bcb4e51a409d94ae670de96afb8483a4f7855294 |
|
01-Jan-2018 |
Stephan Bosch <stephan.bosch@dovecot.fi> |
Updated copyright notices to include the year 2018. |
2454dfa32c93c20a8522c6ed42fe057baaac9f9a |
|
01-Jan-2017 |
Stephan Bosch <stephan.bosch@dovecot.fi> |
Updated copyright notices to include the year 2017. |
d9a7e950a9cd21f2b4a90ec7759fca9e8fcc7995 |
|
05-Jun-2016 |
Timo Sirainen <timo.sirainen@dovecot.fi> |
global: Fixed mismatched bool vs. int/pointer handling
I don't think these fix any actual bugs. |
a713bc6d09af82c7415ce773d3a187877037112e |
|
03-Jun-2016 |
Baofeng <baofeng.wang@dovecot.com> |
auth: do NOT feed p_strconcat() with NULL
p_strconcat will never take NULL as an valid argument.
Check possible NULL string before calling it. |
2d8f66596f445dd8b399b7032c3f0e9202015b63 |
|
11-Feb-2016 |
Timo Sirainen <timo.sirainen@dovecot.fi> |
auth: Moved all passdb/userdb template handling to auth_passdb/userdb.
This is because passdb_find() and userdb_find() attempts to avoid
duplicating passdbs and userdbs when they have identical driver+args.
This deduplication is useful when using multiple protocol { .. } blocks
that duplicate some passdb/userdb backends. For example we might want
to have only a single SQL connection regardless of how the protocol-specific
passdbs and userdbs are being set up. All the default/override_fields and
result_* settings aren't relevant to the passdb/userdb backends, so removing
them will again allow the deduplication to work correctly. |
74674a53a72dab535c61f455b2246ef2797844ea |
|
11-Feb-2016 |
Timo Sirainen <timo.sirainen@dovecot.fi> |
auth: Moved cache_key from passdb_module to auth_passdb.
This is in preparation for the next changeset, which moves
default/override_fields also to auth_passdb. |
aabc4ae9943c55fcb80963b3a3d3698d4488ba20 |
|
18-Jan-2016 |
Timo Sirainen <timo.sirainen@dovecot.fi> |
auth: If passdbs are required, don't allow only master=yes passdbs.
This fixes a crash:
Panic: file auth-request.c: line 743 (auth_request_is_disabled_master_user):
assertion failed: (request->requested_login_user != NULL)
Which would happen because request->passdb=NULL because there are only
master passdbs. Even if only master passdb is actually needed, there should
still be a non-master passdb for non-master logins to specify what happens
to them. |
02c335c23bf5fa225a467c19f2c063fb0dc7b8c3 |
|
12-Jan-2016 |
Timo Sirainen <timo.sirainen@dovecot.fi> |
global: freshen copyright
git ls-files | xargs perl -p -i -e 's/(\d+)-201[0-5]/$1-2016/g;s/ (201[0-5]) Dovecot/ $1-2016 Dovecot/' |
3a3f0bb25ba19fd61246d3dab686d26dd625ab5c |
|
07-Sep-2015 |
Timo Sirainen <tss@iki.fi> |
auth: Ignore first passdbs that contain skip=unauthenticated.
They can never match anything. |
7cb128dc4cae2a03a742f63ba7afee23c78e3af0 |
|
05-Jan-2015 |
Phil Carmody <phil@dovecot.fi> |
global: freshen copyright
Robomatically:
git ls-files | xargs perl -p -i -e 's/(\d+)-201[0-4]/$1-2015/g;s/ (201[0-4]) Dovecot/ $1-2015 Dovecot/'
Happy 2015 everyone!
Signed-off-by: Phil Carmody <phil@dovecot.fi> |
36f63d7d4997d3893ecc18de1c3742e574a9719c |
|
27-May-2014 |
Phil Carmody <phil@dovecot.fi> |
auth: sparse static cleanup, and some const cleanup
All the consts that are added to pointers represent deep const semantics.
There are other shallow consts that I've not added, as sometimes it's
better to not be const than have something you rely on change when you
think it won't.
