auth-request-handler.c revision aefe17424820c57bcb05b0aaec4a930e8222bacc
e59faf65ce864fe95dc00f5d52b8323cdbd0608aTimo Sirainen/* Copyright (c) 2005-2012 Dovecot authors, see the included COPYING file */
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainenstatic ARRAY_DEFINE(auth_failures_arr, struct auth_request *);
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainenstatic void auth_failure_timeout(void *context);
9be4e6701d086c009f3db1913a148139ea180420Timo Sirainenauth_request_handler_create(auth_request_callback_t *callback, void *context,
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen pool = pool_alloconly_create("auth request handler", 4096);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen handler = p_new(pool, struct auth_request_handler, 1);
3ccab0bac68040f179a7de45c516cec258e28fdbTimo Sirainen handler->requests = hash_table_create(default_pool, pool, 0, NULL, NULL);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainenauth_request_handler_get_request_count(struct auth_request_handler *handler)
f19cf95ae8fc233567b1c7751595eb66876d684aTimo Sirainenvoid auth_request_handler_abort_requests(struct auth_request_handler *handler)
cc4d0d30fbba883d5d1b600646491fb77bdb989cTimo Sirainen iter = hash_table_iterate_init(handler->requests);
cc4d0d30fbba883d5d1b600646491fb77bdb989cTimo Sirainen while (hash_table_iterate(iter, &key, &value)) {
f19cf95ae8fc233567b1c7751595eb66876d684aTimo Sirainen /* can't abort a pending passdb/userdb lookup */
9d75363d3fbabc2fbc2d80f06672e3ed8965804aTimo Sirainenvoid auth_request_handler_unref(struct auth_request_handler **_handler)
9d75363d3fbabc2fbc2d80f06672e3ed8965804aTimo Sirainen struct auth_request_handler *handler = *_handler;
9d75363d3fbabc2fbc2d80f06672e3ed8965804aTimo Sirainen i_assert(hash_table_count(handler->requests) == 0);
fbee9bffb56d882b98146dd0de76a5bcccc2bdc3Timo Sirainen /* notify parent that we're done with all requests */
5363f51ad46344f4e5952f2fef211a7cf8f95ddcTimo Sirainenvoid auth_request_handler_destroy(struct auth_request_handler **_handler)
5363f51ad46344f4e5952f2fef211a7cf8f95ddcTimo Sirainen struct auth_request_handler *handler = *_handler;
657afb33796f8216c568ad813627da89970760beTimo Sirainenvoid auth_request_handler_set(struct auth_request_handler *handler,
ea95a057fa5f02d50027122cacd3147fce7679faTimo Sirainenstatic void auth_request_handler_remove(struct auth_request_handler *handler,
e69e7b734b625de1f8921b7e0d92afa1df6b900dTimo Sirainen /* already removed it */
657afb33796f8216c568ad813627da89970760beTimo Sirainen /* if db lookup is stuck, this call doesn't actually free the auth
657afb33796f8216c568ad813627da89970760beTimo Sirainen request, so make sure we don't get back here. */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen hash_table_remove(handler->requests, POINTER_CAST(request->id));
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainenstatic void get_client_extra_fields(struct auth_request *request,
bbf81c8fc6f21382707673dc6bd7b87ffc27981bTimo Sirainen unsigned int src;
1e0bdb2d0fa7bbd0a0a254754680f6c6d0195333Timo Sirainen if (auth_stream_is_empty(request->extra_fields))
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen extra_fields = auth_stream_reply_export(request->extra_fields);
1e0bdb2d0fa7bbd0a0a254754680f6c6d0195333Timo Sirainen if (!request->proxy && strstr(extra_fields, "userdb_") == NULL) {
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen /* optimization: there are no userdb_* fields, we can just
8bb360f9e5de1c25e4f875205bb06e8bf15dae14Timo Sirainen auth_stream_reply_import(reply, extra_fields);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen if (strncmp(fields[src], "userdb_", 7) != 0) {
662a9000b1788f1cdf765e6b1c89df9a42cc3e32Timo Sirainen if (!seen_pass && strncmp(fields[src], "pass=", 5) == 0)
ccef83820a01bb37ad48653a05a9c5aa6560826aTimo Sirainen /* we're proxying */
ccef83820a01bb37ad48653a05a9c5aa6560826aTimo Sirainen if (!seen_pass && request->mech_password != NULL) {
ccef83820a01bb37ad48653a05a9c5aa6560826aTimo Sirainen /* send back the password that was sent by user
ccef83820a01bb37ad48653a05a9c5aa6560826aTimo Sirainen (not the password in passdb). */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen /* the master username needs to be forwarded */
