8c79de417ae66b4e54daeb9d998af2ab301151b4 |
|
28-Dec-2017 |
Aki Tuomi <aki.tuomi@dovecot.fi> |
lib-auth: Include ssl protocol details in request when present |
ff2f20bbc039ad8e362ead199366e21bc41f18ed |
|
28-Dec-2017 |
Aki Tuomi <aki.tuomi@dovecot.fi> |
lib-auth: Add AUTH_REQUEST_FLAG_TLS
Indicates whether connection is over TLS encryption. |
53f97800b16ab3a8d263c5331132dec1e8fea9a0 |
|
19-Mar-2017 |
Aki Tuomi <aki.tuomi@dovecot.fi> |
auth: Accept forward_fields from auth client |
a8dac1be6a0c3adbbce5887ca395f418194c6c06 |
|
19-Mar-2017 |
Aki Tuomi <aki.tuomi@dovecot.fi> |
auth: Accept client_id from auth client
Client ID contains the ID client request string
for IMAP. |
fe791e96fdf796f7d8997ee0515b163dc5eddd72 |
|
20-Oct-2016 |
Aki Tuomi <aki.tuomi@dovecot.fi> |
auth: Pass local_name to auth-request
This allows using local_name in various places,
such as passdb/userdb queries. |
2087543679f0b35a8f70e1277b234e66ffdf96ed |
|
11-Mar-2016 |
Timo Sirainen <timo.sirainen@dovecot.fi> |
doveadm-auth: If auth_debug setting is enabled, send "debug" field to auth lookups.
The idea is that you could enable auth_debug for specific requests with e.g.:
doveadm -o auth_debug=yes user user@example.com |
009217abb57a24a4076092e8e4e165545747839e |
|
29-Aug-2015 |
Stephan Bosch <stephan@rename-it.nl> |
Changed type of internet port values to in_port_t everywhere.
Created special SET_IN_PORT setting type for internet port values.
Created net_str2port() for parsing internet port values.
Removed several atoi() invocations in the process. |
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8 |
|
22-Feb-2013 |
Timo Sirainen <tss@iki.fi> |
auth: Added real_[lr]ip, real_[lr]port variables.
The unreal ones differ when a trusted proxy overrides them. |
bdd36cfdba3ff66d25570a9ff568d69e1eb543cf |
|
03-Oct-2012 |
Timo Sirainen <tss@iki.fi> |
Renamed network.[ch] to net.[ch].
The function prefixes already started with net_ instead of network_.
And icecap wants to use network.h for other purpose. :) |
a10ed8c47534b4c6b6bf2711ccfe577e720a47b4 |
|
23-Jun-2012 |
Timo Sirainen <tss@iki.fi> |
Marked functions parameters that are allowed to be NULL. Some APIs were also changed.
The non-obvious APIs where NULL parameter was changed to "" are
master_service_init() and auth_master_user_list_init().
These checks can currently be enabled only on a patched clang:
http://llvm.org/bugs/show_bug.cgi?id=6786 |
f016dec9837e6a41867708e4b89ca5308dedab05 |
|
28-Apr-2012 |
Timo Sirainen <tss@iki.fi> |
auth: Include session ID in log line prefix. |
9ddd3d7d8651985e373a6c48e0ddc76b8a4ef1c7 |
|
20-Jan-2012 |
Timo Sirainen <tss@iki.fi> |
lib-auth: Improved warning message about aborting auth requests. |
38505846b6d083e19f0a7d1373761bdda5d9a5a9 |
|
23-Nov-2011 |
Timo Sirainen <tss@iki.fi> |
lib-auth: Added AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP flag. |
7c849dbc7be089175c1a83a84ee7249ed695810d |
|
18-Nov-2011 |
Timo Sirainen <tss@iki.fi> |
login: Differentiate between auth failure and auth process communication failure.
Log a warning if auth connection dies. |
d8702d15ee7721ed1fcfc8f00a589970bd6b3598 |
|
04-Mar-2011 |
Timo Sirainen <tss@iki.fi> |
auth: Allow clients to specify that they want to skip auth penalty check.
This is "safe", because the clients specify the IP for the penalty check
anyway. |
05817ffe09295892e1aa5c4a7f91d060e249563c |
|
26-May-2010 |
Timo Sirainen <tss@iki.fi> |
lib-auth: Added auth_client_is_disconnected().
--HG--
branch : HEAD |
3b8d05391336c0e4d24c8ddcc962f350409ffbd3 |
|
20-May-2010 |
Timo Sirainen <tss@iki.fi> |
login: Tell auth process to free aborted auth requests.
--HG--
branch : HEAD |
90ed03ab289947f5576d2c616ada27724f50e9cd |
|
18-Feb-2010 |
Timo Sirainen <tss@iki.fi> |
*-login: If we disconnect from auth server, make sure we reconnect back when necessary.
--HG--
branch : HEAD |
63b70dd3e4b4d68a02b1bf7d78e92076210e3e1a |
|
19-Feb-2010 |
Timo Sirainen <tss@iki.fi> |
lib-auth: Added auth_client_disconnect().
--HG--
branch : HEAD |
66c3f635f2f33905af527d49b27f95322aa7dfa7 |
|
10-Dec-2009 |
Timo Sirainen <tss@iki.fi> |
*-login: Get auth connection cookie earlier so its lookup can't fail.
--HG--
branch : HEAD |
419baa2c17c63ae516b2df6cc5695f15aaccbff8 |
|
15-Oct-2009 |
Timo Sirainen <tss@iki.fi> |
auth: Identify clients using a 128bit random cookie on top of the existing PID.
When master is finishing the login, it must give this cookie to REQUEST
command and it must match what auth process knows. This change makes it safe
to do client/master login without a dedicated master process.