Signed-off-by: Phil Carmody <phil@dovecot.fi> |
544a727de8ab0e6c55cab18a7ee475fffdf5eff3 |
|
17-Apr-2014 |
Timo Sirainen <tss@iki.fi> |
auth: If passdb/userdb has a name, use it for the log prefix instead of the driver name. |
a8c5a86d183db25a57bf193c06b41e092ec2e151 |
|
04-Feb-2014 |
Timo Sirainen <tss@iki.fi> |
Updated copyright notices to include year 2014. |
74fb6b5a156c5a61bb6ec827089bb142a10547dd |
|
12-Dec-2013 |
Timo Sirainen <tss@iki.fi> |
auth: Don't crash when userdb hasn't been specified at all. |
cd75c360f244c96b9ee10e01ee3a66fad13183c8 |
|
08-Dec-2013 |
Timo Sirainen <tss@iki.fi> |
auth: Added userdb result_success/failure/tempfail and skip settings, similar to passdb's. |
002442c41f7e0fffc23ae04cfd1d6aa119c10f2e |
|
10-Jul-2013 |
Timo Sirainen <tss@iki.fi> |
auth: Fixed crash for some lookups that didn't specify service name. |
5a580c3a38ced62d4bcc95b8ac7c4f2935b5d294 |
|
02-Feb-2013 |
Timo Sirainen <tss@iki.fi> |
Oops :) Update copyrights to 2013 without breaking all .c files. |
cca4ba2a504d70a9fe9fee37f8433997359de52c |
|
02-Feb-2013 |
Timo Sirainen <tss@iki.fi> |
Updated copyright notices to include year 2013. |
559f278a4c54d9fa7e0f2e96ebceda30562f9009 |
|
30-Jan-2013 |
Timo Sirainen <tss@iki.fi> |
auth: Added passdb { result_* and skip } settings.
passdb { skip = never | authenticated | unauthenticated } can be used to
skip over a passdb lookup based on previous passdb lookups.
passdb { result_success, result_failure, result_internalfail } can be used
to specify what to do on those conditions. Choices as continue,
continue-ok, continue-fail, return, return-ok, return-fail. The -ok and
-fail variants update the current "success" flag, while continue/return uses
the current flag. The authentication succeeds only if the success flag is
set after the last lookup. The continue variants continue to the next
passdb, while return variants finish the lookup immediately. |
4ee00532a265bdfb38539d811fcd12d51210ac35 |
|
19-Aug-2012 |
Timo Sirainen <tss@iki.fi> |
Array API changed: ARRAY_DEFINE(name, type) -> ARRAY(type) name
Easy way to update your existing code:
perl -i -pe 's:ARRAY_DEFINE\(([^,]+), *([^)]+)\);:ARRAY($2) $1;:' **/*.[ch] |
39dcbe101c4538ee25d8b196eab30e5f0faa22ee |
|
04-Jul-2012 |
Timo Sirainen <tss@iki.fi> |
auth: Added CACHE-FLUSH command to flush some/all users from auth cache. |
a10ed8c47534b4c6b6bf2711ccfe577e720a47b4 |
|
23-Jun-2012 |
Timo Sirainen <tss@iki.fi> |
Marked functions parameters that are allowed to be NULL. Some APIs were also changed.
The non-obvious APIs where NULL parameter was changed to "" are
master_service_init() and auth_master_user_list_init().
These checks can currently be enabled only on a patched clang:
http://llvm.org/bugs/show_bug.cgi?id=6786 |
7b2a1f819dba39cc2af722ce7bce1f34fe5f71fe |
|
14-Mar-2012 |
Timo Sirainen <tss@iki.fi> |
auth: If global passdb is missing, don't complain if protocol x and !x { passdb } exists. |
5f5870385cff47efd2f58e7892f251cf13761528 |
|
12-Feb-2012 |
Timo Sirainen <tss@iki.fi> |
Updated copyright notices to include year 2012. |
d82300014d9a5835297bb7c5240a331ce31b456e |
|
09-Jan-2012 |
Timo Sirainen <tss@iki.fi> |
auth: Check also masterdbs when checking if auth mechanism can be used.
Patch by Yubao Liu |
3fc7d2bd299401a2b468b11975aa123f7865c36e |
|
19-Nov-2011 |
Timo Sirainen <tss@iki.fi> |
auth: Moved all i_fatal()s to preinit stage.