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainenauth_request_handle_failure(struct auth_request *request,
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen struct auth_request_handler *handler = request->handler;
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen /* we came here from flush_failures() */
9d75363d3fbabc2fbc2d80f06672e3ed8965804aTimo Sirainen /* remove the request from requests-list */
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen auth_request_handler_remove(handler, request);
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen /* passdb specifically requested not to delay the reply. */
2c8ff32886e56a5e037169c9ebef4219f85a5629Timo Sirainen /* failure. don't announce it immediately to avoid
2c8ff32886e56a5e037169c9ebef4219f85a5629Timo Sirainen a) timing attacks, b) flooding */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainenauth_request_handler_reply_success_finish(struct auth_request *request)
5363f51ad46344f4e5952f2fef211a7cf8f95ddcTimo Sirainen struct auth_request_handler *handler = request->handler;
5363f51ad46344f4e5952f2fef211a7cf8f95ddcTimo Sirainen reply = auth_stream_reply_init(pool_datastack_create());
5363f51ad46344f4e5952f2fef211a7cf8f95ddcTimo Sirainen if (request->last_penalty != 0 && auth_penalty != NULL) {
5363f51ad46344f4e5952f2fef211a7cf8f95ddcTimo Sirainen /* reset penalty */
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen auth_penalty_update(auth_penalty, request, 0);
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen auth_stream_reply_add(reply, NULL, dec2str(request->id));
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen auth_stream_reply_add(reply, "user", request->user);
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen if (request->no_login || handler->master_callback == NULL) {
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen /* this request doesn't have to wait for master
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen process to pick it up. delete it */
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen auth_request_handler_remove(handler, request);
2c8ff32886e56a5e037169c9ebef4219f85a5629Timo Sirainenauth_request_handler_reply_failure_finish(struct auth_request *request)
e76073ebaf90fa29abfdc364873acf78983949aaTimo Sirainen reply = auth_stream_reply_init(pool_datastack_create());
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen auth_stream_reply_add(reply, NULL, dec2str(request->id));
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_stream_reply_add(reply, "user", request->user);
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen else if (request->original_username != NULL) {
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen /* authentication succeeded, but we can't log in
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen as the wanted user */
0fec6dfc23e568bae53f03c9491df7f64473dd67Timo Sirainen auth_stream_reply_add(reply, "nodelay", NULL);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainenauth_request_handler_proxy_callback(bool success, struct auth_request *request)
708ea1c397d89586af66c97d74c907f3f2b95134Timo Sirainen struct auth_request_handler *handler = request->handler;
708ea1c397d89586af66c97d74c907f3f2b95134Timo Sirainen auth_request_handler_reply_success_finish(request);
e5dec382163b476bed16dbf7eb470913a9bbdbe1Timo Sirainen auth_request_handler_reply_failure_finish(request);
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainenvoid auth_request_handler_reply(struct auth_request *request,
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen struct auth_request_handler *handler = request->handler;
50782de8a9d5ebe11ee61496b4e695a1d3875230Timo Sirainen /* the client connection was already closed. we can't do
50782de8a9d5ebe11ee61496b4e695a1d3875230Timo Sirainen anything but abort this request */
50782de8a9d5ebe11ee61496b4e695a1d3875230Timo Sirainen /* make sure this request is set to finished state
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen (it's not with result=continue) */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_request_set_state(request, AUTH_REQUEST_STATE_FINISHED);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen reply = auth_stream_reply_init(pool_datastack_create());
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen auth_stream_reply_add(reply, NULL, dec2str(request->id));
