History log of /dovecot/src/auth/mech-gssapi.c
Revision Date Author Comments Expand
19557f192d37cd54a1a090a8a26d9d47265e4413 01-Nov-2017 Aki Tuomi <aki.tuomi@dovecot.fi>

global: Fix spelling mistakes in comments Original work by @andreasschulze and @jsoref

/dovecot/doc/example-config/conf.d/20-pop3.conf /dovecot/doc/example-config/conf.d/90-quota.conf /dovecot/m4/notify.m4 auth-request-handler.c db-checkpassword.c db-passwd-file.c mech-gssapi.c /dovecot/src/config/config-parser.c /dovecot/src/director/director-connection.c /dovecot/src/imap-urlauth/imap-urlauth.c /dovecot/src/imap/cmd-sort.c /dovecot/src/lib-dcrypt/ostream-encrypt.c /dovecot/src/lib-fs/fs-metawrap.c /dovecot/src/lib-fts/fts-filter.h /dovecot/src/lib-http/test-http-client-errors.c /dovecot/src/lib-imap-client/imapc-connection.c /dovecot/src/lib-index/mail-cache-transaction.c /dovecot/src/lib-index/mail-index-map-hdr.c /dovecot/src/lib-index/mail-index-map.c /dovecot/src/lib-index/mail-index-strmap.h /dovecot/src/lib-index/mail-index-transaction-finish.c /dovecot/src/lib-index/mail-index-view.c /dovecot/src/lib-index/mail-index.h /dovecot/src/lib-index/mail-transaction-log-private.h /dovecot/src/lib-index/mail-transaction-log.h /dovecot/src/lib-mail/message-part-data.h /dovecot/src/lib-ntlm/ntlm-des.c /dovecot/src/lib-ntlm/ntlm-types.h /dovecot/src/lib-otp/otp-hash.c /dovecot/src/lib-settings/settings.c /dovecot/src/lib-smtp/lmtp-client.h /dovecot/src/lib-ssl-iostream/ostream-openssl.c /dovecot/src/lib-storage/index/dbox-common/dbox-file.c /dovecot/src/lib-storage/index/dbox-single/sdbox-file.h /dovecot/src/lib-storage/index/index-search-mime.c /dovecot/src/lib-storage/index/index-storage.c /dovecot/src/lib-storage/index/maildir/maildir-sync.c /dovecot/src/lib-storage/index/mbox/mbox-sync-rewrite.c /dovecot/src/lib-storage/index/mbox/mbox-sync.c /dovecot/src/lib-storage/list/mailbox-list-index-backend.c /dovecot/src/lib-storage/list/mailbox-list-index-status.c /dovecot/src/lib-storage/mailbox-attribute.c /dovecot/src/lib/array.h /dovecot/src/lib/buffer.c /dovecot/src/lib/failures.c /dovecot/src/lib/ioloop-epoll.c /dovecot/src/lib/ioloop-kqueue.c /dovecot/src/lib/istream.h /dovecot/src/lib/net.h /dovecot/src/lib/path-util.c /dovecot/src/lib/sendfile-util.c /dovecot/src/lib/seq-range-array.h /dovecot/src/lib/wildcard-match.c /dovecot/src/master/sd-daemon.h /dovecot/src/master/service.h /dovecot/src/plugins/acl/acl-backend-vfile-acllist.c /dovecot/src/plugins/fs-compress/fs-compress.c /dovecot/src/plugins/mail-crypt/doveadm-mail-crypt.c /dovecot/src/plugins/mail-crypt/fs-crypt-common.c /dovecot/src/plugins/mail-filter/istream-ext-filter.c /dovecot/src/plugins/mail-filter/ostream-ext-filter.c /dovecot/src/pop3/pop3-client.c
ace06232cfa0e99ecca1040e8553b3216d025768 11-Apr-2017 Timo Sirainen <timo.sirainen@dovecot.fi>

auth: Use mem_equals_timing_safe() for all password hash comparisons. It's unlikely these could be used to perform timing attacks, since the attacker would have to have broken MD5/SHA badly enough to be able to quickly generate string that result in wanted hashes. Still, the extra cost is almost nothing and it's always better to be super paranoid!
2ac5f36aa7c2e7a07ba8815d43a6d7483f62e74c 16-Dec-2016 Timo Sirainen <timo.sirainen@dovecot.fi>

global: Change string position/length from unsigned int to size_t Mainly to avoid truncating >4GB strings, which might potentially cause some security holes. Normally there are other limits, which prevent such excessive strings from being created in the first place. I'm sure this didn't find everything. Maybe everything could be found with compiler warnings. -Wconversion kind of does it, but it gives way too many unnecessary warnings. These were mainly found with: grep " = strlen" egrep "unsigned int.*(size|len)"

auth-cache.c auth-request.c auth-request.h db-checkpassword.c db-ldap.c mech-gssapi.c mech-scram-sha1.c password-scheme.c userdb-dict.c /dovecot/src/config/config-parser-private.h /dovecot/src/config/config-parser.c /dovecot/src/config/config-request.c /dovecot/src/config/doveconf.c /dovecot/src/config/old-set-parser.c /dovecot/src/director/director-connection.c /dovecot/src/doveadm/doveadm-auth-server.c /dovecot/src/doveadm/doveadm-auth.c /dovecot/src/doveadm/doveadm-cmd.c /dovecot/src/doveadm/doveadm-fs.c /dovecot/src/doveadm/doveadm-log.c /dovecot/src/doveadm/doveadm-mail-mailbox.c /dovecot/src/doveadm/doveadm-mail.c /dovecot/src/doveadm/doveadm-print-table.c /dovecot/src/doveadm/doveadm-sis.c /dovecot/src/doveadm/doveadm-util.c /dovecot/src/doveadm/doveadm.c /dovecot/src/doveadm/dsync/dsync-brain-mailbox-tree.c /dovecot/src/doveadm/dsync/dsync-mailbox-tree-sync.c /dovecot/src/doveadm/dsync/dsync-mailbox-tree.c /dovecot/src/imap/cmd-list.c /dovecot/src/imap/cmd-notify.c /dovecot/src/imap/cmd-rename.c /dovecot/src/imap/cmd-subscribe.c /dovecot/src/imap/imap-list.c /dovecot/src/imap/imap-notify.c /dovecot/src/imap/imap-status.c /dovecot/src/imap/main.c /dovecot/src/ipc/main.c /dovecot/src/lib-compression/compression.c /dovecot/src/lib-compression/ostream-bzlib.c /dovecot/src/lib-compression/ostream-lzma.c /dovecot/src/lib-compression/ostream-zlib.c /dovecot/src/lib-dict/dict-db.c /dovecot/src/lib-dict/dict-file.c /dovecot/src/lib-dict/dict-memcached.c /dovecot/src/lib-dict/dict-sql-settings.c /dovecot/src/lib-dict/dict-sql.c /dovecot/src/lib-fs/fs-dict.c /dovecot/src/lib-fs/fs-posix.c /dovecot/src/lib-fs/fs-test.c /dovecot/src/lib-fts/fts-filter-english-possessive.c /dovecot/src/lib-fts/fts-icu.c /dovecot/src/lib-fts/fts-tokenizer-address.c /dovecot/src/lib-fts/test-fts-tokenizer.c /dovecot/src/lib-http/http-client-request.c /dovecot/src/lib-imap-client/imapc-connection.c /dovecot/src/lib-imap/imap-match.c /dovecot/src/lib-imap/imap-parser.c /dovecot/src/lib-imap/imap-quote.c /dovecot/src/lib-imap/imap-utf7.c /dovecot/src/lib-lda/lmtp-client.c /dovecot/src/lib-mail/istream-binary-converter.c /dovecot/src/lib-mail/message-decoder.c /dovecot/src/lib-mail/message-header-decode.c /dovecot/src/lib-mail/test-istream-attachment.c /dovecot/src/lib-mail/test-istream-dot.c /dovecot/src/lib-mail/test-istream-header-filter.c /dovecot/src/lib-mail/test-istream-qp-decoder.c /dovecot/src/lib-mail/test-mbox-from.c /dovecot/src/lib-mail/test-message-header-parser.c /dovecot/src/lib-master/master-login.c /dovecot/src/lib-master/master-service.c /dovecot/src/lib-storage/index/cydir/cydir-save.c /dovecot/src/lib-storage/index/cydir/cydir-sync.h /dovecot/src/lib-storage/index/dbox-common/dbox-file-fix.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-map.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-purge.c /dovecot/src/lib-storage/index/imapc/imapc-list.c /dovecot/src/lib-storage/index/imapc/imapc-search.c /dovecot/src/lib-storage/index/imapc/imapc-storage.c /dovecot/src/lib-storage/index/index-attribute.c /dovecot/src/lib-storage/index/index-mail-headers.c /dovecot/src/lib-storage/index/index-search.c /dovecot/src/lib-storage/index/index-sort.c /dovecot/src/lib-storage/index/maildir/maildir-filename-flags.c /dovecot/src/lib-storage/index/maildir/maildir-save.c /dovecot/src/lib-storage/index/maildir/maildir-uidlist.c /dovecot/src/lib-storage/index/mbox/mbox-storage.c /dovecot/src/lib-storage/index/shared/shared-list.c /dovecot/src/lib-storage/list/mailbox-list-delete.c /dovecot/src/lib-storage/list/mailbox-list-fs-iter.c /dovecot/src/lib-storage/list/mailbox-list-index-backend.c /dovecot/src/lib-storage/list/mailbox-list-index.h /dovecot/src/lib-storage/list/mailbox-list-iter.c /dovecot/src/lib-storage/list/mailbox-list-maildir-iter.c /dovecot/src/lib-storage/list/mailbox-list-maildir.c /dovecot/src/lib-storage/list/mailbox-list-notify-tree.c /dovecot/src/lib-storage/list/mailbox-list-subscriptions.c /dovecot/src/lib-storage/mail-namespace.c /dovecot/src/lib-storage/mail-storage-service.c /dovecot/src/lib-storage/mail-storage.c /dovecot/src/lib-storage/mail-user.c /dovecot/src/lib-storage/mailbox-list.c /dovecot/src/lib-storage/mailbox-tree.c /dovecot/src/lib-storage/mailbox-uidvalidity.c /dovecot/src/lib/array.c /dovecot/src/lib/env-util.c /dovecot/src/lib/failures.c /dovecot/src/lib/istream-base64-encoder.c /dovecot/src/lib/json-parser.c /dovecot/src/lib/module-dir.c /dovecot/src/lib/net.c /dovecot/src/lib/ostream-file.c /dovecot/src/lib/printf-format-fix.c /dovecot/src/lib/printf-format-fix.h /dovecot/src/lib/str-find.c /dovecot/src/lib/str-sanitize.c /dovecot/src/lib/str.c /dovecot/src/lib/strfuncs.c /dovecot/src/lib/test-printf-format-fix.c /dovecot/src/lib/unlink-old-files.c /dovecot/src/lib/var-expand.c /dovecot/src/lmtp/commands.c /dovecot/src/log/log-error-buffer.c /dovecot/src/login-common/client-common-auth.c /dovecot/src/login-common/client-common.c /dovecot/src/login-common/login-proxy-state.c /dovecot/src/master/master-settings.c /dovecot/src/master/service-process.c /dovecot/src/plugins/acl/acl-lookup-dict.c /dovecot/src/plugins/acl/acl-mailbox-list.c /dovecot/src/plugins/dict-ldap/dict-ldap.c /dovecot/src/plugins/fts-solr/fts-backend-solr-old.c /dovecot/src/plugins/fts-solr/fts-backend-solr.c /dovecot/src/plugins/fts-squat/squat-test.c /dovecot/src/plugins/fts/fts-api.c /dovecot/src/plugins/fts/fts-search-args.c /dovecot/src/plugins/imap-acl/imap-acl-plugin.c /dovecot/src/plugins/imap-stats/imap-stats-plugin.c /dovecot/src/plugins/mail-crypt/mail-crypt-pluginenv.c /dovecot/src/plugins/mail-crypt/mail-crypt-userenv.c /dovecot/src/plugins/quota/quota-dirsize.c /dovecot/src/replication/aggregator/replicator-connection.c
9a4542801f04f81385e554ba79b12f50eba1d460 28-Aug-2016 Stephan Bosch <stephan@dovecot.fi>

