src/lib-auth/auth-server-connection.c

	auth-server-connection.c revision 366e81c4f5329857fefb4bc7751fb72d5dd28959
e59faf65ce864fe95dc00f5d52b8323cdbd0608aTimo Sirainen/* Copyright (c) 2003-2010 Dovecot authors, see the included COPYING file */
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen#include "lib.h"
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen#include "array.h"
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen#include "hash.h"
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen#include "ioloop.h"
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen#include "istream.h"
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen#include "ostream.h"
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen#include "network.h"
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen#include "eacces-error.h"
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen#include "auth-client-private.h"
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen#include "auth-client-request.h"
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen#include "auth-server-connection.h"
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen#include <unistd.h>
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen#include <stdlib.h>
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen#define AUTH_SERVER_CONN_MAX_LINE_LENGTH AUTH_CLIENT_MAX_LINE_LENGTH
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen#define AUTH_HANDSHAKE_TIMEOUT (30*1000)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen#define AUTH_SERVER_RECONNECT_TIMEOUT_SECS 5
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic void
63b70dd3e4b4d68a02b1bf7d78e92076210e3e1aTimo Sirainenauth_server_connection_reconnect(struct auth_server_connection *conn);
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic int
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenauth_server_input_mech(struct auth_server_connection *conn,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen               const char *const *args)
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen{
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen    struct auth_mech_desc mech_desc;
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    if (conn->handshake_received) {
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen        i_error("BUG: Authentication server already sent handshake");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen    }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (args[0] == NULL) {
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen        i_error("BUG: Authentication server sent broken MECH line");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    }
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    memset(&mech_desc, 0, sizeof(mech_desc));
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    mech_desc.name = p_strdup(conn->pool, args[0]);
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    if (strcmp(mech_desc.name, "PLAIN") == 0)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen        conn->has_plain_mech = TRUE;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    for (args++; *args != NULL; args++) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        if (strcmp(*args, "private") == 0)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen            mech_desc.flags |= MECH_SEC_PRIVATE;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        else if (strcmp(*args, "anonymous") == 0)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen            mech_desc.flags |= MECH_SEC_ANONYMOUS;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        else if (strcmp(*args, "plaintext") == 0)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen            mech_desc.flags |= MECH_SEC_PLAINTEXT;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        else if (strcmp(*args, "dictionary") == 0)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen            mech_desc.flags |= MECH_SEC_DICTIONARY;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        else if (strcmp(*args, "active") == 0)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen            mech_desc.flags |= MECH_SEC_ACTIVE;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        else if (strcmp(*args, "forward-secrecy") == 0)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen            mech_desc.flags |= MECH_SEC_FORWARD_SECRECY;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        else if (strcmp(*args, "mutual-auth") == 0)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen            mech_desc.flags |= MECH_SEC_MUTUAL_AUTH;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    array_append(&conn->available_auth_mechs, &mech_desc, 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return 0;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen}
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic int
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenauth_server_input_spid(struct auth_server_connection *conn,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen               const char *const *args)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen{
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    if (conn->handshake_received) {
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen        i_error("BUG: Authentication server already sent handshake");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    }
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->server_pid = (unsigned int)strtoul(args[0], NULL, 10);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return 0;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen}
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic int
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenauth_server_input_cuid(struct auth_server_connection *conn,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen               const char *const *args)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen{
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    if (conn->handshake_received) {
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen        i_error("BUG: Authentication server already sent handshake");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen    }
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen    if (args[0] == NULL) {
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        i_error("BUG: Authentication server sent broken CUID line");
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        return -1;
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen    }
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->connect_uid = (unsigned int)strtoul(args[0], NULL, 10);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return 0;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen}
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainenstatic int
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainenauth_server_input_cookie(struct auth_server_connection *conn,
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen             const char *const *args)
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen{
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen    if (conn->cookie != NULL) {
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        i_error("BUG: Authentication server already sent cookie");
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        return -1;
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen    }
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen    conn->cookie = p_strdup(conn->pool, args[0]);
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen    return 0;
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen}
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic int auth_server_input_done(struct auth_server_connection *conn)
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (array_count(&conn->available_auth_mechs) == 0) {
e2ae85924b0ef1a7c97e021a3b901b498f599c18Timo Sirainen        i_error("BUG: Authentication server returned no mechanisms");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
e2ae85924b0ef1a7c97e021a3b901b498f599c18Timo Sirainen    }
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen    if (conn->cookie == NULL) {
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        i_error("BUG: Authentication server didn't send a cookie");
