; i < N_ELEMENTS(tests); i++) {
str_truncate(str, 0);
test_assert_idx(var_expand(str, tests[i].in, table, &error) == tests[i].ret, i);
test_assert_idx(strcmp(tests[i].out, str_c(str)) == 0, i);
}
test_end();
}
static void test_var_expand_ranges(void)
{
static const struct var_expand_test tests[] = {
{ "%v", "value1234", 1 },
{ "%3v", "val", 1 },
{ "%3.2v", "ue", 1 },
{ "%3.-2v", "ue12", 1 },
{ "%-3.2v", "23", 1 },
{ "%0.-1v", "value123", 1 },
{ "%-4.-1v", "123", 1 }
};
static const struct var_expand_table table[] = {
{ 'v', "value1234", NULL },
{ '\0', NULL, NULL }
};
string_t *str = t_str_new(128);
const char *error;
unsigned int i;
test_begin("var_expand - ranges");
for (i = 0; i < N_ELEMENTS(tests); i++) {
str_truncate(str, 0);
test_assert(var_expand(str, tests[i].in, table, &error) == tests[i].ret);
test_assert(strcmp(tests[i].out, str_c(str)) == 0);
}
test_end();
}
void passdb_template_export(struct passdb_template *tmpl,
struct auth_request *auth_request)
{
const struct var_expand_table *table;
string_t *str;
const char *const *args, *value;
unsigned int i, count;
str = t_str_new(256);
table = auth_request_get_var_expand_table(auth_request, NULL);
args = array_get(&tmpl->args, &count);
i_assert((count % 2) == 0);
for (i = 0; i < count; i += 2) {
if (args[i+1] == NULL)
value = "";
else {
str_truncate(str, 0);
var_expand(str, args[i+1], table);
value = str_c(str);
}
auth_request_set_field(auth_request, args[i], value,
STATIC_PASS_SCHEME);
}
}
static struct userdb_iterate_context *
userdb_sql_iterate_init(struct auth_request *auth_request,
userdb_iter_callback_t *callback, void *context)
{
struct userdb_module *_module = auth_request->userdb->userdb;
struct sql_userdb_module *module =
(struct sql_userdb_module *)_module;
struct sql_userdb_iterate_context *ctx;
string_t *query;
query = t_str_new(512);
var_expand(query, module->conn->set.iterate_query,
auth_request_get_var_expand_table(auth_request,
userdb_sql_escape));
ctx = i_new(struct sql_userdb_iterate_context, 1);
ctx->ctx.auth_request = auth_request;
ctx->ctx.callback = callback;
ctx->ctx.context = context;
auth_request_ref(auth_request);
sql_query(module->conn->db, str_c(query),
sql_iter_query_callback, ctx);
auth_request_log_debug(auth_request, AUTH_SUBSYS_DB, "%s", str_c(query));
return &ctx->ctx;
}
static void
mail_user_expand_plugins_envs(struct mail_user *user)
{
const char **envs, *home;
string_t *str;
unsigned int i, count;
if (!array_is_created(&user->set->plugin_envs))
return;
str = t_str_new(256);
envs = array_get_modifiable(&user->set->plugin_envs, &count);
i_assert((count % 2) == 0);
for (i = 0; i < count; i += 2) {
if (user->_home == NULL &&
var_has_key(envs[i+1], 'h', "home") &&
mail_user_get_home(user, &home) <= 0) {
user->error = p_strdup_printf(user->pool,
"userdb didn't return a home directory, "
"but plugin setting %s used it (%%h): %s",
envs[i], envs[i+1]);
return;
}
str_truncate(str, 0);
var_expand(str, envs[i+1], mail_user_var_expand_table(user));
envs[i+1] = p_strdup(user->pool, str_c(str));
}
}
int LS_jam_expand(ls_lua_State *L)
{
LIST *list = L0;
LISTITEM* item;
int index;
int numParams = ls_lua_gettop(L);
if (numParams < 1 || numParams > 1)
return 0;