auth: GSSAPI mechanism: Fix CLang -Wstrict-bool warnings. The GSS_ERROR() macro yields an integer rather than an actual bool value. The krb5_kuserok() function returns a krb_boolean type, which is unsigned int rather than a bool.
ec18e7378947c601cb75ba01261d7787ccd8e4ad 11-Jul-2016 Aki Tuomi <aki.tuomi@dovecot.fi>

gssapi: Add missing PASSDB_RESULT_NEXT clause
814bf67459ad405a157af0b8940602024d7fadfe 23-Sep-2015 Teemu Huovila <teemu.huovila@dovecot.fi>

Remove now-unnecessary direct stdlib.h #includes.

/dovecot/src/anvil/anvil-connection.c /dovecot/src/anvil/main.c auth-client-connection.c auth-master-connection.c auth-request-handler.c auth-request.c auth-token.c auth-worker-client.c auth-worker-server.c checkpassword-reply.c db-checkpassword.c db-dict.c db-ldap.c db-passwd-file.c db-sql.c mech-cram-md5.c mech-digest-md5.c mech-gssapi.c mech-scram-sha1.c mech-winbind.c mech.c passdb-blocking.c passdb-cache.c passdb-dict.c passdb-ldap.c passdb-pam.c passdb-sql.c passdb-vpopmail.c passdb.c password-scheme-scram.c userdb-blocking.c userdb-dict.c userdb-ldap.c userdb-prefetch.c userdb-sql.c userdb-static.c userdb.c /dovecot/src/config/config-connection.c /dovecot/src/config/config-parser.c /dovecot/src/config/doveconf.c /dovecot/src/dict/dict-commands.c /dovecot/src/dict/dict-connection.c /dovecot/src/director/director-test.c /dovecot/src/director/test-user-directory.c /dovecot/src/doveadm/doveadm-auth.c /dovecot/src/doveadm/doveadm-director.c /dovecot/src/doveadm/doveadm-dsync.c /dovecot/src/doveadm/doveadm-dump-index.c /dovecot/src/doveadm/doveadm-kick.c /dovecot/src/doveadm/doveadm-mail.c /dovecot/src/doveadm/doveadm-penalty.c /dovecot/src/doveadm/doveadm-pw.c /dovecot/src/doveadm/doveadm-replicator.c /dovecot/src/doveadm/doveadm-stats.c /dovecot/src/doveadm/doveadm-who.c /dovecot/src/doveadm/doveadm.c /dovecot/src/doveadm/dsync/dsync-ibc-stream.c /dovecot/src/doveadm/dsync/dsync-mailbox-tree.c /dovecot/src/doveadm/dsync/test-dsync-mailbox-tree-sync.c /dovecot/src/imap-hibernate/imap-hibernate-settings.c /dovecot/src/imap-login/client-authenticate.c /dovecot/src/imap-login/imap-proxy.c /dovecot/src/imap-urlauth/imap-urlauth-client.c /dovecot/src/imap-urlauth/imap-urlauth-settings.c /dovecot/src/imap-urlauth/imap-urlauth-worker-settings.c /dovecot/src/imap-urlauth/imap-urlauth-worker.c /dovecot/src/imap-urlauth/imap-urlauth.c /dovecot/src/imap/cmd-fetch.c /dovecot/src/imap/cmd-select.c /dovecot/src/imap/cmd-store.c /dovecot/src/imap/imap-client.c /dovecot/src/imap/imap-commands.c /dovecot/src/imap/imap-fetch-body.c /dovecot/src/imap/imap-fetch.c /dovecot/src/imap/imap-search-args.c /dovecot/src/imap/imap-search.c /dovecot/src/imap/imap-settings.c /dovecot/src/imap/main.c /dovecot/src/indexer/indexer-client.c /dovecot/src/lda/main.c /dovecot/src/lib-auth/auth-client-request.c /dovecot/src/lib-auth/auth-master.c /dovecot/src/lib-auth/auth-server-connection.c /dovecot/src/lib-compression/test-compression.c /dovecot/src/lib-dict/dict-client.c /dovecot/src/lib-dict/dict-db.c /dovecot/src/lib-dict/dict-file.c /dovecot/src/lib-fs/fs-posix.c /dovecot/src/lib-fs/fs-randomfail.c /dovecot/src/lib-fts/test-fts-tokenizer.c /dovecot/src/lib-index/mail-cache-lookup.c /dovecot/src/lib-index/mail-index-sync-ext.c /dovecot/src/lib-index/mail-index-sync.c /dovecot/src/lib-index/mail-index-transaction-sort-appends.c /dovecot/src/lib-index/mail-index-transaction.c /dovecot/src/lib-index/mail-index-view-sync.c /dovecot/src/lib-index/test-mail-index-sync-ext.c /dovecot/src/lib-index/test-mail-index-transaction-finish.c /dovecot/src/lib-index/test-mail-index-transaction-update.c /dovecot/src/lib-index/test-mail-transaction-log-append.c /dovecot/src/lib-lda/duplicate.c /dovecot/src/lib-lda/mail-send.c /dovecot/src/lib-mail/istream-header-filter.c /dovecot/src/lib-mail/rfc2231-parser.c /dovecot/src/lib-mail/test-message-header-decode.c /dovecot/src/lib-master/master-auth.c /dovecot/src/lib-master/master-login-auth.c /dovecot/src/lib-master/master-service-settings.c /dovecot/src/lib-master/master-service.c /dovecot/src/lib-master/test-master-service-settings-cache.c /dovecot/src/lib-otp/otp-parse.c /dovecot/src/lib-settings/settings-parser.c /dovecot/src/lib-sql/driver-mysql.c /dovecot/src/lib-sql/driver-pgsql.c /dovecot/src/lib-sql/sql-api.c /dovecot/src/lib-ssl-iostream/iostream-ssl.c /dovecot/src/lib-storage/index/dbox-common/dbox-file.c /dovecot/src/lib-storage/index/dbox-common/dbox-mail.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-file.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-mail.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-map.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-purge.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-save.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-storage-rebuild.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-sync.c /dovecot/src/lib-storage/index/dbox-single/sdbox-mail.c /dovecot/src/lib-storage/index/dbox-single/sdbox-save.c /dovecot/src/lib-storage/index/dbox-single/sdbox-sync-rebuild.c /dovecot/src/lib-storage/index/index-search.c /dovecot/src/lib-storage/index/index-sort-string.c /dovecot/src/lib-storage/index/index-sort.c /dovecot/src/lib-storage/index/index-storage.c /dovecot/src/lib-storage/index/index-thread-finish.c /dovecot/src/lib-storage/index/index-thread.c /dovecot/src/lib-storage/index/maildir/maildir-copy.c /dovecot/src/lib-storage/index/maildir/maildir-filename-flags.c /dovecot/src/lib-storage/index/maildir/maildir-keywords.c /dovecot/src/lib-storage/index/maildir/maildir-mail.c /dovecot/src/lib-storage/index/maildir/maildir-save.c /dovecot/src/lib-storage/index/maildir/maildir-sync-index.c /dovecot/src/lib-storage/index/maildir/maildir-sync.c /dovecot/src/lib-storage/index/maildir/maildir-uidlist.c /dovecot/src/lib-storage/index/mbox/mbox-lock.c /dovecot/src/lib-storage/index/mbox/mbox-md5-all.c /dovecot/src/lib-storage/index/mbox/mbox-md5-apop3d.c /dovecot/src/lib-storage/index/mbox/mbox-save.c /dovecot/src/lib-storage/index/mbox/mbox-sync-parse.c /dovecot/src/lib-storage/index/mbox/mbox-sync.c /dovecot/src/lib-storage/index/shared/shared-storage.c /dovecot/src/lib-storage/mail-namespace.c /dovecot/src/lib-storage/mail-search-build.c /dovecot/src/lib-storage/mail-search-register-imap.c /dovecot/src/lib-storage/mail-storage-service.c /dovecot/src/lib-storage/mail-storage.c /dovecot/src/lib-storage/mail-user.c /dovecot/src/lib-storage/mailbox-header.c /dovecot/src/lib-storage/mailbox-uidvalidity.c /dovecot/src/lib-storage/mailbox-watch.c /dovecot/src/lib-test/test-common.c /dovecot/src/lib/abspath.c /dovecot/src/lib/array.c /dovecot/src/lib/backtrace-string.c /dovecot/src/lib/compat.c /dovecot/src/lib/data-stack.c /dovecot/src/lib/env-util.c /dovecot/src/lib/failures.c /dovecot/src/lib/file-dotlock.c /dovecot/src/lib/home-expand.c /dovecot/src/lib/hostpid.c /dovecot/src/lib/lib.c /dovecot/src/lib/mempool-alloconly.c /dovecot/src/lib/mempool-datastack.c /dovecot/src/lib/mempool-system.c /dovecot/src/lib/mempool-unsafe-datastack.c /dovecot/src/lib/mmap-anon.c /dovecot/src/lib/module-dir.c /dovecot/src/lib/net.c /dovecot/src/lib/process-title.c /dovecot/src/lib/rand.c /dovecot/src/lib/randgen.c /dovecot/src/lib/restrict-access.c /dovecot/src/lib/test-array.c /dovecot/src/lib/test-base32.c /dovecot/src/lib/test-base64.c /dovecot/src/lib/test-buffer.c /dovecot/src/lib/test-data-stack.c /dovecot/src/lib/test-hash.c /dovecot/src/lib/test-istream-concat.c /dovecot/src/lib/test-istream-seekable.c /dovecot/src/lib/test-istream-tee.c /dovecot/src/lib/test-llist.c /dovecot/src/lib/test-numpack.c /dovecot/src/lib/test-ostream-file.c /dovecot/src/lib/test-priorityq.c /dovecot/src/lib/test-seq-range-array.c /dovecot/src/lib/test-strfuncs.c /dovecot/src/lib/test-strnum.c /dovecot/src/lib/test-timing.c /dovecot/src/lib/test-unichar.c /dovecot/src/lib/timing.c /dovecot/src/lib/unlink-old-files.c /dovecot/src/lib/var-expand.c /dovecot/src/lmtp/main.c /dovecot/src/log/log-connection.c /dovecot/src/login-common/client-common.c /dovecot/src/login-common/login-proxy.c /dovecot/src/login-common/main.c /dovecot/src/login-common/sasl-server.c /dovecot/src/login-common/ssl-proxy-gnutls.c /dovecot/src/master/main.c /dovecot/src/master/sd-daemon.c /dovecot/src/master/service-monitor.c /dovecot/src/master/service-process.c /dovecot/src/plugins/acl/acl-backend.c /dovecot/src/plugins/acl/acl-lookup-dict.c /dovecot/src/plugins/acl/acl-plugin.c /dovecot/src/plugins/acl/acl-storage.c /dovecot/src/plugins/expire/expire-plugin.c /dovecot/src/plugins/expire/expire-set.c /dovecot/src/plugins/fts-solr/fts-solr-plugin.c /dovecot/src/plugins/fts-squat/fts-backend-squat.c /dovecot/src/plugins/fts-squat/squat-trie.c /dovecot/src/plugins/fts/fts-plugin.c /dovecot/src/plugins/fts/fts-storage.c /dovecot/src/plugins/imap-acl/imap-acl-plugin.c /dovecot/src/plugins/imap-quota/imap-quota-plugin.c /dovecot/src/plugins/imap-zlib/imap-zlib-plugin.c /dovecot/src/plugins/lazy-expunge/lazy-expunge-plugin.c /dovecot/src/plugins/mail-log/mail-log-plugin.c /dovecot/src/plugins/notify/notify-plugin.c /dovecot/src/plugins/quota/quota-dict.c /dovecot/src/plugins/quota/quota-dirsize.c /dovecot/src/plugins/quota/quota-fs.c /dovecot/src/plugins/quota/quota-maildir.c /dovecot/src/plugins/quota/quota-plugin.c /dovecot/src/plugins/quota/quota-util.c /dovecot/src/plugins/quota/quota.c /dovecot/src/plugins/replication/replication-plugin.c /dovecot/src/plugins/trash/trash-plugin.c /dovecot/src/plugins/virtual/virtual-search.c /dovecot/src/plugins/virtual/virtual-storage.c /dovecot/src/plugins/virtual/virtual-sync.c /dovecot/src/plugins/zlib/zlib-plugin.c /dovecot/src/pop3-login/client-authenticate.c /dovecot/src/pop3/main.c /dovecot/src/pop3/pop3-client.c /dovecot/src/pop3/pop3-settings.c /dovecot/src/ssl-params/ssl-params-settings.c /dovecot/src/ssl-params/ssl-params.c /dovecot/src/util/gdbhelper.c /dovecot/src/util/maildirlock.c /dovecot/src/util/rawlog.c /dovecot/src/util/script-login.c /dovecot/src/util/script.c /dovecot/src/util/tcpwrap.c
1b81b28b2e7856748cffd7d01052a944b6c80b23 25-Sep-2014 Timo Sirainen <tss@iki.fi>

auth: Mark memory pools as growing and use the same sizes for all mechanisms. Mainly to have DEBUG log fewer warnings.
6135260095e1704ed6edff9d00bdfc043c11429c 17-Apr-2014 Timo Sirainen <tss@iki.fi>

auth: Use special AUTH_SUBSYS_DB/MECH parameters as auth_request_log*() subsystem. This avoids hardcoded strings all over the place and also allows assigning the correct passdb/userdb name for log messages generated by generic passdb/userdb code, which doesn't know exactly where it was called from.
8521def0d87912647884064f4c549935cbdd0c7e 30-Jan-2013 Timo Sirainen <tss@iki.fi>

auth: Fixed compiling GSSAPI after recent changes.
559f278a4c54d9fa7e0f2e96ebceda30562f9009 30-Jan-2013 Timo Sirainen <tss@iki.fi>

auth: Added passdb { result_* and skip } settings. passdb { skip = never | authenticated | unauthenticated } can be used to skip over a passdb lookup based on previous passdb lookups. passdb { result_success, result_failure, result_internalfail } can be used to specify what to do on those conditions. Choices as continue, continue-ok, continue-fail, return, return-ok, return-fail. The -ok and -fail variants update the current "success" flag, while continue/return uses the current flag. The authentication succeeds only if the success flag is set after the last lookup. The continue variants continue to the next passdb, while return variants finish the lookup immediately.
31633d676642b83305b8d46da495d9bb4e2d1ff8 30-Jan-2013 Timo Sirainen <tss@iki.fi>

