src/auth/auth-settings.c

	auth-settings.c revision d176f84ce5ca2073f4dfbafb457b9c74f6bf0d76
f8740ac53310cd28ba4ec6dc9e9ce6e9a3688f39Timo Sirainen/* Copyright (c) 2005-2009 Dovecot authors, see the included COPYING file */
f8740ac53310cd28ba4ec6dc9e9ce6e9a3688f39Timo Sirainen
f8740ac53310cd28ba4ec6dc9e9ce6e9a3688f39Timo Sirainen#include "lib.h"
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen#include "array.h"
f8740ac53310cd28ba4ec6dc9e9ce6e9a3688f39Timo Sirainen#include "settings-parser.h"
f8740ac53310cd28ba4ec6dc9e9ce6e9a3688f39Timo Sirainen#include "master-service-settings.h"
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen#include "auth-settings.h"
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen#include <stddef.h>
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainenextern struct setting_parser_info auth_setting_parser_info;
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainenextern struct setting_parser_info auth_root_setting_parser_info;
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen#undef DEF
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen#define DEF(type, name) \
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    { type, #name, offsetof(struct auth_passdb_settings, name), NULL }
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainenstatic struct setting_define auth_passdb_setting_defines[] = {
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_STR, driver),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_STR, args),
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    DEF(SET_BOOL, deny),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    SETTING_DEFINE_LIST_END
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen};
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainenstruct setting_parser_info auth_passdb_setting_parser_info = {
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(defines) auth_passdb_setting_defines,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(defaults) NULL,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(parent) &auth_setting_parser_info,
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(dynamic_parsers) NULL,
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(parent_offset) (size_t)-1,
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(type_offset) offsetof(struct auth_passdb_settings, driver),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(struct_size) sizeof(struct auth_passdb_settings)
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen};
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen#undef DEF
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen#define DEF(type, name) \
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    { type, #name, offsetof(struct auth_userdb_settings, name), NULL }
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainenstatic struct setting_define auth_userdb_setting_defines[] = {
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_STR, driver),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    DEF(SET_STR, args),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    SETTING_DEFINE_LIST_END
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen};
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainenstruct setting_parser_info auth_userdb_setting_parser_info = {
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(defines) auth_userdb_setting_defines,
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(defaults) NULL,
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(parent) &auth_setting_parser_info,
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(dynamic_parsers) NULL,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(parent_offset) (size_t)-1,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(type_offset) offsetof(struct auth_userdb_settings, driver),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(struct_size) sizeof(struct auth_userdb_settings)
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen};
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen#undef DEF
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen#undef DEFLIST
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen#define DEF(type, name) \
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    { type, #name, offsetof(struct auth_settings, name), NULL }
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen#define DEFLIST(field, name, defines) \
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    { SET_DEFLIST, name, offsetof(struct auth_settings, field), defines }
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainenstatic struct setting_define auth_setting_defines[] = {
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    DEF(SET_STR, name),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_STR, mechanisms),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_STR, realms),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_STR, default_realm),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_UINT, cache_size),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_UINT, cache_ttl),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_UINT, cache_negative_ttl),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    DEF(SET_STR, username_chars),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    DEF(SET_STR, username_translation),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    DEF(SET_STR, username_format),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    DEF(SET_STR, master_user_separator),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    DEF(SET_STR, anonymous_username),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    DEF(SET_STR, krb5_keytab),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_STR, gssapi_hostname),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_STR, winbind_helper_path),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_UINT, failure_delay),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    DEF(SET_BOOL, verbose),
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    DEF(SET_BOOL, debug),
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    DEF(SET_BOOL, debug_passwords),
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    DEF(SET_BOOL, ssl_require_client_cert),
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    DEF(SET_BOOL, ssl_username_from_cert),
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    DEF(SET_BOOL, use_winbind),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEF(SET_UINT, worker_max_count),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEFLIST(passdbs, "passdb", &auth_passdb_setting_parser_info),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEFLIST(userdbs, "userdb", &auth_userdb_setting_parser_info),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    SETTING_DEFINE_LIST_END
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen};
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainenstatic struct auth_settings auth_default_settings = {
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(name) NULL,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(root) NULL,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(mechanisms) "plain",