if (!ls_lua_isstring(L, 1))
return 0;
{
LOL lol;
const char* src = ls_lua_tostring(L, 1);
lol_init(&lol);
list = var_expand(L0, src, src + strlen(src), &lol, 0);
}
ls_lua_newtable(L);
index = 1;
for (item = list_first(list); item; item = list_next(item), ++index)
{
ls_lua_pushnumber(L, index);
ls_lua_pushstring(L, list_value(item));
ls_lua_settable(L, -3);
}
return 1;
}
static void test_var_expand_builtin(void)
{
static struct var_expand_test tests[] = {
{ "%{hostname}", NULL },
{ "%{pid}", NULL },
{ "a%{env:FOO}b", "abaRb" }
};
static struct var_expand_table table[] = {
{ '\0', NULL, NULL }
};
string_t *str = t_str_new(128);
unsigned int i;
tests[0].out = my_hostname;
tests[1].out = my_pid;
env_put("FOO=baR");
test_begin("var_expand");
for (i = 0; i < N_ELEMENTS(tests); i++) {
str_truncate(str, 0);
var_expand(str, tests[i].in, table);
test_assert(strcmp(tests[i].out, str_c(str)) == 0);
}
test_end();
}
LIST *
compile_list(
PARSE *parse,
FRAME *frame )
{
/* voodoo 1 means: s is a copyable string */
char *s = parse->string;
return var_expand( L0, s, s + strlen( s ), frame->args, 1 );
}
LIST *
compile_list(
PARSE *parse,
LOL *args,
int *jmp )
{
/* voodoo 1 means: s is a copyable string */
const char *s = parse->string;
return var_expand( L0, s, s + strlen( s ), args, 1 );
}
static void
passdb_imap_verify_plain(struct auth_request *auth_request,
const char *password,
verify_plain_callback_t *callback)
{
struct passdb_module *_module = auth_request->passdb->passdb;
struct imap_passdb_module *module =
(struct imap_passdb_module *)_module;
struct imap_auth_request *request;
struct imapc_client_settings set;
const struct var_expand_table *table;
string_t *str;
set = module->set;
set.debug = auth_request->set->debug;
set.dns_client_socket_path =
t_strconcat(auth_request->set->base_dir, "/",
DNS_CLIENT_SOCKET_NAME, NULL);
set.password = password;
set.max_idle_time = IMAPC_DEFAULT_MAX_IDLE_TIME;
if (module->set_have_vars) {
str = t_str_new(128);
table = auth_request_get_var_expand_table(auth_request, NULL);
var_expand(str, set.username, table);
set.username = t_strdup(str_c(str));
str_truncate(str, 0);
var_expand(str, set.host, table);
set.host = t_strdup(str_c(str));
}
auth_request_log_debug(auth_request, AUTH_SUBSYS_DB,
"lookup host=%s port=%d", set.host, set.port);
request = p_new(auth_request->pool, struct imap_auth_request, 1);
request->client = imapc_client_init(&set);
request->auth_request = auth_request;
request->verify_callback = callback;
auth_request_ref(auth_request);
imapc_client_login(request->client, passdb_imap_login_callback,
request);
}
static const char *
client_get_log_str(struct client *client, const char *msg)
{
static struct var_expand_table static_tab[3] = {
{ 's', NULL, NULL },
{ '$', NULL, NULL },
{ '\0', NULL, NULL }
};
const struct var_expand_table *var_expand_table;
struct var_expand_table *tab;
const char *p;
char *const *e;
string_t *str;
var_expand_table = get_var_expand_table(client);
tab = t_malloc(sizeof(static_tab));
memcpy(tab, static_tab, sizeof(static_tab));
str = t_str_new(256);
for (e = client->set->log_format_elements_split; *e != NULL; e++) {
for (p = *e; *p != '\0'; p++) {
if (*p != '%' || p[1] == '\0')
continue;
p++;