auth: Cleaned up flags in auth request. Removed those that already exist in extra_fields. It's now slightly slower to check for those flags in extra_fields, but it's going to be easier to make commit/rollback feature to extra_fields.
b1f02eab20719cda8ec4efe229dfd3c6967970f1 17-Jul-2012 Timo Sirainen <tss@iki.fi>

auth: Fixed error handling in GSSAPI when __gss_userok() was used. An invalid username would have been treated as successful and auth process probably would have crashed.
0da7ec741f53fa8a2244421f6c63e0617b0cbf06 17-Jul-2012 Timo Sirainen <tss@iki.fi>

auth: GSSAPI RFC compliancy fixes. Patch by Ben Morrow: The first problem is that, because of the way the client invokes libsasl, it sends a GSSAPI request which does not ask for mutual authentication. This means that on the server gss_accept_sec_context returns GSS_S_COMPLETE with a zero-length output token. Dovecot currently sends this to the client as a zero-length continuation response, but this is incorrect according to RFC 4752: what it ought to do instead is proceed straight to the security layer negotiations, and send a gss_wrap packet. The second is that Cyrus sends an empty authz identity; that is, the security layer negotiation packet, when gss_unwrapped, is exactly 4 bytes long. Dovecot objects to this, but in RFC 4422 this is explicitly allowed, and means the authz identity is identical to the authn identity.
00ef253647b45487e75b8a4a2636f38909eaee51 26-Jun-2012 Timo Sirainen <tss@iki.fi>

gssapi: Allow logging in as users listed in "k5principals" extra field. This also enables other passdb extra fields for gssapi mechanism. Based on patch by Sam Morris.
50782de8a9d5ebe11ee61496b4e695a1d3875230 08-Jun-2010 Timo Sirainen <tss@iki.fi>

auth: Removed unnecessary auth_request callback and context uses. --HG-- branch : HEAD
c14f183857b32b26aaea6a31b57eb801d1fcd386 13-Apr-2010 Timo Sirainen <tss@iki.fi>

Static analyzer warning fix. --HG-- branch : HEAD
1500468f62b0963974f1ba42a6ecf9c9be4381f4 14-Mar-2010 Timo Sirainen <tss@iki.fi>

auth: Compile fix for gssapi. --HG-- branch : HEAD
9ed2951bd0bb1878a27437d7c00611b2baadd614 13-Mar-2010 Timo Sirainen <tss@iki.fi>

auth: Initial support for per-protocol auth settings. Currently the list of services is hard-coded. This should be changed so that config lookup returns the service names. --HG-- branch : HEAD
7bafda1813454621e03615e83d55bccfa7cc56bd 04-Dec-2009 Timo Sirainen <tss@iki.fi>

Removed MEMBER() macro. Require C99 style struct initializer. --HG-- branch : HEAD

/dovecot/src/anvil/anvil-settings.c auth-settings.c auth.c db-ldap.c db-sql.c mech-anonymous.c mech-apop.c mech-cram-md5.c mech-digest-md5.c mech-external.c mech-gssapi.c mech-login.c mech-ntlm.c mech-otp.c mech-plain.c mech-rpa.c mech-skey.c mech-winbind.c passdb-bsdauth.c passdb-checkpassword.c passdb-ldap.c passdb-pam.c passdb-passwd-file.c passdb-passwd.c passdb-shadow.c passdb-sia.c passdb-sql.c passdb-vpopmail.c userdb-checkpassword.c userdb-ldap.c userdb-nss.c userdb-passwd-file.c userdb-passwd.c userdb-prefetch.c userdb-sql.c userdb-static.c userdb-vpopmail.c /dovecot/src/config/config-settings.c /dovecot/src/dict/dict-settings.c /dovecot/src/imap-login/imap-login-settings.c /dovecot/src/imap/imap-settings.c /dovecot/src/lib-dict/dict-client.c /dovecot/src/lib-dict/dict-db.c /dovecot/src/lib-dict/dict-file.c /dovecot/src/lib-dict/dict-sql.c /dovecot/src/lib-index/mail-index-strmap.c /dovecot/src/lib-index/mailbox-list-index.c /dovecot/src/lib-lda/duplicate.c /dovecot/src/lib-lda/lda-settings.c /dovecot/src/lib-master/master-service-settings.c /dovecot/src/lib-settings/settings-parser.c /dovecot/src/lib-sql/driver-mysql.c /dovecot/src/lib-sql/driver-pgsql.c /dovecot/src/lib-sql/driver-sqlite.c /dovecot/src/lib-sql/sql-api.c /dovecot/src/lib-storage/index/cydir/cydir-storage.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-settings.c /dovecot/src/lib-storage/index/dbox-multi/mdbox-storage.c /dovecot/src/lib-storage/index/dbox-single/sdbox-storage.c /dovecot/src/lib-storage/index/maildir/maildir-settings.c /dovecot/src/lib-storage/index/maildir/maildir-storage.c /dovecot/src/lib-storage/index/mbox/mbox-settings.c /dovecot/src/lib-storage/index/mbox/mbox-storage.c /dovecot/src/lib-storage/index/raw/raw-storage.c /dovecot/src/lib-storage/index/shared/shared-list.c /dovecot/src/lib-storage/index/shared/shared-storage.c /dovecot/src/lib-storage/list/mailbox-list-fs.c /dovecot/src/lib-storage/list/mailbox-list-maildir.c /dovecot/src/lib-storage/mail-storage-settings.c /dovecot/src/lib-storage/test-mail-storage.c /dovecot/src/lib-storage/test-mailbox.c /dovecot/src/lib/macros.h /dovecot/src/lib/mempool-alloconly.c /dovecot/src/lib/mempool-datastack.c /dovecot/src/lib/mempool-system-clean.c /dovecot/src/lib/mempool-system.c /dovecot/src/lib/mempool-unsafe-datastack.c /dovecot/src/lmtp/lmtp-settings.c /dovecot/src/log/log-settings.c /dovecot/src/login-common/login-settings.c /dovecot/src/master/master-settings.c /dovecot/src/plugins/acl/acl-backend-vfile.c /dovecot/src/plugins/convert/convert-storage.c /dovecot/src/plugins/fts-lucene/fts-backend-lucene.c /dovecot/src/plugins/fts-solr/fts-backend-solr.c /dovecot/src/plugins/fts-squat/fts-backend-squat.c /dovecot/src/plugins/quota/quota-maildir.c /dovecot/src/plugins/virtual/virtual-storage.c /dovecot/src/pop3-login/pop3-login-settings.c /dovecot/src/pop3/pop3-settings.c /dovecot/src/ssl-params/ssl-params-settings.c /dovecot/src/util/maildirlock.c
3bc82073c6bc12195e4bb63c11ce546fdc0e8db3 09-Oct-2009 Timo Sirainen <tss@iki.fi>

auth: Fixed compiling with --with-gssapi=plugin --HG-- branch : HEAD
39f34a5a2c99a61aacb7e755e40d1cd221f68e86 28-Aug-2009 Timo Sirainen <tss@iki.fi>

gssapi: Apparently all usernames end with NUL. Allow it. --HG-- branch : HEAD
31803cddc7ad83490dbb71e84ed56954af64b8ce 14-Aug-2009 Timo Sirainen <tss@iki.fi>

auth: Check for potentially dangerous NULs in usernames. --HG-- branch : HEAD
5f94d41239988988d70ed6ed7578306c60e77ed6 27-Jul-2009 Timo Sirainen <tss@iki.fi>

gssapi: Error handling fix. --HG-- branch : HEAD
1fb790b0dadd9d7c226e5ff116355f447d68f31c 27-Jul-2009 Timo Sirainen <tss@iki.fi>

gssapi: Fixed compiling for non-MIT/Heimdal GSSAPI implementations (Solaris). --HG-- branch : HEAD
9c9332454f40a8c0ff53074d98ff86d607f76362 27-Jul-2009 Timo Sirainen <tss@iki.fi>

gssapi: Fail authentication if mechanism type isn't Kerberos 5. Also check GSS_KRB5_NT_PRINCIPAL_NAME more correctly. --HG-- branch : HEAD
7dc0c3eba0fe9f24e88b6fd4fb4339f2ab42b815 27-Jul-2009 Timo Sirainen <tss@iki.fi>

gssapi: Don't do krb5_kuserok() to authz_name. It shouldn't be necessary. --HG-- branch : HEAD
aef258ab477801df25b12929a7b9ab6d740d52f2 18-Jul-2009 Timo Sirainen <tss@iki.fi>

GSSAPI: Fixed memory leak on error conditions. --HG-- branch : HEAD
f622620587322fda179727c06df79e162eb5ea8c 08-Jul-2009 Timo Sirainen <tss@iki.fi>

gssapi: Code cleanup. --HG-- branch : HEAD
b55f6e163c6f20505bf4a57ccd085ee0609e92af 08-Jul-2009 Timo Sirainen <tss@iki.fi>

gssapi: Use *userok() functions only when authz_name != authn_name. Some more code cleanups. --HG-- branch : HEAD
7e770ce56e9123b9cadb3bff9d645b4420865a1a 08-Jul-2009 Timo Sirainen <tss@iki.fi>

gssapi: Set username via auth_request_set_username(). This makes GSSAPI also use auth_username_* settings. Also improved logging. --HG-- branch : HEAD
fb51b3deffb527a6703b2077d5fc385fe31ea721 08-Jul-2009 Timo Sirainen <tss@iki.fi>

gssapi: Code cleanups. Logging error level changes. --HG-- branch : HEAD
08d6658a4e2ec8104cd1307f6baa75fdb07a24f8 05-May-2009 Mark Washenberger <none@none>