This avoids a wrongly configured auth process from rapidly respawning. |
c175b26270b1f321af8765522004ab36bca37f37 |
|
07-Sep-2011 |
Timo Sirainen <tss@iki.fi> |
auth: Don't crash when using default static userdb. |
04052d7cacaa866a3f00afb4e104fa46c04c1dd7 |
|
30-Aug-2011 |
Timo Sirainen <tss@iki.fi> |
auth: Added default_fields and override_fields settings to all passdbs and userdbs. |
2e37d45867d081db150ab78dad303b9077aea24f |
|
04-Mar-2011 |
Timo Sirainen <tss@iki.fi> |
Updated copyright notices to include year 2011. |
183bea41fa640dc8117f3eb45ff935cd81377a84 |
|
04-Mar-2011 |
Timo Sirainen <tss@iki.fi> |
Updated copyright notices to include year 2011. |
9d75363d3fbabc2fbc2d80f06672e3ed8965804a |
|
08-Jun-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Changed how auth deinitilization works.
--HG--
branch : HEAD |
0d97e6efa567b3c853da8bc6894d509731597ee6 |
|
19-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Fixed master user logins.
--HG--
branch : HEAD |
5d60e31c7b701b606067a20bc88dcc8a6de7bbd6 |
|
19-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Fixed support for per-service auth settings.
--HG--
branch : HEAD |
16bb904d0fd67500b0660f4d7b4e2449e7733b76 |
|
14-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Fixed crash at deinit.
--HG--
branch : HEAD |
9ed2951bd0bb1878a27437d7c00611b2baadd614 |
|
13-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Initial support for per-protocol auth settings.
Currently the list of services is hard-coded. This should be changed so that
config lookup returns the service names.
--HG--
branch : HEAD |
21c317a20c4c3784b54fb3e90ee3751870afdcc3 |
|
13-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Moved mechanism list out of struct auth.
It could have been good there, except mechanism list is sent before there's
any knowledge of what type of client is on the other side. Maybe in future
different mechanism list could be given based on the unix socket name.
--HG--
branch : HEAD |
f3d506e525a720f214020ca0f989a1966b30edae |
|
13-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Store args in passdb/userdb_module, so init() doesn't need it as parameter.
--HG--
branch : HEAD |
e48d89622047bd8bbd0475b881ca9377d592f535 |
|
13-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Completely removed struct auth_*db from *db.c
--HG--
branch : HEAD |
849969f639a00eab26791db3cb1b66430420c0cd |
|
13-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: passdb/userdb backends no longer know about struct auth_passdb/auth_userdb.
--HG--
branch : HEAD |
1cc683c5d442a1a3bed5a18c1fb37180cb7ef84b |
|
13-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: auth_penalty is now a global single instance.
--HG--
branch : HEAD |
7289c5600711b45f30fe289ab5b0293b51d87041 |
|
13-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Moved some variables generated from settings to struct auth_settings.
--HG--
branch : HEAD |
4bd3acfc2b2f0d462282469675ab2d799a2e2322 |
|
08-Mar-2010 |
Timo Sirainen <tss@iki.fi> |
auth: Master passdbs weren't working.
--HG--
branch : HEAD |
e59faf65ce864fe95dc00f5d52b8323cdbd0608a |
|
25-Jan-2010 |
Timo Sirainen <tss@iki.fi> |
Updated copyright notices to include year 2010.
--HG--
branch : HEAD |
7bafda1813454621e03615e83d55bccfa7cc56bd |
|
04-Dec-2009 |
Timo Sirainen <tss@iki.fi> |
Removed MEMBER() macro. Require C99 style struct initializer.
--HG--
branch : HEAD |
88ddcd30ed69d9517a07cc729f82fff5288f65a4 |
|
11-Nov-2009 |
Timo Sirainen <tss@iki.fi> |
auth: Another try at connecting to anvil-auth-penalty while still root.
--HG--
branch : HEAD |
f42581dd841281a4434e5c52488e0eda9716c891 |
|
11-Nov-2009 |
Timo Sirainen <tss@iki.fi> |
auth: Connect to anvil-auth-penalty before dropping root privileges.
--HG--
branch : HEAD |
08d6658a4e2ec8104cd1307f6baa75fdb07a24f8 |
|
05-May-2009 |
Mark Washenberger <none@none> |
Renamed headers to prevent collision if they were flattened on an install.
--HG--
branch : HEAD |
a64adf62fa33f2463a86f990217b0c9078531a40 |
|
28-Jan-2009 |
Timo Sirainen <tss@iki.fi> |
Initial commit for config rewrite.
--HG--
branch : HEAD |
ba8566b02903a4b00a39a611d19f421739a09456 |
|
09-Jan-2009 |
Timo Sirainen <tss@iki.fi> |
auth: Code cleanup for specifying what passdb features auth mechanisms need.