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen str = t_str_new(MAX_BASE64_ENCODED_SIZE(reply_size));
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_stream_reply_add(reply, NULL, str_c(str));
a72dde3805d0e9148de4caf44d6f4dc167431380Timo Sirainen str = t_str_new(MAX_BASE64_ENCODED_SIZE(reply_size));
a72dde3805d0e9148de4caf44d6f4dc167431380Timo Sirainen auth_stream_reply_add(request->extra_fields, "resp", str_c(str));
a72dde3805d0e9148de4caf44d6f4dc167431380Timo Sirainen auth_request_handler_reply_failure_finish(request);
a72dde3805d0e9148de4caf44d6f4dc167431380Timo Sirainen else if (ret > 0)
a72dde3805d0e9148de4caf44d6f4dc167431380Timo Sirainen auth_request_handler_reply_success_finish(request);
48ac75465ae154b1d705f18de6d95045ab714b65Timo Sirainen auth_request_handler_reply_failure_finish(request);
e76073ebaf90fa29abfdc364873acf78983949aaTimo Sirainen /* NOTE: request may be destroyed now */
e76073ebaf90fa29abfdc364873acf78983949aaTimo Sirainenvoid auth_request_handler_reply_continue(struct auth_request *request,
e76073ebaf90fa29abfdc364873acf78983949aaTimo Sirainen auth_request_handler_reply(request, AUTH_CLIENT_RESULT_CONTINUE,
e76073ebaf90fa29abfdc364873acf78983949aaTimo Sirainenstatic void auth_request_handler_auth_fail(struct auth_request_handler *handler,
e76073ebaf90fa29abfdc364873acf78983949aaTimo Sirainen auth_request_log_info(request, request->mech->mech_name, "%s", reason);
e76073ebaf90fa29abfdc364873acf78983949aaTimo Sirainen reply = auth_stream_reply_init(pool_datastack_create());
9ed2951bd0bb1878a27437d7c00611b2baadd614Timo Sirainen auth_stream_reply_add(reply, NULL, dec2str(request->id));
6ef7e31619edfaa17ed044b45861d106a86191efTimo Sirainen auth_stream_reply_add(reply, "reason", reason);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_request_handler_remove(handler, request);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainenstatic void auth_request_timeout(struct auth_request *request)
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen const char *str;
5363f51ad46344f4e5952f2fef211a7cf8f95ddcTimo Sirainen str = t_strdup_printf("Request %u.%u timeouted after %u secs, state=%d",
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen (unsigned int)(time(NULL) - request->last_access),
5363f51ad46344f4e5952f2fef211a7cf8f95ddcTimo Sirainen if (request->state != AUTH_REQUEST_STATE_MECH_CONTINUE) {
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen /* client's fault */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_request_log_error(request, request->mech->mech_name,
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_request_log_info(request, request->mech->mech_name,
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_request_handler_remove(request->handler, request);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainenstatic void auth_request_penalty_finish(struct auth_request *request)
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainenauth_penalty_callback(unsigned int penalty, struct auth_request *request)
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen unsigned int secs;
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen request->to_penalty = timeout_add(secs * 1000,
70c181da837ed85fc5b0426c010b65609bda5329Timo Sirainenbool auth_request_handler_auth_begin(struct auth_request_handler *handler,
382c7aec3e3449ed8271c2a202b67cefaa31dc8eTimo Sirainen const char *const *list, *name, *arg, *initial_resp;
382c7aec3e3449ed8271c2a202b67cefaa31dc8eTimo Sirainen unsigned int id;
382c7aec3e3449ed8271c2a202b67cefaa31dc8eTimo Sirainen /* <id> <mechanism> [...] */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen "sent broken AUTH request", handler->client_pid);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen /* unsupported mechanism */
b5322c8270616a28f2e65cb3a09580c410bb0941Timo Sirainen i_error("BUG: Authentication client %u requested unsupported "
b5322c8270616a28f2e65cb3a09580c410bb0941Timo Sirainen "authentication mechanism %s", handler->client_pid,
9ed2951bd0bb1878a27437d7c00611b2baadd614Timo Sirainen /* parse optional parameters */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen if (auth_request_import_auth(request, name, arg))
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen /* this must be the last parameter */