--HG--
branch : HEAD |
9137c55411aa39d41c1e705ddc34d5bd26c65021 |
|
07-Oct-2009 |
Timo Sirainen <tss@iki.fi> |
lib-auth: Changed API to connect to only a single specified auth socket.
Login processes now always connect to socket called "auth".
--HG--
branch : HEAD |
1299f2c3723ca9ccf8f9e563ec23ee1a1721fe4c |
|
01-May-2009 |
Timo Sirainen <tss@iki.fi> |
Moved auth-client-interface.h to lib-auth/.
--HG--
branch : HEAD |
c25356d5978632df6203437e1953bcb29e0c736f |
|
16-Sep-2007 |
Timo Sirainen <tss@iki.fi> |
Changed .h ifdef/defines to use <NAME>_H format.
--HG--
branch : HEAD |
9c3577aeb78a27920439ad9f1e62ee03699378c3 |
|
03-Jul-2007 |
Timo Sirainen <tss@iki.fi> |
Send local/remote ports to dovecot-auth. They're now in %a and %b variables.
--HG--
branch : HEAD |
18ddd4fba186b1b407cae98bb388fa8add7db48d |
|
18-Mar-2007 |
Timo Sirainen <tss@iki.fi> |
Call auth_client_reconnect() when the last client has disconnected to make
sure all the memory used by the auth connections get cleared.
--HG--
branch : HEAD |
00efa7d99981e18e286c02b18c1163dde18ee521 |
|
15-Dec-2006 |
Timo Sirainen <tss@iki.fi> |
Type safe callbacks weren't as easy as I thought. Only callback(void
*context) can be handled generically. Others can be handled specially, but
only if all the parameters are pointers, otherwise eg. int parameter can be
replaced with long without compiler giving any warnings.
--HG--
branch : HEAD |
bbdfa6e80bfd5f6e33f98ccb0781d7500328be62 |
|
15-Dec-2006 |
Timo Sirainen <tss@iki.fi> |
Removed support for external I/O loop. The point was originally that this
library could be used by external software to talk to dovecot-auth, but
nowadays it's much easier to just implement the authentication protocol.
--HG--
branch : HEAD |
59151b71059df1190acd75d8717ed04a7920c862 |
|
15-Dec-2006 |
Timo Sirainen <tss@iki.fi> |
Added context parameter type safety checks for most callback APIs.
--HG--
branch : HEAD |
fd7ca4bdc1fb63547d997b6ddd639284cb5a0d01 |
|
23-Feb-2006 |
Timo Sirainen <tss@iki.fi> |
More comma removals
--HG--
branch : HEAD |
d5cebe7f98e63d4e2822863ef2faa4971e8b3a5d |
|
14-Jan-2006 |
Timo Sirainen <tss@iki.fi> |
deinit, unref, destroy, close, free, etc. functions now take a pointer to
their data pointer, and set it to NULL. This makes double-frees less likely
to cause security holes.
--HG--
branch : HEAD |
6ef7e31619edfaa17ed044b45861d106a86191ef |
|
13-Jan-2006 |
Timo Sirainen <tss@iki.fi> |
Added "bool" type and changed all ints that were used as booleans to bool.
--HG--
branch : HEAD |
939451389b8e0ad529277b84fe51dab38a8cf77c |
|
01-Oct-2005 |
Timo Sirainen <tss@iki.fi> |
Added ssl_username_from_cert setting. Not actually tested yet..
--HG--
branch : HEAD |
87cc5e9025e7fb6408f0de64c48d2d2897773ba5 |
|
19-Oct-2004 |
Timo Sirainen <tss@iki.fi> |
s/protocol/service/ in authentication
--HG--
branch : HEAD |
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0fae |
|
13-Oct-2004 |
Timo Sirainen <tss@iki.fi> |
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
replacement server if needed by someone. Also cleaned up/made more
consistent auth code. The new code could still use some cleaning though..
--HG--
branch : HEAD |
8eea67470c1bd8562a62e7445d930bb2079b1a43 |
|
03-Jul-2004 |
Timo Sirainen <tss@iki.fi> |
Added APOP authentication for POP3. Patch by Andrey Panin.
This required some changes in auth APIs.
--HG--
branch : HEAD |
64e244defe74f513ce94f33d000a048ddbe2ea23 |
|
31-May-2004 |
Timo Sirainen <tss@iki.fi> |
Added %l, %r and %P variables and mail_log_prefix setting.
--HG--
branch : HEAD |
acf3b7bf3a8891b118a71c45e6c48d17bc90b259 |
|
30-May-2004 |
Timo Sirainen <tss@iki.fi> |
Allow using more easily outside dovecot.
--HG--
branch : HEAD |
d1414c09cf0d58ac983054e2f4e1a1f329272dcf |
|
29-May-2004 |
Timo Sirainen <tss@iki.fi> |
Removed hardcoded mechanism lists. It's now possible to add them
dynamically. Added support for SASL initial response.
--HG--
branch : HEAD |
6d701b8abc45d6d3881ee19ffc6f38b23d35eea5 |
|
29-May-2004 |
Timo Sirainen <tss@iki.fi> |
Don't use hardcoded protocol list for auth process, string is just fine.
--HG--
branch : HEAD |
8222ce68120b51353a3b31d3073b5f845d0e9f53 |
|
17-May-2004 |
Timo Sirainen <tss@iki.fi> |
Added ssl_require_client_cert auth-specific setting. Hide
ssl_verify_client_cert from default config file as it's automatically set if
needed and there's not much point in forcing it.
--HG--
branch : HEAD |
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8 |
|
22-Aug-2003 |
Timo Sirainen <tss@iki.fi> |
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
--HG--
branch : HEAD |