--HG--
branch : HEAD |
952f450ce320c226e9dbb50b980dc8c0f9679bf4 |
|
08-Jan-2009 |
Timo Sirainen <tss@iki.fi> |
auth worker processes shouldn't duplicate the auth cache.
--HG--
branch : HEAD |
45312f52ff3a3d4c137447be4c7556500c2f8bf2 |
|
06-Jan-2009 |
Timo Sirainen <tss@iki.fi> |
Updated copyright notices to include year 2009.
--HG--
branch : HEAD |
76b43e4417bab52e913da39b5f5bc2a130d3f149 |
|
01-Jan-2008 |
Timo Sirainen <tss@iki.fi> |
Updated copyright notices to include year 2008.
--HG--
branch : HEAD |
eddd9bf1a1369aea4a2715f6be1137da6d17d293 |
|
05-Dec-2007 |
Timo Sirainen <tss@iki.fi> |
Replaced t_push/t_pop calls with T_FRAME*() macros.
--HG--
branch : HEAD |
78b995972a317f52dd3228468eef6ed18bffe861 |
|
05-Dec-2007 |
Timo Sirainen <tss@iki.fi> |
Allocate auth_realms from auth pool instead of from data stack.
--HG--
branch : HEAD |
22b4f005dac7b5095dde684674818857d559715c |
|
27-Oct-2007 |
Timo Sirainen <tss@iki.fi> |
Master passdbs are in their own list, so allow pass=yes even if a master
passdb is the last in the list.
--HG--
branch : HEAD |
89a126810703c666309310d0f3189e9834d70b5b |
|
16-Sep-2007 |
Timo Sirainen <tss@iki.fi> |
Replaced my Copyright notices. The year range always ends with 2007 now.
My name was replaced with "Dovecot authors". In many cases I didn't really
even own the copyright, so this is more correct.
--HG--
branch : HEAD |
648d24583c1574441c4fa0331a90bd4d6e7996c5 |
|
16-Sep-2007 |
Timo Sirainen <tss@iki.fi> |
pool_unref() now takes ** pointer.
--HG--
branch : HEAD |
6e34c07891fa5de55eb7beedf97eda7b91c65026 |
|
03-Jul-2007 |
Timo Sirainen <tss@iki.fi> |
If no userdbs are defined, fallback to an empty static one.
--HG--
branch : HEAD |
7242e1ce7803b83bc82e239ef111b47c1c72dd4b |
|
09-Jun-2007 |
Andrey Panin <pazke@donpac.ru> |
Further const'ification of struct mech_module.
--HG--
branch : HEAD |
ee5be4287d37f251f683fd2755eafc02504d527c |
|
27-Mar-2007 |
Timo Sirainen <tss@iki.fi> |
Added auth_gssapi_hostname setting.
--HG--
branch : HEAD |
ecb1b2d6236942bf82f822e8d0167f0e160b206d |
|
19-Jan-2007 |
Timo Sirainen <tss@iki.fi> |
Several fixes to handling deinitialization without crashing.
--HG--
branch : HEAD |
35136dd2baf8dc30e4e754294ed81ff48e8c1e64 |
|
08-Nov-2006 |
Timo Sirainen <tss@iki.fi> |
Added auth_request_set_credentials() to modify credentials in passdb and
implemented it for SQL passdb. Added passdb_need_set_credentials boolean to
mechanisms to indicate that it's required (OTP will need it). Patch by
Andrey Panin.
--HG--
branch : HEAD |
fcc55c7332275c51cbbccdb10f51e6421f5c65db |
|
12-Apr-2006 |
Timo Sirainen <tss@iki.fi> |
Added auth_username_format setting.
--HG--
branch : HEAD |
c734b223b9339f310eaebb60926e871c498c2d9e |
|
07-Apr-2006 |
Timo Sirainen <tss@iki.fi> |
auth_verbose_debug_passwords=yes always sets now auth_verbose_debug=yes, and
auth_verbose_debug=yes also sets auth_verbose=yes.
--HG--
branch : HEAD |
21cebe8299b58cff8e622b85fc56fde8764a5e7d |
|
27-Mar-2006 |
Timo Sirainen <timo.sirainen@movial.fi> |
Added auth_master_user_separator setting which allows giving the master username inside the normal username.