e76073ebaf90fa29abfdc364873acf78983949aaTimo Sirainen "sent AUTH parameters after 'resp'",
e76073ebaf90fa29abfdc364873acf78983949aaTimo Sirainen "didn't specify service in request",
6ef7e31619edfaa17ed044b45861d106a86191efTimo Sirainen if (hash_table_lookup(handler->requests, POINTER_CAST(id)) != NULL) {
657afb33796f8216c568ad813627da89970760beTimo Sirainen "sent a duplicate ID %u", handler->client_pid, id);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen request->to_abort = timeout_add(MASTER_AUTH_SERVER_TIMEOUT_SECS * 1000,
c53a3c54d388c0031aaa642e6b14d46eb86d9485Timo Sirainen hash_table_insert(handler->requests, POINTER_CAST(id), request);
ccb77e2f63626ec46e5745ef4f38baa8e8e504fcTimo Sirainen /* we fail without valid certificate */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_request_handler_auth_fail(handler, request,
3ccab0bac68040f179a7de45c516cec258e28fdbTimo Sirainen "Client didn't present valid SSL certificate");
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen /* Empty initial response is a "=" base64 string. Completely empty
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen string shouldn't really be sent, but at least Exim does it,
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen so just allow it for backwards compatibility.. */
cac6735a6cd73f2b815a1f3c1e21855075e7c81eTimo Sirainen if (initial_resp != NULL && *initial_resp != '\0') {
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen buf = buffer_create_dynamic(pool_datastack_create(),
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen if (base64_decode(initial_resp, len, NULL, buf) < 0) {
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_request_handler_auth_fail(handler, request,
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen "Invalid base64 data in initial response");
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen memcpy(initial_resp_data, buf->data, buf->used);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen request->initial_response = initial_resp_data;
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen /* handler is referenced until auth_request_handler_reply()
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen is called. */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen /* before we start authenticating, see if we need to wait first */
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_penalty_lookup(auth_penalty, request, auth_penalty_callback);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainenbool auth_request_handler_auth_continue(struct auth_request_handler *handler,
50782de8a9d5ebe11ee61496b4e695a1d3875230Timo Sirainen unsigned int id;
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen if (data == NULL || str_to_uint(t_strdup_until(args, data), &id) < 0) {
615c4aba4cc0b17eefba3263b85972adaba04586Timo Sirainen i_error("BUG: Authentication client sent broken CONT request");
6fabfb7bbfd88d0c1de66981e52850f26067623bTimo Sirainen request = hash_table_lookup(handler->requests, POINTER_CAST(id));
0f39a57760d93cddbce3ca43096d78e0fe2f42fdTimo Sirainen reply = auth_stream_reply_init(pool_datastack_create());
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen auth_stream_reply_add(reply, NULL, dec2str(id));
3313a51ef9b245248d672c20f930c52a577a42f7Timo Sirainen "Authentication request timed out");
0f39a57760d93cddbce3ca43096d78e0fe2f42fdTimo Sirainen /* accept input only once after mechanism has sent a CONT reply */
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen auth_request_handler_auth_fail(handler, request,
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen "Unexpected continuation");
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen buf = buffer_create_dynamic(pool_datastack_create(),
7e078be0d6f12ca56860641d36e3c517e3046895Timo Sirainen if (base64_decode(data, data_len, NULL, buf) < 0) {
7e078be0d6f12ca56860641d36e3c517e3046895Timo Sirainen auth_request_handler_auth_fail(handler, request,
e8e966468f2667c18ec3f0a22ee48f01fa3a6eeaTimo Sirainen "Invalid base64 data in continued response");
e8e966468f2667c18ec3f0a22ee48f01fa3a6eeaTimo Sirainen /* handler is referenced until auth_request_handler_reply()
e8e966468f2667c18ec3f0a22ee48f01fa3a6eeaTimo Sirainen is called. */