if (have_key(var_expand_table, p)) {
if (str_len(str) > 0)
str_append(str, ", ");
var_expand(str, *e, var_expand_table);
break;
}
}
}
tab[0].value = t_strdup(str_c(str));
tab[1].value = msg;
str_truncate(str, 0);
var_expand(str, client->set->login_log_format, tab);
return str_c(str);
}
const char *
checkpassword_get_cmd(struct auth_request *request, const char *args,
const char *checkpassword_reply_path)
{
string_t *str;
str = t_str_new(256);
var_expand(str, args,
auth_request_get_var_expand_table(request, NULL));
return t_strconcat(str_c(str), " ", checkpassword_reply_path, NULL);
}
static void passwd_file_lookup(struct auth_request *auth_request,
userdb_callback_t *callback)
{
struct userdb_module *_module = auth_request->userdb->userdb;
struct passwd_file_userdb_module *module =
(struct passwd_file_userdb_module *)_module;
struct passwd_user *pu;
const struct var_expand_table *table;
string_t *str;
const char *key, *value;
char **p;
pu = db_passwd_file_lookup(module->pwf, auth_request,
module->username_format);
if (pu == NULL || pu->uid == 0) {
callback(USERDB_RESULT_USER_UNKNOWN, auth_request);
return;
}
auth_request_init_userdb_reply(auth_request);
if (pu->uid != (uid_t)-1) {
auth_request_set_userdb_field(auth_request, "uid",
dec2str(pu->uid));
}
if (pu->gid != (gid_t)-1) {
auth_request_set_userdb_field(auth_request, "gid",
dec2str(pu->gid));
}
if (pu->home != NULL)
auth_request_set_userdb_field(auth_request, "home", pu->home);
if (pu->extra_fields != NULL) {
str = t_str_new(512);
table = auth_request_get_var_expand_table(auth_request, NULL);
for (p = pu->extra_fields; *p != NULL; p++) {
if (strncmp(*p, "userdb_", 7) != 0)
continue;
key = *p + 7;
value = strchr(key, '=');
if (value != NULL) {
key = t_strdup_until(key, value);
str_truncate(str, 0);
var_expand(str, value + 1, table);
value = str_c(str);
}
auth_request_set_userdb_field(auth_request, key, value);
}
}
callback(USERDB_RESULT_OK, auth_request);
}
struct db_passwd_file *
db_passwd_file_init(const char *path, bool userdb, bool debug)
{
struct db_passwd_file *db;
const char *p;
bool percents = FALSE;
db = db_passwd_file_find(path);
if (db != NULL) {
db->refcount++;
if (userdb)
db_passwd_file_set_userdb(db);
return db;
}
db = i_new(struct db_passwd_file, 1);
db->refcount = 1;
if (userdb)
db_passwd_file_set_userdb(db);
db->debug = debug;
for (p = path; *p != '\0'; p++) {
if (*p == '%' && p[1] != '\0') {
if (var_get_key(++p) == '%')
percents = TRUE;
else
db->vars = TRUE;
}
}
if (percents && !db->vars) {
/* just extra escaped % chars. remove them. */
struct var_expand_table empty_table[1];
string_t *dest;
empty_table[0].key = '\0';
dest = t_str_new(256);
var_expand(dest, path, empty_table);
path = str_c(dest);
}
db->path = i_strdup(path);
if (db->vars) {
hash_table_create(&db->files, default_pool, 0,
str_hash, strcmp);
} else {
db->default_file = passwd_file_new(db, path);
}
db->next = passwd_files;
passwd_files = db;
return db;
}
static void passdb_dict_lookup_pass(struct passdb_dict_request *dict_request)
{
struct auth_request *auth_request = dict_request->auth_request;
struct passdb_module *_module = auth_request->passdb->passdb;
struct dict_passdb_module *module =