--HG--
branch : HEAD |
fcba3a21f3bbc343a077723331e251c1ca2a823d |
|
24-Mar-2006 |
Timo Sirainen <tss@iki.fi> |
Changed "no user databases" error to be hopefully more easier to understand.
--HG--
branch : HEAD |
e4cebadc8dc2e5dafeef8b14510c204f8cb93f5b |
|
24-Mar-2006 |
Timo Sirainen <tss@iki.fi> |
Removed master_no_passdb setting. Added pass setting which can be used to do
the same thing, and other things. Now setting pass=yes to a passdb continues
to next passdb if the lookup succeeded. This allows eg. requiring the user
to be in multiple passdbs, or doing a username conversion before running the
actual userdb, etc.
--HG--
branch : HEAD |
8eb94c5190ba09bb6f6f068eec7bf96750f08d1d |
|
20-Feb-2006 |
Timo Sirainen <timo.sirainen@movial.fi> |
Added support for "master users" who can log in as other people. Currently works only with SASL PLAIN authentication by giving it authorization ID string.
--HG--
branch : HEAD |
6420154390295de70cfd90be8766f2b10f07c1a8 |
|
22-Jan-2006 |
Timo Sirainen <tss@iki.fi> |
Added auth_debug_passwords setting. If it's not enabled, hide all password
strings from logs.
--HG--
branch : HEAD |
d5cebe7f98e63d4e2822863ef2faa4971e8b3a5d |
|
14-Jan-2006 |
Timo Sirainen <tss@iki.fi> |
deinit, unref, destroy, close, free, etc. functions now take a pointer to
their data pointer, and set it to NULL. This makes double-frees less likely
to cause security holes.
--HG--
branch : HEAD |
6ef7e31619edfaa17ed044b45861d106a86191ef |
|
13-Jan-2006 |
Timo Sirainen <tss@iki.fi> |
Added "bool" type and changed all ints that were used as booleans to bool.
--HG--
branch : HEAD |
25ee72451d16374ed27fdbf829f4ec756c778352 |
|
30-Dec-2005 |
Timo Sirainen <tss@iki.fi> |
Added authentication bind support. Patch by J.M. Maurer.
Also cleaned up the LDAP code a bit and made it possible for passdbs to
disable lookup_credentials in runtime.
--HG--
branch : HEAD |
9426f0585f821606cbf332282a57eea24376a765 |
|
28-Dec-2005 |
Timo Sirainen <tss@iki.fi> |
Removed need_passdb from mechanism definitions. passdb_need_plain/credentials is enough to know that. Also give a better error message if no passdbs are set and a mechanism requires passdb.
--HG--
branch : HEAD |
0469ed17dafcc56589ce00960a23f4f06817dfb5 |
|
27-Oct-2005 |
Timo Sirainen <tss@iki.fi> |
Added GSSAPI support. Patch by Jelmer Vernooij and some fixes by
pod@herald.ox.ac.uk
--HG--
branch : HEAD |
b321df9603081896b70ec44635af96d674a9839a |
|
16-Oct-2005 |
Timo Sirainen <tss@iki.fi> |
Separated passdb_module's interface and the actual data struct. Now it's
possible to have multiple passdbs of same type but with different settings.
--HG--
branch : HEAD |
939451389b8e0ad529277b84fe51dab38a8cf77c |
|
01-Oct-2005 |
Timo Sirainen <tss@iki.fi> |
Added ssl_username_from_cert setting. Not actually tested yet..
--HG--
branch : HEAD |
157bce86d0a01477bb8ebd0d380e6b2297f326f7 |
|
24-Sep-2005 |
Timo Sirainen <tss@iki.fi> |
Added deny password databases.
--HG--
branch : HEAD |
367c05967091a2cbfce59b7f274f55b1a0f9e8c9 |
|
16-Apr-2005 |
Timo Sirainen <tss@iki.fi> |
Raised initial pool sizes.
--HG--
branch : HEAD |
e9503210d3521a6833ed62dc332fc42ffb0e7a13 |
|
07-Mar-2005 |
Timo Sirainen <tss@iki.fi> |
Replaced userdb/passdb settings with blocks so it's possible to give
multiple ones. Plaintext password mechanisms now support handling multiple
passdbs, but others don't yet. Also fixed a few memory leaks.
--HG--
branch : HEAD |
66d2db642fe24d555d113ba463e446b038d476ef |
|
28-Feb-2005 |
Timo Sirainen <tss@iki.fi> |
Restructuring of auth code. Balancer auth processes were a bad idea. Usually
the balancer itself took as much CPU as the actual workers because it acted
as a proxy.