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(realms) "",
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(default_realm) "",
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(cache_size) 0,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(cache_ttl) 3600,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(cache_negative_ttl) 0,
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(username_chars) "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@",
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(username_translation) "",
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(username_format) "",
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(master_user_separator) "",
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(anonymous_username) "anonymous",
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(krb5_keytab) "",
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(gssapi_hostname) "",
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(winbind_helper_path) "/usr/bin/ntlm_auth",
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(failure_delay) 2,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(verbose) FALSE,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(debug) FALSE,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(debug_passwords) FALSE,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(ssl_require_client_cert) FALSE,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(ssl_username_from_cert) FALSE,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(use_winbind) FALSE,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(worker_max_count) 30,
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen
7000810786f2959f02cd6d2f4151a9eb61ff5db8Timo Sirainen    MEMBER(passdbs) ARRAY_INIT,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(userdbs) ARRAY_INIT
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen};
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainenstruct setting_parser_info auth_setting_parser_info = {
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(defines) auth_setting_defines,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(defaults) &auth_default_settings,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen    MEMBER(parent) &auth_root_setting_parser_info,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(dynamic_parsers) NULL,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(parent_offset) offsetof(struct auth_settings, root),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(type_offset) offsetof(struct auth_settings, name),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(struct_size) sizeof(struct auth_settings),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(check_func) NULL
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen};
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen#undef DEF
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen#undef DEFLIST
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen#define DEF(type, name) \
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    { type, #name, offsetof(struct auth_root_settings, name), NULL }
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen#define DEFLIST(field, name, defines) \
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    { SET_DEFLIST, name, offsetof(struct auth_root_settings, field), defines }
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainenstatic struct setting_define auth_root_setting_defines[] = {
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    DEFLIST(auths, "auth", &auth_setting_parser_info),
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    SETTING_DEFINE_LIST_END
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen};
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainenstatic struct auth_root_settings auth_root_default_settings = {
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(auths) ARRAY_INIT
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen};
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainenstruct setting_parser_info auth_root_setting_parser_info = {
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(defines) auth_root_setting_defines,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(defaults) &auth_root_default_settings,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(parent) NULL,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(dynamic_parsers) NULL,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(parent_offset) (size_t)-1,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(type_offset) (size_t)-1,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    MEMBER(struct_size) sizeof(struct auth_root_settings)
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen};
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainenstruct auth_settings *
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainenauth_settings_read(struct master_service *service, const char *name)
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen{
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    static const struct setting_parser_info *set_roots[] = {
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen        &auth_root_setting_parser_info,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen        NULL
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    };
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    const char *error;
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    void **sets;
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    struct auth_settings *const *auths;
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    struct auth_root_settings *set;
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    unsigned int i, count;
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen    if (master_service_settings_read(service, set_roots, NULL, FALSE,
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen                     &error) < 0)
d6a7cb184cc882a90aa3d9312082e0029f354ff6Timo Sirainen        i_fatal("Error reading configuration: %s", error);
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen    sets = master_service_settings_get_others(service);
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen    set = sets[0];
cc935aff970ed6c24d136cc560c7e705a49d536cTimo Sirainen
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen    if (array_is_created(&set->auths)) {
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen        auths = array_get(&set->auths, &count);
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen        for (i = 0; i < count; i++) {
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen            if (strcmp(auths[i]->name, name) == 0)
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen                return auths[i];
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen        }
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen    }
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen    i_fatal("Error reading configuration: No auth section: %s", name);
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen}
f5e8a76a128d4e92f0641135183c164fd5c5ce5eTimo Sirainen