(struct dict_passdb_module *)_module;
string_t *key;
const char *password = NULL, *scheme = NULL;
enum passdb_result passdb_result;
int ret;
key = t_str_new(512);
str_append(key, DICT_PATH_SHARED);
var_expand(key, module->conn->set.password_key,
auth_request_get_var_expand_table(auth_request, NULL));
if (*module->conn->set.password_key == '\0') {
auth_request_log_error(auth_request, "dict",
"password_key not specified");
passdb_result = PASSDB_RESULT_INTERNAL_FAILURE;
} else {
passdb_result = passdb_dict_lookup_key(auth_request, module,
str_c(key));
}
if (passdb_result == PASSDB_RESULT_OK) {
/* passdb_password may change on the way,
so we'll need to strdup. */
password = t_strdup(auth_request->passdb_password);
scheme = password_get_scheme(&password);
/* auth_request_set_field() sets scheme */
i_assert(password == NULL || scheme != NULL);
}
if (auth_request->credentials_scheme != NULL) {
passdb_handle_credentials(passdb_result, password, scheme,
dict_request->callback.lookup_credentials,
auth_request);
} else {
if (password != NULL) {
ret = auth_request_password_verify(auth_request,
auth_request->mech_password,
password, scheme, "dict");
passdb_result = ret > 0 ? PASSDB_RESULT_OK :
PASSDB_RESULT_PASSWORD_MISMATCH;
}
dict_request->callback.verify_plain(passdb_result,
auth_request);
}
}
static void
acl_shared_namespace_add(struct mail_namespace *ns,
struct mail_storage *storage, const char *userdomain)
{
static struct var_expand_table static_tab[] = {
{ 'u', NULL, "user" },
{ 'n', NULL, "username" },
{ 'd', NULL, "domain" },
{ '\0', NULL, NULL }
};
struct shared_storage *sstorage = (struct shared_storage *)storage;
struct mail_namespace *new_ns = ns;
struct var_expand_table *tab;
struct mailbox_list_iterate_context *iter;
const struct mailbox_info *info;
const char *p, *mailbox;
string_t *str;
if (strcmp(ns->user->username, userdomain) == 0) {
/* skip ourself */
return;
}
p = strchr(userdomain, '@');
tab = t_malloc_no0(sizeof(static_tab));
memcpy(tab, static_tab, sizeof(static_tab));
tab[0].value = userdomain;
tab[1].value = p == NULL ? userdomain : t_strdup_until(userdomain, p);
tab[2].value = p == NULL ? "" : p + 1;
str = t_str_new(128);
var_expand(str, sstorage->ns_prefix_pattern, tab);
mailbox = str_c(str);
if (shared_storage_get_namespace(&new_ns, &mailbox) < 0)
return;
/* check if there are any mailboxes really visible to us */
iter = mailbox_list_iter_init(new_ns->list, "*",
MAILBOX_LIST_ITER_RETURN_NO_FLAGS);
while ((info = mailbox_list_iter_next(iter)) != NULL)
break;
(void)mailbox_list_iter_deinit(&iter);
if (info == NULL && !acl_ns_prefix_exists(new_ns)) {
/* no visible mailboxes, remove the namespace */
mail_namespace_destroy(new_ns);
}
}
static void doveadm_print_formatted_print(const char *value)
{
if (ctx.format == NULL) {
i_fatal("formatted formatter cannot be used without a format.");
}
struct var_expand_table *entry = array_idx_modifiable(&ctx.headers, ctx.idx++);
entry->value = value;
if (ctx.idx >= array_count(&ctx.headers)) {
var_expand(ctx.buf, ctx.format, array_idx(&ctx.headers,0));
doveadm_print_formatted_flush();
ctx.idx = 0;
}
}
static void doveadm_print_formatted_print(const char *value)
{
if (ctx.format == NULL) {