Renamed headers to prevent collision if they were flattened on an install. --HG-- branch : HEAD

Makefile.am auth-cache.c auth-client-connection.c auth-common.h auth-master-connection.c auth-request-handler.c auth-request.c auth-stream.c auth-worker-client.c auth-worker-server.c auth.c db-checkpassword.c db-ldap.c db-passwd-file.c db-sql.c main.c mech-anonymous.c mech-apop.c mech-cram-md5.c mech-digest-md5.c mech-gssapi.c mech-login.c mech-ntlm.c mech-otp-skey-common.c mech-otp-skey-common.h mech-otp.c mech-plain-common.c mech-plain-common.h mech-plain.c mech-rpa.c mech-skey.c mech-winbind.c mech.c passdb-blocking.c passdb-bsdauth.c passdb-cache.c passdb-checkpassword.c passdb-ldap.c passdb-pam.c passdb-passwd-file.c passdb-passwd.c passdb-shadow.c passdb-sia.c passdb-sql.c passdb-vpopmail.c passdb.c userdb-blocking.c userdb-checkpassword.c userdb-ldap.c userdb-nss.c userdb-passwd-file.c userdb-passwd.c userdb-prefetch.c userdb-sql.c userdb-static.c userdb-vpopmail.c userdb.c /dovecot/src/imap/Makefile.am /dovecot/src/imap/cmd-append.c /dovecot/src/imap/cmd-cancelupdate.c /dovecot/src/imap/cmd-capability.c /dovecot/src/imap/cmd-check.c /dovecot/src/imap/cmd-close.c /dovecot/src/imap/cmd-copy.c /dovecot/src/imap/cmd-create.c /dovecot/src/imap/cmd-delete.c /dovecot/src/imap/cmd-enable.c /dovecot/src/imap/cmd-examine.c /dovecot/src/imap/cmd-expunge.c /dovecot/src/imap/cmd-fetch.c /dovecot/src/imap/cmd-id.c /dovecot/src/imap/cmd-idle.c /dovecot/src/imap/cmd-list.c /dovecot/src/imap/cmd-logout.c /dovecot/src/imap/cmd-lsub.c /dovecot/src/imap/cmd-namespace.c /dovecot/src/imap/cmd-noop.c /dovecot/src/imap/cmd-rename.c /dovecot/src/imap/cmd-search.c /dovecot/src/imap/cmd-select.c /dovecot/src/imap/cmd-sort.c /dovecot/src/imap/cmd-status.c /dovecot/src/imap/cmd-store.c /dovecot/src/imap/cmd-subscribe.c /dovecot/src/imap/cmd-thread.c /dovecot/src/imap/cmd-uid.c /dovecot/src/imap/cmd-unselect.c /dovecot/src/imap/cmd-unsubscribe.c /dovecot/src/imap/cmd-x-cancel.c /dovecot/src/imap/imap-client.c /dovecot/src/imap/imap-client.h /dovecot/src/imap/imap-commands-util.c /dovecot/src/imap/imap-commands-util.h /dovecot/src/imap/imap-commands.c /dovecot/src/imap/imap-commands.h /dovecot/src/imap/imap-common.h /dovecot/src/imap/imap-expunge.c /dovecot/src/imap/imap-fetch-body.c /dovecot/src/imap/imap-fetch.c /dovecot/src/imap/imap-search-args.c /dovecot/src/imap/imap-search.c /dovecot/src/imap/imap-status.c /dovecot/src/imap/imap-sync.c /dovecot/src/imap/mail-storage-callbacks.c /dovecot/src/imap/main.c /dovecot/src/plugins/imap-acl/imap-acl-plugin.c /dovecot/src/plugins/imap-quota/imap-quota-plugin.c /dovecot/src/pop3-login/client-authenticate.c /dovecot/src/pop3/Makefile.am /dovecot/src/pop3/main.c /dovecot/src/pop3/pop3-capability.h /dovecot/src/pop3/pop3-client.c /dovecot/src/pop3/pop3-client.h /dovecot/src/pop3/pop3-commands.c /dovecot/src/pop3/pop3-commands.h /dovecot/src/pop3/pop3-common.h
44fc0a34c39f1ddb3a776918630010867a5dd04e 26-Mar-2009 Timo Sirainen <tss@iki.fi>

Fixed --with-ldap=plugin and --with-gssapi=plugin --HG-- branch : HEAD
c09ed250a0bbfc610ab265a18c17b7edd98b7937 13-Mar-2009 Timo Sirainen <tss@iki.fi>

gssapi: Fix to previous change. --HG-- branch : HEAD
6edf77bf423fe09849a79fd4077a697b8dc14a41 13-Mar-2009 Timo Sirainen <tss@iki.fi>

gssapi: Cross-realm authentication fix. Patch by Bryan Jacobs. --HG-- branch : HEAD
a64adf62fa33f2463a86f990217b0c9078531a40 28-Jan-2009 Timo Sirainen <tss@iki.fi>