e8e966468f2667c18ec3f0a22ee48f01fa3a6eeaTimo Sirainen auth_request_continue(request, buf->data, buf->used);
0f39a57760d93cddbce3ca43096d78e0fe2f42fdTimo Sirainenstatic void userdb_callback(enum userdb_result result,
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen struct auth_request_handler *handler = request->handler;
657afb33796f8216c568ad813627da89970760beTimo Sirainen i_assert(request->state == AUTH_REQUEST_STATE_USERDB);
daa7e7459749ae8f82cd3eed9c44522d81c609a3Timo Sirainen auth_request_set_state(request, AUTH_REQUEST_STATE_FINISHED);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen reply = auth_stream_reply_init(pool_datastack_create());
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_stream_reply_add(reply, NULL, dec2str(request->id));
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen value = auth_stream_reply_find(request->userdb_reply,
647eed98cb795ee9e42911750402dab720b57514Timo Sirainen auth_stream_reply_add(reply, "reason", value);
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen auth_stream_reply_add(reply, "NOTFOUND", NULL);
daa7e7459749ae8f82cd3eed9c44522d81c609a3Timo Sirainen auth_stream_reply_add(reply, NULL, dec2str(request->id));
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_stream_reply_add(reply, NULL, dec2str(request->id));
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen "master_user",
226259ee6fb9830dafc1a5ba1e95bf5a4345b406Timo Sirainen if (*request->set->anonymous_username != '\0' &&
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen /* this is an anonymous login, either via ANONYMOUS
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen SASL mechanism or simply logging in as the anonymous
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen user via another mechanism */
ecb1b2d6236942bf82f822e8d0167f0e160b206dTimo Sirainen auth_stream_reply_export(request->userdb_reply));
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen handler->master_callback(reply, request->master);
66d2db642fe24d555d113ba463e446b038d476efTimo Sirainen auth_master_connection_unref(&request->master);
3b8d05391336c0e4d24c8ddcc962f350409ffbd3Timo Sirainenbool auth_request_handler_master_request(struct auth_request_handler *handler,
3b8d05391336c0e4d24c8ddcc962f350409ffbd3Timo Sirainen unsigned int id,
3b8d05391336c0e4d24c8ddcc962f350409ffbd3Timo Sirainen reply = auth_stream_reply_init(pool_datastack_create());
657afb33796f8216c568ad813627da89970760beTimo Sirainen request = hash_table_lookup(handler->requests, POINTER_CAST(client_id));
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen auth_stream_reply_add(reply, NULL, dec2str(id));
a550b0fbcf7e876eeb88f4528209ed28cc416752Timo Sirainen auth_request_handler_remove(handler, request);
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen if (request->state != AUTH_REQUEST_STATE_FINISHED ||
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen i_error("Master requested unfinished authentication request "
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen auth_stream_reply_add(reply, NULL, dec2str(id));
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen /* the request isn't being referenced anywhere anymore,
50782de8a9d5ebe11ee61496b4e695a1d3875230Timo Sirainen so we can do a bit of kludging.. replace the request's
50782de8a9d5ebe11ee61496b4e695a1d3875230Timo Sirainen old client_id with master's id. */
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen auth_request_set_state(request, AUTH_REQUEST_STATE_USERDB);
43d32cbe60fdaef2699d99f1ca259053e9350411Timo Sirainen /* master and handler are referenced until userdb_callback i
657afb33796f8216c568ad813627da89970760beTimo Sirainen auth_request_lookup_user(request, userdb_callback);
657afb33796f8216c568ad813627da89970760beTimo Sirainenvoid auth_request_handler_cancel_request(struct auth_request_handler *handler,
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen request = hash_table_lookup(handler->requests, POINTER_CAST(client_id));
2872c818f9c6704609f4d67d984b033a63e3a108Timo Sirainen auth_request_handler_remove(handler, request);
657afb33796f8216c568ad813627da89970760beTimo Sirainenvoid auth_request_handler_flush_failures(bool flush_all)
unsigned int i, count;
if (count == 0) {
for (i = 0; i < count; i++) {
void auth_request_handler_init(void)
void auth_request_handler_deinit(void)