i_fatal("formatted formatter cannot be used without a format.");
}
const char *error;
struct var_expand_table *entry = array_idx_modifiable(&ctx.headers, ctx.idx++);
entry->value = value;
if (ctx.idx >= array_count(&ctx.headers)) {
if (var_expand(ctx.buf, ctx.format, array_idx(&ctx.headers,0), &error) <= 0) {
i_error("Failed to expand print format '%s': %s",
ctx.format, error);
}
doveadm_print_formatted_flush();
ctx.idx = 0;
}
}
static char *emailmap_get_search_string(const char *str, const char *email)
{
struct varlist vl[3];
const char *realmptr=strrchr(email, '@');/* Guaranteed nonNULL */
static const char userid[]="user";
static const char realm[]="realm";
vl[0].varname=userid;
vl[0].varname_len=sizeof(userid)-1;
vl[0].varvalue=email;
vl[0].varvalue_len=realmptr - email;
vl[1].varname=realm;
vl[1].varname_len=sizeof(realm)-1;
vl[1].varvalue=realmptr+1;
vl[1].varvalue_len=strlen(vl[1].varvalue);
vl[2].varname=NULL;
return (var_expand(str, vl));
}
static void
ldap_verify_plain_auth_bind_userdn(struct auth_request *auth_request,
struct passdb_ldap_request *request)
{
struct passdb_module *_module = auth_request->passdb->passdb;
struct ldap_passdb_module *module =
(struct ldap_passdb_module *)_module;
struct ldap_connection *conn = module->conn;
struct ldap_request_bind *brequest = &request->request.bind;
const struct var_expand_table *vars;
string_t *dn;
brequest->request.type = LDAP_REQUEST_TYPE_BIND;
vars = auth_request_get_var_expand_table(auth_request, ldap_escape);
dn = t_str_new(512);
var_expand(dn, conn->set.auth_bind_userdn, vars);
brequest->dn = p_strdup(auth_request->pool, str_c(dn));
ldap_auth_bind(conn, brequest);
}
static void passwd_file_save_results(struct auth_request *request,
const struct passwd_user *pu,
const char **crypted_pass_r,
const char **scheme_r)
{
const struct var_expand_table *table;
const char *key, *value;
string_t *str;
char **p;
*crypted_pass_r = pu->password != NULL ? pu->password : "";
*scheme_r = password_get_scheme(crypted_pass_r);
if (*scheme_r == NULL)
*scheme_r = request->passdb->passdb->default_pass_scheme;
/* save the password so cache can use it */
auth_request_set_field(request, "password",
*crypted_pass_r, *scheme_r);
if (pu->extra_fields != NULL) {
str = t_str_new(512);
table = auth_request_get_var_expand_table(request, NULL);
for (p = pu->extra_fields; *p != NULL; p++) {
value = strchr(*p, '=');
if (value != NULL) {
key = t_strdup_until(*p, value);
str_truncate(str, 0);
var_expand(str, value + 1, table);
value = str_c(str);
} else {
key = *p;
value = "";
}
auth_request_set_field(request, key, value, NULL);
}
}
}
static void userdb_sql_lookup(struct auth_request *auth_request,
userdb_callback_t *callback)
{
struct userdb_module *_module = auth_request->userdb->userdb;
struct sql_userdb_module *module =
(struct sql_userdb_module *)_module;
struct userdb_sql_request *sql_request;
string_t *query;
query = t_str_new(512);
var_expand(query, module->conn->set.user_query,
auth_request_get_var_expand_table(auth_request,
userdb_sql_escape));
auth_request_ref(auth_request);
sql_request = i_new(struct userdb_sql_request, 1);
sql_request->callback = callback;
sql_request->auth_request = auth_request;