Now auth worker means different thing: they're used to execute blocking
passdb and userdb queries. Currently just MySQL (PAM and checkpassword in
TODO).
--HG--
branch : HEAD |
70905e51a5148bd5613cb04720807177474a2496 |
|
09-Jan-2005 |
Timo Sirainen <tss@iki.fi> |
Changed the way multiple auth processes are handled. It no longer uses a pid
appended to socket name but instead there's a balancer process which
proxies the requests to worker processes.
--HG--
branch : HEAD |
49e513d090753ccbf95560b2f3a21f081a5b6c51 |
|
08-Jan-2005 |
Timo Sirainen <tss@iki.fi> |
Added auth_request_log_*().
--HG--
branch : HEAD |
97c339398f1aba6f315b55a9b6ee6b020e33bea4 |
|
07-Jan-2005 |
Timo Sirainen <tss@iki.fi> |
Reorganized the code to have less global/static variables.
--HG--
branch : HEAD |
25757faf029c369a8318349dafe952e2358df1d8 |
|
27-Jan-2003 |
Timo Sirainen <tss@iki.fi> |
We have now separate "userdb" and "passdb". They aren't tied to each others
in any way, so it's possible to use whatever user database with whatever
password database.
Added "static" userdb, which uses same uid/gid for everyone and generates
home directory from given template. This could be useful with PAM, although
insecure since everyone uses same uid.
Not too well tested, and userdb/passdb API still needs to be changed to
asynchronous for sql/ldap/etc lookups.
--HG--
branch : HEAD |
f923659c0e5298263d80622c99f4dc4132b4675b |
|
11-Jan-2003 |
Timo Sirainen <tss@iki.fi> |
Naming change for function typedefs.
--HG--
branch : HEAD |
5c73da5879d783d36849aeb2af23254b587a788b |
|
05-Jan-2003 |
Timo Sirainen <tss@iki.fi> |
Initial support for Cyrus SASL 2 library. I couldn't get it to work yet
though :)
--HG--
branch : HEAD |
c0435c854a0e7246373b9752d163095cc4fbe985 |
|
05-Jan-2003 |
Timo Sirainen <tss@iki.fi> |
Naming style changes, finally got tired of most of the typedefs. Also the
previous enum -> macro change reverted so that we don't use the highest bit
anymore, that's incompatible with old indexes so they will be rebuilt.
--HG--
branch : HEAD |
d0e135d5b32855696a9921921315cdb5ba5abc3a |
|
22-Dec-2002 |
Timo Sirainen <tss@iki.fi> |
t_strsplit() returns now const char **, which removes a few nasty casts.
Removed a few unneded functions and did some small cleanups.
--HG--
branch : HEAD |
c8ffea67272a9893d7d03860746371eb2490c255 |
|
20-Dec-2002 |
Timo Sirainen <tss@iki.fi> |
Instead of just trusting randomness of authentication cookies between
auth<->master<->login process IPC, master now doesn't accept any cookies
from login process which weren't created by it (identified by PID). When
login process dies, all it's pending cookies are also removed, so I can't
see even a theoretical possiblity anymore for exploited login process to
authenticate as someone else.
Also fixed some int -> unsigned int.
--HG--
branch : HEAD |
bb30dbdec689323ec145242403a11d54f8ff90b9 |
|
28-Oct-2002 |
Timo Sirainen <tss@iki.fi> |
Added --enable-asserts (default) and fixed some warnings when building
without. Added i_unreached() to indicate supposedly unreachable code block
and changed a existing i_assert(0) calls to it. Removed return_if_fail() and
return_val_if_fail() macros, they're not useful.
--HG--
branch : HEAD |
43ae45b90718684dbbd67a240e60c52cbc6496ba |
|
09-Oct-2002 |
Timo Sirainen <tss@iki.fi> |
changed all "temporary memory pool" references to "data stack"
--HG--
branch : HEAD |
1215bc4d7e747846f282cf710e61f3768e69238d |
|
22-Aug-2002 |
Timo Sirainen <tss@iki.fi> |
s/user_data/context/ and some s/Data/Context/
--HG--
branch : HEAD |
66251e6ab31e5cc153fe5cae608e416dacafe9cd |
|
08-Aug-2002 |
Timo Sirainen <tss@iki.fi> |
Initial revision
--HG--
branch : HEAD |