static void lookup_user_callback(enum userdb_result result, struct auth_request *auth_request) { struct auth_worker_client *client = auth_request->context; struct auth_stream_reply *reply = auth_request->userdb_reply; string_t *str; str = t_str_new(128); str_printfa(str, "%u\t", auth_request->id); switch (result) { case USERDB_RESULT_INTERNAL_FAILURE: str_append(str, "FAIL\t"); break; case USERDB_RESULT_USER_UNKNOWN: str_append(str, "NOTFOUND\t"); break; case USERDB_RESULT_OK: str_append(str, "OK\t"); str_append(str, auth_stream_reply_export(reply)); if (auth_request->userdb_lookup_failed) str_append(str, "\ttempfail"); break; } str_append_c(str, '\n'); auth_worker_send_reply(client, str); auth_request_unref(&auth_request); auth_worker_client_check_throttle(client); auth_worker_client_unref(&client); }
static void lookup_credentials_callback(enum passdb_result result, const unsigned char *credentials, size_t size, struct auth_request *request) { struct auth_worker_client *client = request->context; struct auth_stream_reply *reply; string_t *str; if (request->passdb_failure && result == PASSDB_RESULT_OK) result = PASSDB_RESULT_PASSWORD_MISMATCH; reply = auth_stream_reply_init(pool_datastack_create()); auth_stream_reply_add(reply, NULL, dec2str(request->id)); if (result != PASSDB_RESULT_OK) { auth_stream_reply_add(reply, "FAIL", NULL); auth_stream_reply_add(reply, NULL, t_strdup_printf("%d", result)); } else { auth_stream_reply_add(reply, "OK", NULL); auth_stream_reply_add(reply, NULL, request->user); str = t_str_new(64); str_printfa(str, "{%s.b64}", request->credentials_scheme); base64_encode(credentials, size, str); auth_stream_reply_add(reply, NULL, str_c(str)); if (request->extra_fields != NULL) { const char *fields = auth_stream_reply_export(request->extra_fields); auth_stream_reply_import(reply, fields); } if (request->extra_cache_fields != NULL) { const char *fields = auth_stream_reply_export(request->extra_cache_fields); auth_stream_reply_import(reply, fields); } } str = auth_stream_reply_get_str(reply); str_append_c(str, '\n'); auth_worker_send_reply(client, str); auth_request_unref(&request); auth_worker_client_check_throttle(client); auth_worker_client_unref(&client); }
static void verify_plain_callback(enum passdb_result result, struct auth_request *request) { struct auth_worker_client *client = request->context; struct auth_stream_reply *reply; string_t *str; if (request->passdb_failure && result == PASSDB_RESULT_OK) result = PASSDB_RESULT_PASSWORD_MISMATCH; reply = auth_stream_reply_init(pool_datastack_create()); auth_stream_reply_add(reply, NULL, dec2str(request->id)); if (result == PASSDB_RESULT_OK) auth_stream_reply_add(reply, "OK", NULL); else { auth_stream_reply_add(reply, "FAIL", NULL); auth_stream_reply_add(reply, NULL, t_strdup_printf("%d", result)); } if (result != PASSDB_RESULT_INTERNAL_FAILURE) { auth_stream_reply_add(reply, NULL, request->user); auth_stream_reply_add(reply, NULL, request->passdb_password == NULL ? "" : request->passdb_password); if (request->extra_fields != NULL) { const char *fields = auth_stream_reply_export(request->extra_fields); auth_stream_reply_import(reply, fields); } if (request->extra_cache_fields != NULL) { const char *fields = auth_stream_reply_export(request->extra_cache_fields); auth_stream_reply_import(reply, fields); } } str = auth_stream_reply_get_str(reply); str_append_c(str, '\n'); auth_worker_send_reply(client, str); auth_request_unref(&request); auth_worker_client_check_throttle(client); auth_worker_client_unref(&client); }
void checkpassword_setup_env(struct auth_request *request) { /* Besides passing the standard username and password in a pipe, also pass some other possibly interesting information via environment. Use UCSPI names for local/remote IPs. */ env_put("PROTO=TCP"); /* UCSPI */ env_put(t_strconcat("SERVICE=", request->service, NULL)); if (request->local_ip.family != 0) { env_put(t_strconcat("TCPLOCALIP=", net_ip2addr(&request->local_ip), NULL)); /* FIXME: for backwards compatibility only, remove some day */ env_put(t_strconcat("LOCAL_IP=", net_ip2addr(&request->local_ip), NULL)); } if (request->remote_ip.family != 0) { env_put(t_strconcat("TCPREMOTEIP=", net_ip2addr(&request->remote_ip), NULL)); /* FIXME: for backwards compatibility only, remove some day */ env_put(t_strconcat("REMOTE_IP=", net_ip2addr(&request->remote_ip), NULL)); } if (request->local_port != 0) { env_put(t_strdup_printf("TCPLOCALPORT=%u", request->local_port)); } if (request->remote_port != 0) { env_put(t_strdup_printf("TCPREMOTEPORT=%u", request->remote_port)); } if (request->master_user != NULL) { env_put(t_strconcat("MASTER_USER=", request->master_user, NULL)); } if (request->extra_fields != NULL) { const char *fields = auth_stream_reply_export(request->extra_fields); /* extra fields could come from master db */ env_put_extra_fields(fields); } }