auth_request_log_debug(auth_request, AUTH_SUBSYS_DB, "%s", str_c(query));
sql_query(module->conn->db, str_c(query),
sql_query_callback, sql_request);
}
const char *client_stats(struct client *client)
{
static struct var_expand_table static_tab[] = {
{ 'i', NULL, "input" },
{ 'o', NULL, "output" },
{ '\0', NULL, "session" },
{ '\0', NULL, "fetch_hdr_count" },
{ '\0', NULL, "fetch_hdr_bytes" },
{ '\0', NULL, "fetch_body_count" },
{ '\0', NULL, "fetch_body_bytes" },
{ '\0', NULL, "deleted" },
{ '\0', NULL, "expunged" },
{ '\0', NULL, "trashed" },
{ '\0', NULL, NULL }
};
struct var_expand_table *tab;
string_t *str;
tab = t_malloc(sizeof(static_tab));
memcpy(tab, static_tab, sizeof(static_tab));
tab[0].value = dec2str(i_stream_get_absolute_offset(client->input));
tab[1].value = dec2str(client->output->offset);
tab[2].value = client->session_id;
tab[3].value = dec2str(client->fetch_hdr_count);
tab[4].value = dec2str(client->fetch_hdr_bytes);
tab[5].value = dec2str(client->fetch_body_count);
tab[6].value = dec2str(client->fetch_body_bytes);
tab[7].value = dec2str(client->deleted_count);
tab[8].value = dec2str(client->expunged_count);
tab[9].value = dec2str(client->trashed_count);
str = t_str_new(128);
var_expand(str, client->set->imap_logout_format, tab);
return str_c(str);
}
/*
* Expand an input line and return it.
*
* Returns: 0 on failure
* 1 on success and exp has expanded input
*/
int variable_expansion(JCR *jcr, char *inp, POOLMEM *&exp)
{
var_t *var_ctx;
var_rc_t status;
char *outp;
int in_len, out_len;
int rtn_stat = 0;
in_len = strlen(inp);
outp = NULL;
out_len = 0;
/*
* Create context
*/
if ((status = var_create(&var_ctx)) != VAR_OK) {
Jmsg(jcr, M_ERROR, 0, _("Cannot create var context: ERR=%s\n"), var_strerror(var_ctx, status));
goto bail_out;
}
/*
* Define callback
*/
if ((status = var_config(var_ctx, VAR_CONFIG_CB_VALUE, lookup_var, (void *)jcr)) != VAR_OK) {
Jmsg(jcr, M_ERROR, 0, _("Cannot set var callback: ERR=%s\n"), var_strerror(var_ctx, status));
goto bail_out;
}
/*
* Define special operations
*/
if ((status = var_config(var_ctx, VAR_CONFIG_CB_OPERATION, operate_var, (void *)jcr)) != VAR_OK) {
Jmsg(jcr, M_ERROR, 0, _("Cannot set var operate: ERR=%s\n"), var_strerror(var_ctx, status));
goto bail_out;
}
/*
* Unescape in place
*/
if ((status = var_unescape(var_ctx, inp, in_len, inp, in_len+1, 0)) != VAR_OK) {
Jmsg(jcr, M_ERROR, 0, _("Cannot unescape string: ERR=%s\n"), var_strerror(var_ctx, status));
goto bail_out;
}
in_len = strlen(inp);
/*
* Expand variables
*/
if ((status = var_expand(var_ctx, inp, in_len, &outp, &out_len, 0)) != VAR_OK) {
Jmsg(jcr, M_ERROR, 0, _("Cannot expand expression \"%s\": ERR=%s\n"), inp, var_strerror(var_ctx, status));
goto bail_out;
}
/*
* Unescape once more in place
*/
if ((status = var_unescape(var_ctx, outp, out_len, outp, out_len+1, 1)) != VAR_OK) {
Jmsg(jcr, M_ERROR, 0, _("Cannot unescape string: ERR=%s\n"), var_strerror(var_ctx, status));
goto bail_out;
}
pm_strcpy(exp, outp);
rtn_stat = 1;
bail_out:
/*
* Destroy expansion context
*/
if ((status = var_destroy(var_ctx)) != VAR_OK) {
Jmsg(jcr, M_ERROR, 0, _("Cannot destroy var context: ERR=%s\n"), var_strerror(var_ctx, status));
}
if (outp) {
free(outp);
}
return rtn_stat;
}