Initial commit for config rewrite. --HG-- branch : HEAD

/dovecot/.hgignore /dovecot/TODO /dovecot/configure.in /dovecot/src/Makefile.am Makefile.am auth-client-connection.c auth-master-connection.c auth-request-handler.c auth-request.c auth-settings.c auth-settings.h auth-worker-server.c auth-worker-server.h auth.c auth.h db-ldap.c main.c mech-anonymous.c mech-digest-md5.c mech-gssapi.c mech-rpa.c mech-winbind.c mech.c mech.h passdb-cache.c passdb-cache.h passdb-passwd-file.c passdb.c passdb.h userdb-passwd-file.c userdb-prefetch.c userdb.c userdb.h /dovecot/src/config/Makefile.am /dovecot/src/config/common.h /dovecot/src/config/config-connection.c /dovecot/src/config/config-connection.h /dovecot/src/config/config-parser.c /dovecot/src/config/config-parser.h /dovecot/src/config/main.c /dovecot/src/config/settings-get.pl /dovecot/src/deliver/Makefile.am /dovecot/src/deliver/deliver-settings.c /dovecot/src/deliver/deliver-settings.h /dovecot/src/deliver/deliver.c /dovecot/src/deliver/deliver.h /dovecot/src/imap-login/Makefile.am /dovecot/src/imap-login/client-authenticate.c /dovecot/src/imap-login/client.c /dovecot/src/imap-login/imap-proxy.c /dovecot/src/imap/Makefile.am /dovecot/src/imap/client.c /dovecot/src/imap/client.h /dovecot/src/imap/cmd-append.c /dovecot/src/imap/cmd-capability.c /dovecot/src/imap/cmd-delete.c /dovecot/src/imap/cmd-id.c /dovecot/src/imap/cmd-idle.c /dovecot/src/imap/cmd-subscribe.c /dovecot/src/imap/common.h /dovecot/src/imap/imap-fetch-body.c /dovecot/src/imap/imap-settings.c /dovecot/src/imap/imap-settings.h /dovecot/src/imap/imap-sync.c /dovecot/src/imap/main.c /dovecot/src/lib-settings/Makefile.am /dovecot/src/lib-settings/settings-parser.c /dovecot/src/lib-settings/settings-parser.h /dovecot/src/lib-storage/Makefile.am /dovecot/src/lib-storage/index/cydir/cydir-storage.c /dovecot/src/lib-storage/index/dbox/Makefile.am /dovecot/src/lib-storage/index/dbox/dbox-file.c /dovecot/src/lib-storage/index/dbox/dbox-settings.c /dovecot/src/lib-storage/index/dbox/dbox-settings.h /dovecot/src/lib-storage/index/dbox/dbox-storage.c /dovecot/src/lib-storage/index/dbox/dbox-storage.h /dovecot/src/lib-storage/index/index-mail.c /dovecot/src/lib-storage/index/index-storage.c /dovecot/src/lib-storage/index/index-storage.h /dovecot/src/lib-storage/index/maildir/Makefile.am /dovecot/src/lib-storage/index/maildir/maildir-copy.c /dovecot/src/lib-storage/index/maildir/maildir-keywords.c /dovecot/src/lib-storage/index/maildir/maildir-save.c /dovecot/src/lib-storage/index/maildir/maildir-settings.c /dovecot/src/lib-storage/index/maildir/maildir-settings.h /dovecot/src/lib-storage/index/maildir/maildir-storage.c /dovecot/src/lib-storage/index/maildir/maildir-storage.h /dovecot/src/lib-storage/index/maildir/maildir-uidlist.c /dovecot/src/lib-storage/index/mbox/Makefile.am /dovecot/src/lib-storage/index/mbox/mbox-lock.c /dovecot/src/lib-storage/index/mbox/mbox-mail.c /dovecot/src/lib-storage/index/mbox/mbox-save.c /dovecot/src/lib-storage/index/mbox/mbox-settings.c /dovecot/src/lib-storage/index/mbox/mbox-settings.h /dovecot/src/lib-storage/index/mbox/mbox-storage.c /dovecot/src/lib-storage/index/mbox/mbox-storage.h /dovecot/src/lib-storage/index/mbox/mbox-sync.c /dovecot/src/lib-storage/index/raw/raw-storage.c /dovecot/src/lib-storage/index/shared/shared-storage.c /dovecot/src/lib-storage/list/index-mailbox-list.c /dovecot/src/lib-storage/list/mailbox-list-fs-iter.c /dovecot/src/lib-storage/list/mailbox-list-fs.c /dovecot/src/lib-storage/list/mailbox-list-maildir.c /dovecot/src/lib-storage/list/subscription-file.c /dovecot/src/lib-storage/mail-namespace.c /dovecot/src/lib-storage/mail-namespace.h /dovecot/src/lib-storage/mail-storage-private.h /dovecot/src/lib-storage/mail-storage-settings.c /dovecot/src/lib-storage/mail-storage-settings.h /dovecot/src/lib-storage/mail-storage.c /dovecot/src/lib-storage/mail-storage.h /dovecot/src/lib-storage/mail-user.c /dovecot/src/lib-storage/mail-user.h /dovecot/src/lib-storage/mailbox-list-private.h /dovecot/src/lib-storage/mailbox-list.c /dovecot/src/lib-storage/mailbox-list.h /dovecot/src/lib/array-decl.h /dovecot/src/login-common/Makefile.am /dovecot/src/login-common/client-common.c /dovecot/src/login-common/common.h /dovecot/src/login-common/login-settings.c /dovecot/src/login-common/login-settings.h /dovecot/src/login-common/main.c /dovecot/src/login-common/master.c /dovecot/src/login-common/sasl-server.c /dovecot/src/login-common/ssl-proxy-openssl.c /dovecot/src/master/Makefile.am /dovecot/src/master/auth-process.c /dovecot/src/master/child-process.c /dovecot/src/master/child-process.h /dovecot/src/master/dict-process.c /dovecot/src/master/listener.c /dovecot/src/master/listener.h /dovecot/src/master/login-process.c /dovecot/src/master/login-process.h /dovecot/src/master/mail-process.c /dovecot/src/master/mail-process.h /dovecot/src/master/main.c /dovecot/src/master/master-settings-defs.c /dovecot/src/master/master-settings.c /dovecot/src/master/master-settings.h /dovecot/src/master/ssl-init.c /dovecot/src/plugins/acl/acl-mailbox-list.c /dovecot/src/plugins/fts-lucene/fts-backend-lucene.c /dovecot/src/plugins/fts-squat/fts-backend-squat.c /dovecot/src/plugins/fts/fts-storage.c /dovecot/src/plugins/imap-acl/imap-acl-plugin.c /dovecot/src/plugins/imap-quota/imap-quota-plugin.c /dovecot/src/plugins/mbox-snarf/mbox-snarf-plugin.c /dovecot/src/plugins/virtual/virtual-storage.c /dovecot/src/pop3-login/Makefile.am /dovecot/src/pop3-login/client-authenticate.c /dovecot/src/pop3-login/client.c /dovecot/src/pop3-login/pop3-proxy.c /dovecot/src/pop3/Makefile.am /dovecot/src/pop3/client.c /dovecot/src/pop3/client.h /dovecot/src/pop3/commands.c /dovecot/src/pop3/common.h /dovecot/src/pop3/main.c /dovecot/src/pop3/pop3-settings.c /dovecot/src/pop3/pop3-settings.h
ba8566b02903a4b00a39a611d19f421739a09456 09-Jan-2009 Timo Sirainen <tss@iki.fi>

auth: Code cleanup for specifying what passdb features auth mechanisms need. --HG-- branch : HEAD
24c4835905c0a7ba5a7caa1666af5daef6233303 11-Sep-2008 Timo Sirainen <tss@iki.fi>

GSSAPI: stdlib.h wasn't included with all OSes, causing crash at startup with 64bit systems. --HG-- branch : HEAD
6e873f135368bcfdd1de4458dded791d0c4d00cd 13-Aug-2008 Timo Sirainen <tss@iki.fi>

Renamed auth_ntlm_use_winbind to auth_use_winbind, which also determines if GSS-SPNEGO is handled by GSSAPI or winbind. --HG-- branch : HEAD
704fbadd78375da18dcaf2c5d93ac8cfe2c61358 13-Aug-2008 Timo Sirainen <tss@iki.fi>

Support GSS-SPNEGO mechanism if GSSAPI library supports it. Based on a patch by Jason Gunthorpe. --HG-- branch : HEAD
bde5b40c4fcc20e812a7caff9c0ed55e7090ced9 13-Aug-2008 Timo Sirainen <tss@iki.fi>

Added support for gssapi_hostname=$ALL for multihomed hosts. Patch by Jason Gunthorpe. --HG-- branch : HEAD
448723dc1c12b126dd2d348d4ce385203abbaa7d 04-Aug-2008 Timo Sirainen <tss@iki.fi>

gssapi: Make auth_krb5_keytab work by calling _register_acceptor_identity() instead of relying on KRB5_KTNAME environment to be picked up. --HG-- branch : HEAD
01ff322068d8cb54d37b478efc1348087b1f9f78 04-Jun-2008 Timo Sirainen <tss@iki.fi>

gssapi: Check for gssapi_krb5.h existence before trying to use it. --HG-- branch : HEAD
c869c075b0b558e82a613a8320b3b3a7e120741b 04-May-2008 Timo Sirainen <tss@iki.fi>

Don't use krb5_get_error_message(), it doesn't work with Heimdal Kerberos. --HG-- branch : HEAD
c5b99a8a85370e7d1f7edb1fcb18a9d44616f726 04-May-2008 Timo Sirainen <tss@iki.fi>

Support cross-realm krb5 authentication. Based on patch by Zachary Kotlarek. --HG-- branch : HEAD
00db1828183b3e487ad7ed58810da8ebc5e95193 02-Apr-2008 Timo Sirainen <tss@iki.fi>

GSSAPI: Show username in "autn_name and authz_name differ" error. --HG-- branch : HEAD
648d24583c1574441c4fa0331a90bd4d6e7996c5 16-Sep-2007 Timo Sirainen <tss@iki.fi>

pool_unref() now takes ** pointer. --HG-- branch : HEAD

auth-request-handler.c auth-request.c auth.c db-ldap.c db-passwd-file.c db-sql.c mech-gssapi.c mech-rpa.c mech.c otp-skey-common.c /dovecot/src/deliver/deliver.c /dovecot/src/deliver/duplicate.c /dovecot/src/imap/client.c /dovecot/src/imap/cmd-append.c /dovecot/src/imap/cmd-sort.c /dovecot/src/imap/cmd-thread.c /dovecot/src/imap/imap-thread.c /dovecot/src/imap/main.c /dovecot/src/lib-auth/auth-server-connection.c /dovecot/src/lib-dict/dict-client.c /dovecot/src/lib-dict/dict-db.c /dovecot/src/lib-dict/dict-sql.c /dovecot/src/lib-imap/imap-parser.c /dovecot/src/lib-index/mail-cache.c /dovecot/src/lib-index/mail-index-map.c /dovecot/src/lib-index/mail-index.c /dovecot/src/lib-index/mailbox-list-index-sync.c /dovecot/src/lib-mail/istream-header-filter.c /dovecot/src/lib-mail/message-parser.c /dovecot/src/lib-sql/driver-mysql.c /dovecot/src/lib-sql/driver-sqlite.c /dovecot/src/lib-storage/index/dbox/dbox-file.c /dovecot/src/lib-storage/index/dbox/dbox-sync.c /dovecot/src/lib-storage/index/index-mail-headers.c /dovecot/src/lib-storage/index/index-mail.c /dovecot/src/lib-storage/index/index-search.c /dovecot/src/lib-storage/index/index-storage.c /dovecot/src/lib-storage/index/maildir/maildir-keywords.c /dovecot/src/lib-storage/index/maildir/maildir-save.c /dovecot/src/lib-storage/index/maildir/maildir-uidlist.c /dovecot/src/lib-storage/index/mbox/mbox-sync.c /dovecot/src/lib-storage/list/index-mailbox-list.c /dovecot/src/lib-storage/list/mailbox-list-fs-iter.c /dovecot/src/lib-storage/list/mailbox-list-fs.c /dovecot/src/lib-storage/list/mailbox-list-maildir-iter.c /dovecot/src/lib-storage/list/mailbox-list-maildir.c /dovecot/src/lib-storage/mail-storage.c /dovecot/src/lib-storage/mailbox-tree.c /dovecot/src/lib/env-util.c /dovecot/src/lib/mempool.h /dovecot/src/lib/module-dir.c /dovecot/src/master/master-settings.c /dovecot/src/plugins/acl/acl-backend-vfile.c /dovecot/src/plugins/acl/acl-cache.c /dovecot/src/plugins/expire/expire-env.c /dovecot/src/plugins/fts-squat/squat-uidlist.c /dovecot/src/plugins/mail-log/mail-log-plugin.c /dovecot/src/plugins/quota/quota.c /dovecot/src/plugins/trash/trash-plugin.c
9e3f0cc69cbc4af74d08d1e52aa5ed8a7675b8f1 09-Aug-2007 Timo Sirainen <tss@iki.fi>

Crashfix for failed GSSAPI requests. --HG-- branch : HEAD
f97cf1c086715db87094bc3d0a4fefdd80bd869c 07-Aug-2007 Timo Sirainen <tss@iki.fi>

Added --with-gssapi=plugin --HG-- branch : HEAD
ce38f7f75700ac098d09155942c41a027464f162 02-Jul-2007 Timo Sirainen <tss@iki.fi>

And removed unneeded code. --HG-- branch : HEAD
44a9b5fc1b57e5cc0a113f8cada9d9011747cadc 02-Jul-2007 Timo Sirainen <tss@iki.fi>

If __gss_userok() exists, use it to verify username. Patch by Peter Eriksson. --HG-- branch : HEAD
ee5be4287d37f251f683fd2755eafc02504d527c 27-Mar-2007 Timo Sirainen <tss@iki.fi>

Added auth_gssapi_hostname setting. --HG-- branch : HEAD
00bde9ae9eab9e720462bf6ec9a4dd85e88c3bbf 10-Mar-2007 Timo Sirainen <tss@iki.fi>

Added more debug logging. --HG-- branch : HEAD
405aa3bff8ca00739ebeaab59afb593bcfc8edcc 03-Dec-2006 Timo Sirainen <tss@iki.fi>

Some systems have gssapi elsewhere than gssapi/gssapi.h. So check also plain gssapi.h. Based on patch by Chris Wakelin --HG-- branch : HEAD
35136dd2baf8dc30e4e754294ed81ff48e8c1e64 08-Nov-2006 Timo Sirainen <tss@iki.fi>

Added auth_request_set_credentials() to modify credentials in passdb and implemented it for SQL passdb. Added passdb_need_set_credentials boolean to mechanisms to indicate that it's required (OTP will need it). Patch by Andrey Panin. --HG-- branch : HEAD
893f7d52acc42058045f188b625449981bd7f9bc 22-Sep-2006 Timo Sirainen <tss@iki.fi>

POP3 service name is "pop" with GSSAPI. --HG-- branch : HEAD
8d80659e504ffb34bb0c6a633184fece35751b18 28-Jun-2006 Timo Sirainen <tss@iki.fi>

Array API redesigned to work using unions. It now provides type safety without having to enable DEBUG, as long as the compiler supports typeof(). Its API changed a bit. It now allows directly accessing the array contents, although that's not necessarily recommended. Changed existing array usage to be type safe in a bit more places. Removed array_t completely. Also did s/modifyable/modifiable/. --HG-- branch : HEAD

auth-master-listener.c auth-master-listener.h auth-request-handler.c auth-worker-server.c mech-gssapi.c userdb-static.c /dovecot/src/dict/dict-server.c /dovecot/src/imap/client.h /dovecot/src/imap/cmd-list.c /dovecot/src/imap/commands-util.c /dovecot/src/imap/commands-util.h /dovecot/src/imap/commands.c /dovecot/src/imap/imap-fetch.c /dovecot/src/imap/imap-fetch.h /dovecot/src/lib-auth/auth-client.c /dovecot/src/lib-dict/dict.c /dovecot/src/lib-imap/imap-base-subject.c /dovecot/src/lib-index/mail-cache-compress.c /dovecot/src/lib-index/mail-cache-lookup.c /dovecot/src/lib-index/mail-cache-private.h /dovecot/src/lib-index/mail-cache-transaction.c /dovecot/src/lib-index/mail-index-private.h /dovecot/src/lib-index/mail-index-sync-ext.c /dovecot/src/lib-index/mail-index-sync-private.h /dovecot/src/lib-index/mail-index-sync-update.c /dovecot/src/lib-index/mail-index-sync.c /dovecot/src/lib-index/mail-index-transaction-private.h /dovecot/src/lib-index/mail-index-transaction-view.c /dovecot/src/lib-index/mail-index-transaction.c /dovecot/src/lib-index/mail-index-view-private.h /dovecot/src/lib-index/mail-index-view-sync.c /dovecot/src/lib-index/mail-index-view.c /dovecot/src/lib-index/mail-index.c /dovecot/src/lib-index/mail-index.h /dovecot/src/lib-index/mail-transaction-log-append.c /dovecot/src/lib-mail/mail-types.h /dovecot/src/lib-mail/message-body-search.c /dovecot/src/lib-mail/message-header-search.c /dovecot/src/lib-sql/driver-mysql.c /dovecot/src/lib-sql/sql-api-private.h /dovecot/src/lib-sql/sql-api.c /dovecot/src/lib-storage/index/dbox/dbox-keywords.c /dovecot/src/lib-storage/index/dbox/dbox-save.c /dovecot/src/lib-storage/index/dbox/dbox-storage.h /dovecot/src/lib-storage/index/dbox/dbox-sync-expunge.c /dovecot/src/lib-storage/index/dbox/dbox-sync-full.c /dovecot/src/lib-storage/index/dbox/dbox-sync.c /dovecot/src/lib-storage/index/dbox/dbox-sync.h /dovecot/src/lib-storage/index/dbox/dbox-uidlist.c /dovecot/src/lib-storage/index/dbox/dbox-uidlist.h /dovecot/src/lib-storage/index/index-mail-headers.c /dovecot/src/lib-storage/index/index-mail.c /dovecot/src/lib-storage/index/index-mail.h /dovecot/src/lib-storage/index/index-sort.c /dovecot/src/lib-storage/index/index-storage.h /dovecot/src/lib-storage/index/index-sync.c /dovecot/src/lib-storage/index/maildir/maildir-keywords.c /dovecot/src/lib-storage/index/maildir/maildir-save.c /dovecot/src/lib-storage/index/maildir/maildir-storage.c /dovecot/src/lib-storage/index/maildir/maildir-storage.h /dovecot/src/lib-storage/index/maildir/maildir-sync.c /dovecot/src/lib-storage/index/maildir/maildir-uidlist.c /dovecot/src/lib-storage/index/mbox/mbox-save.c /dovecot/src/lib-storage/index/mbox/mbox-sync-parse.c /dovecot/src/lib-storage/index/mbox/mbox-sync-private.h /dovecot/src/lib-storage/index/mbox/mbox-sync-rewrite.c /dovecot/src/lib-storage/index/mbox/mbox-sync-update.c /dovecot/src/lib-storage/index/mbox/mbox-sync.c /dovecot/src/lib-storage/mail-storage-private.h /dovecot/src/lib-storage/mail-storage.c /dovecot/src/lib-storage/mail-storage.h /dovecot/src/lib/array-decl.h /dovecot/src/lib/array.h /dovecot/src/lib/buffer.c /dovecot/src/lib/buffer.h /dovecot/src/lib/ioloop-epoll.c /dovecot/src/lib/istream.c /dovecot/src/lib/istream.h /dovecot/src/lib/lib.h /dovecot/src/lib/module-dir.c /dovecot/src/lib/seq-range-array.c /dovecot/src/lib/seq-range-array.h /dovecot/src/lib/str.c /dovecot/src/lib/str.h /dovecot/src/master/mail-process.c /dovecot/src/master/master-settings.h /dovecot/src/plugins/acl/acl-backend-vfile.c /dovecot/src/plugins/acl/acl-cache.c /dovecot/src/plugins/acl/acl-mailbox.c /dovecot/src/plugins/acl/acl-plugin.h /dovecot/src/plugins/quota/quota-dirsize.c /dovecot/src/plugins/quota/quota-private.h /dovecot/src/plugins/quota/quota-storage.c /dovecot/src/plugins/quota/quota.c /dovecot/src/plugins/trash/trash-plugin.c /dovecot/src/plugins/zlib/zlib-plugin.c
e074ffeaee1ce283bd42f167c6810e3d013f8218 16-Jun-2006 Timo Sirainen <tss@iki.fi>

Relicensed dovecot-auth to MIT. --HG-- branch : HEAD
da3f943e93b0ea5a8256a2e850f4738ad161f71d 12-Feb-2006 Timo Sirainen <tss@iki.fi>

Crashfix. Patch by Mark Davies --HG-- branch : HEAD
d5cebe7f98e63d4e2822863ef2faa4971e8b3a5d 14-Jan-2006 Timo Sirainen <tss@iki.fi>

deinit, unref, destroy, close, free, etc. functions now take a pointer to their data pointer, and set it to NULL. This makes double-frees less likely to cause security holes. --HG-- branch : HEAD

auth-cache.c auth-cache.h auth-client-connection.c auth-client-connection.h auth-master-connection.c auth-master-connection.h auth-master-listener.c auth-master-listener.h auth-module.c auth-module.h auth-request-handler.c auth-request-handler.h auth-request.c auth-request.h auth-worker-client.c auth-worker-client.h auth-worker-server.c auth.c auth.h db-ldap.c db-ldap.h db-passwd-file.c db-passwd-file.h db-sql.c db-sql.h main.c mech-gssapi.c passdb-cache.c passdb-checkpassword.c passdb-ldap.c passdb-pam.c passdb-passwd-file.c passdb-sql.c passdb.c password-scheme.c userdb-ldap.c userdb-passwd-file.c userdb-sql.c userdb.c /dovecot/src/dict/dict-cache.c /dovecot/src/dict/dict-server.c /dovecot/src/dict/main.c /dovecot/src/imap-login/client-authenticate.c /dovecot/src/imap-login/client.c /dovecot/src/imap-login/imap-proxy.c /dovecot/src/imap/client.c /dovecot/src/imap/cmd-append.c /dovecot/src/imap/cmd-close.c /dovecot/src/imap/cmd-copy.c /dovecot/src/imap/cmd-delete.c /dovecot/src/imap/cmd-idle.c /dovecot/src/imap/cmd-list.c /dovecot/src/imap/cmd-logout.c /dovecot/src/imap/cmd-search.c /dovecot/src/imap/cmd-select.c /dovecot/src/imap/cmd-status.c /dovecot/src/imap/cmd-store.c /dovecot/src/imap/cmd-unselect.c /dovecot/src/imap/imap-expunge.c /dovecot/src/imap/imap-fetch-body.c /dovecot/src/imap/imap-fetch.c /dovecot/src/imap/imap-sort.c /dovecot/src/imap/imap-sync.c /dovecot/src/imap/imap-thread.c /dovecot/src/imap/main.c /dovecot/src/imap/namespace.c /dovecot/src/lib-auth/auth-client.c /dovecot/src/lib-auth/auth-client.h /dovecot/src/lib-auth/auth-server-connection.c /dovecot/src/lib-auth/auth-server-connection.h /dovecot/src/lib-auth/auth-server-request.c /dovecot/src/lib-charset/charset-iconv.c /dovecot/src/lib-charset/charset-utf8.c /dovecot/src/lib-charset/charset-utf8.h /dovecot/src/lib-dict/dict-client.c /dovecot/src/lib-dict/dict-sql.c /dovecot/src/lib-dict/dict.c /dovecot/src/lib-dict/dict.h /dovecot/src/lib-imap/imap-base-subject.c /dovecot/src/lib-imap/imap-bodystructure.c /dovecot/src/lib-imap/imap-envelope.c /dovecot/src/lib-imap/imap-match.c /dovecot/src/lib-imap/imap-match.h /dovecot/src/lib-imap/imap-parser.c /dovecot/src/lib-imap/imap-parser.h /dovecot/src/lib-index/mail-cache-compress.c /dovecot/src/lib-index/mail-cache.c /dovecot/src/lib-index/mail-cache.h /dovecot/src/lib-index/mail-index-private.h /dovecot/src/lib-index/mail-index-sync-update.c /dovecot/src/lib-index/mail-index-sync.c /dovecot/src/lib-index/mail-index-transaction-private.h /dovecot/src/lib-index/mail-index-transaction-view.c /dovecot/src/lib-index/mail-index-transaction.c /dovecot/src/lib-index/mail-index-view-sync.c /dovecot/src/lib-index/mail-index-view.c /dovecot/src/lib-index/mail-index.c /dovecot/src/lib-index/mail-index.h /dovecot/src/lib-index/mail-transaction-log-view.c /dovecot/src/lib-index/mail-transaction-log.c /dovecot/src/lib-index/mail-transaction-log.h /dovecot/src/lib-mail/istream-header-filter.c /dovecot/src/lib-mail/message-body-search.c /dovecot/src/lib-mail/message-header-search.c /dovecot/src/lib-mail/message-header-search.h /dovecot/src/lib-mail/message-parser.c /dovecot/src/lib-mail/message-parser.h /dovecot/src/lib-settings/settings.c /dovecot/src/lib-sql/driver-mysql.c /dovecot/src/lib-sql/driver-pgsql.c /dovecot/src/lib-sql/sql-api.c /dovecot/src/lib-sql/sql-api.h /dovecot/src/lib-storage/index/dbox/dbox-file.c /dovecot/src/lib-storage/index/dbox/dbox-list.c /dovecot/src/lib-storage/index/dbox/dbox-save.c /dovecot/src/lib-storage/index/dbox/dbox-sync-expunge.c /dovecot/src/lib-storage/index/dbox/dbox-sync.c /dovecot/src/lib-storage/index/dbox/dbox-uidlist.c /dovecot/src/lib-storage/index/index-mail-headers.c /dovecot/src/lib-storage/index/index-mail.c /dovecot/src/lib-storage/index/index-mailbox-check.c /dovecot/src/lib-storage/index/index-search.c /dovecot/src/lib-storage/index/index-storage.c /dovecot/src/lib-storage/index/index-sync.c /dovecot/src/lib-storage/index/index-transaction.c /dovecot/src/lib-storage/index/maildir/maildir-keywords.c /dovecot/src/lib-storage/index/maildir/maildir-save.c /dovecot/src/lib-storage/index/maildir/maildir-sync.c /dovecot/src/lib-storage/index/maildir/maildir-uidlist.c /dovecot/src/lib-storage/index/mbox/istream-raw-mbox.c /dovecot/src/lib-storage/index/mbox/mbox-file.c /dovecot/src/lib-storage/index/mbox/mbox-list.c /dovecot/src/lib-storage/index/mbox/mbox-mail.c /dovecot/src/lib-storage/index/mbox/mbox-save.c /dovecot/src/lib-storage/index/mbox/mbox-storage.c /dovecot/src/lib-storage/index/mbox/mbox-sync-parse.c /dovecot/src/lib-storage/index/mbox/mbox-sync-rewrite.c /dovecot/src/lib-storage/index/mbox/mbox-sync.c /dovecot/src/lib-storage/mail-copy.c /dovecot/src/lib-storage/mail-storage.c /dovecot/src/lib-storage/mail-storage.h /dovecot/src/lib-storage/mail.c /dovecot/src/lib-storage/subscription-file/subscription-file.c /dovecot/src/lib/buffer.c /dovecot/src/lib/buffer.h /dovecot/src/lib/file-cache.c /dovecot/src/lib/file-cache.h /dovecot/src/lib/hash.c /dovecot/src/lib/hash.h /dovecot/src/lib/ioloop-notify-dn.c /dovecot/src/lib/ioloop.c /dovecot/src/lib/ioloop.h /dovecot/src/lib/istream-limit.c /dovecot/src/lib/istream-seekable.c /dovecot/src/lib/istream.c /dovecot/src/lib/istream.h /dovecot/src/lib/lib-signals.c /dovecot/src/lib/module-dir.c /dovecot/src/lib/module-dir.h /dovecot/src/lib/ostream-crlf.c /dovecot/src/lib/ostream-file.c /dovecot/src/lib/ostream.c /dovecot/src/lib/ostream.h /dovecot/src/lib/str.c /dovecot/src/lib/str.h /dovecot/src/login-common/login-proxy.c /dovecot/src/login-common/main.c /dovecot/src/login-common/master.c /dovecot/src/login-common/ssl-proxy-openssl.c /dovecot/src/master/auth-process.c /dovecot/src/master/dict-process.c /dovecot/src/master/log.c /dovecot/src/master/login-process.c /dovecot/src/master/main.c /dovecot/src/master/ssl-init.c /dovecot/src/plugins/imap-quota/imap-quota-plugin.c /dovecot/src/plugins/quota/quota-storage.c /dovecot/src/plugins/trash/trash-plugin.c /dovecot/src/plugins/zlib/zlib-plugin.c /dovecot/src/pop3-login/client-authenticate.c /dovecot/src/pop3-login/client.c /dovecot/src/pop3-login/pop3-proxy.c /dovecot/src/pop3/client.c /dovecot/src/pop3/commands.c /dovecot/src/pop3/main.c /dovecot/src/util/rawlog.c
9426f0585f821606cbf332282a57eea24376a765 28-Dec-2005 Timo Sirainen <tss@iki.fi>

Removed need_passdb from mechanism definitions. passdb_need_plain/credentials is enough to know that. Also give a better error message if no passdbs are set and a mechanism requires passdb. --HG-- branch : HEAD
e03ec0b7b9d92551331bc509bcd86920544171d1 28-Oct-2005 Timo Sirainen <tss@iki.fi>

Use a bit larger initial pool sizes --HG-- branch : HEAD
0469ed17dafcc56589ce00960a23f4f06817dfb5 27-Oct-2005 Timo Sirainen <tss@iki.fi>

Added GSSAPI support. Patch by Jelmer Vernooij and some fixes by pod@herald.ox.ac.uk --HG-- branch : HEAD