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        return -1;
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen    }
e2ae85924b0ef1a7c97e021a3b901b498f599c18Timo Sirainen
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen    if (conn->to != NULL)
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen        timeout_remove(&conn->to);
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    conn->handshake_received = TRUE;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (conn->client->connect_notify_callback != NULL) {
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen        conn->client->connect_notify_callback(conn->client, TRUE,
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen                conn->client->connect_notify_context);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return 0;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen}
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic int
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenauth_server_lookup_request(struct auth_server_connection *conn,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen               const char *id_arg, bool remove,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen               struct auth_client_request **request_r)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    struct auth_client_request *request;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    unsigned int id;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (id_arg == NULL) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        i_error("BUG: Authentication server input missing ID");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    id = (unsigned int)strtoul(id_arg, NULL, 10);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    request = hash_table_lookup(conn->requests, POINTER_CAST(id));
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (request == NULL) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        i_error("BUG: Authentication server sent unknown id %u", id);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (remove || auth_client_request_is_aborted(request))
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        hash_table_remove(conn->requests, POINTER_CAST(id));
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    *request_r = request;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return 0;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen}
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic int
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenauth_server_input_ok(struct auth_server_connection *conn,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen             const char *const *args)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    struct auth_client_request *request;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (auth_server_lookup_request(conn, args[0], TRUE, &request) < 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    auth_client_request_server_input(request, AUTH_REQUEST_STATUS_OK,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                     args + 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return 0;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen}
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic int auth_server_input_cont(struct auth_server_connection *conn,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                  const char *const *args)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    struct auth_client_request *request;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (str_array_length(args) < 2) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        i_error("BUG: Authentication server sent broken CONT line");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (auth_server_lookup_request(conn, args[0], FALSE, &request) < 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    auth_client_request_server_input(request, AUTH_REQUEST_STATUS_CONTINUE,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                     args + 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return 0;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen}
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic int auth_server_input_fail(struct auth_server_connection *conn,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                  const char *const *args)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    struct auth_client_request *request;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (auth_server_lookup_request(conn, args[0], TRUE, &request) < 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    auth_client_request_server_input(request, AUTH_REQUEST_STATUS_FAIL,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                     args + 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return 0;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen}
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic int
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenauth_server_connection_input_line(struct auth_server_connection *conn,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                  const char *line)
eddd9bf1a1369aea4a2715f6be1137da6d17d293Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    const char *const *args;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (conn->client->debug)
e5acc283bf030b0b5c79ca4e52d315c516a299faPascal Volk        i_debug("auth input: %s", line);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    args = t_strsplit(line, "\t");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (strcmp(args[0], "OK") == 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return auth_server_input_ok(conn, args + 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    else if (strcmp(args[0], "CONT") == 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return auth_server_input_cont(conn, args + 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    else if (strcmp(args[0], "FAIL") == 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return auth_server_input_fail(conn, args + 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    else if (strcmp(args[0], "MECH") == 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return auth_server_input_mech(conn, args + 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    else if (strcmp(args[0], "SPID") == 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return auth_server_input_spid(conn, args + 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    else if (strcmp(args[0], "CUID") == 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return auth_server_input_cuid(conn, args + 1);
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen    else if (strcmp(args[0], "COOKIE") == 0)
419baa2c17c63ae516b2df6cc5695f15aaccbff8Timo Sirainen        return auth_server_input_cookie(conn, args + 1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    else if (strcmp(args[0], "DONE") == 0)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return auth_server_input_done(conn);
eddd9bf1a1369aea4a2715f6be1137da6d17d293Timo Sirainen    else {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        i_error("Auth server sent unknown command: %s", args[0]);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
eddd9bf1a1369aea4a2715f6be1137da6d17d293Timo Sirainen    }
eddd9bf1a1369aea4a2715f6be1137da6d17d293Timo Sirainen}
eddd9bf1a1369aea4a2715f6be1137da6d17d293Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic void auth_server_connection_input(struct auth_server_connection *conn)
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen{
b6e1d85292485a7fb4cfa5f40dd1ec131ab07cc1Timo Sirainen    struct istream *input;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    const char *line;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    int ret;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    switch (i_stream_read(conn->input)) {
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    case 0:
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen        return;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    case -1:
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen        /* disconnected */
63b70dd3e4b4d68a02b1bf7d78e92076210e3e1aTimo Sirainen        auth_server_connection_reconnect(conn);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen        return;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    case -2:
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen        /* buffer full - can't happen unless auth is buggy */
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen        i_error("BUG: Auth server sent us more than %d bytes of data",
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            AUTH_SERVER_CONN_MAX_LINE_LENGTH);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        auth_server_connection_disconnect(conn);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen        return;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    }
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (!conn->version_received) {
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen        line = i_stream_next_line(conn->input);
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen        if (line == NULL)
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen            return;
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen        /* make sure the major version matches */
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen        if (strncmp(line, "VERSION\t", 8) != 0 ||
4b8c92b4773677a7b4064816e469eeafc976ba75Timo Sirainen            atoi(t_strcut(line + 8, '\t')) !=
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen            AUTH_CLIENT_PROTOCOL_MAJOR_VERSION) {
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen            i_error("Authentication server not compatible with "
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen                "this client (mixed old and new binaries?)");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            auth_server_connection_disconnect(conn);
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen            return;
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen        }
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen        conn->version_received = TRUE;
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen    }
b0df0e9a8ed8889ad4bf032043ab245ce8851fdeTimo Sirainen
b6e1d85292485a7fb4cfa5f40dd1ec131ab07cc1Timo Sirainen    input = conn->input;
b6e1d85292485a7fb4cfa5f40dd1ec131ab07cc1Timo Sirainen    i_stream_ref(input);
b6e1d85292485a7fb4cfa5f40dd1ec131ab07cc1Timo Sirainen    while ((line = i_stream_next_line(input)) != NULL && !input->closed) {
19e8adccba16ff419f5675b1575358c2956dce83Timo Sirainen        T_BEGIN {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            ret = auth_server_connection_input_line(conn, line);
19e8adccba16ff419f5675b1575358c2956dce83Timo Sirainen        } T_END;
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        if (ret < 0) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            auth_server_connection_disconnect(conn);
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen            break;
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen        }
73bfdbe28c2ce6d143eadf0bab8ccfbe4cab0faeTimo Sirainen    }
b6e1d85292485a7fb4cfa5f40dd1ec131ab07cc1Timo Sirainen    i_stream_unref(&input);
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen}
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainenstruct auth_server_connection *
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenauth_server_connection_init(struct auth_client *client)
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen{
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    struct auth_server_connection *conn;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    pool_t pool;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    pool = pool_alloconly_create("auth server connection", 1024);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    conn = p_new(pool, struct auth_server_connection, 1);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    conn->pool = pool;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    conn->client = client;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->fd = -1;
3ccab0bac68040f179a7de45c516cec258e28fdbTimo Sirainen    conn->requests = hash_table_create(default_pool, pool, 100, NULL, NULL);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    i_array_init(&conn->available_auth_mechs, 8);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    return conn;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen}
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic void
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenauth_server_connection_remove_requests(struct auth_server_connection *conn)
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    static const char *const temp_failure_args[] = { "temp", NULL };
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    struct hash_iterate_context *iter;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    void *key, *value;
d5cebe7f98e63d4e2822863ef2faa4971e8b3a5dTimo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    iter = hash_table_iterate_init(conn->requests);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    while (hash_table_iterate(iter, &key, &value)) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        struct auth_client_request *request = value;
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        auth_client_request_server_input(request,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                         AUTH_REQUEST_STATUS_FAIL,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                         temp_failure_args);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    hash_table_iterate_deinit(&iter);
bf05bf725add3686bdb1cb2723208b1562596d17Timo Sirainen    hash_table_clear(conn->requests, FALSE);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen}
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
63b70dd3e4b4d68a02b1bf7d78e92076210e3e1aTimo Sirainenvoid auth_server_connection_disconnect(struct auth_server_connection *conn)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen{
991367db5ec720fa0b764bbd6df21b7f7c654d2cTimo Sirainen    conn->handshake_received = FALSE;
991367db5ec720fa0b764bbd6df21b7f7c654d2cTimo Sirainen    conn->version_received = FALSE;
991367db5ec720fa0b764bbd6df21b7f7c654d2cTimo Sirainen    conn->has_plain_mech = FALSE;
991367db5ec720fa0b764bbd6df21b7f7c654d2cTimo Sirainen    conn->server_pid = 0;
991367db5ec720fa0b764bbd6df21b7f7c654d2cTimo Sirainen    conn->connect_uid = 0;
991367db5ec720fa0b764bbd6df21b7f7c654d2cTimo Sirainen    conn->cookie = NULL;
991367db5ec720fa0b764bbd6df21b7f7c654d2cTimo Sirainen    array_clear(&conn->available_auth_mechs);
991367db5ec720fa0b764bbd6df21b7f7c654d2cTimo Sirainen
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen    if (conn->to != NULL)
0cb5a9bfbf40b3b323956792aa13d342a459585eTimo Sirainen        timeout_remove(&conn->to);
d5cebe7f98e63d4e2822863ef2faa4971e8b3a5dTimo Sirainen    if (conn->io != NULL)
d5cebe7f98e63d4e2822863ef2faa4971e8b3a5dTimo Sirainen        io_remove(&conn->io);
e63aa0fe623cee01975d57755381e2b873e5bf93Timo Sirainen    if (conn->fd != -1) {
e63aa0fe623cee01975d57755381e2b873e5bf93Timo Sirainen        i_stream_destroy(&conn->input);
e63aa0fe623cee01975d57755381e2b873e5bf93Timo Sirainen        o_stream_destroy(&conn->output);
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen
e63aa0fe623cee01975d57755381e2b873e5bf93Timo Sirainen        if (close(conn->fd) < 0)
e63aa0fe623cee01975d57755381e2b873e5bf93Timo Sirainen            i_error("close(auth server connection) failed: %m");
e63aa0fe623cee01975d57755381e2b873e5bf93Timo Sirainen        conn->fd = -1;
e63aa0fe623cee01975d57755381e2b873e5bf93Timo Sirainen    }
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    auth_server_connection_remove_requests(conn);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (conn->client->connect_notify_callback != NULL) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        conn->client->connect_notify_callback(conn->client, FALSE,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                conn->client->connect_notify_context);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    }
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen}
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic void auth_server_reconnect_timeout(struct auth_server_connection *conn)
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    (void)auth_server_connection_connect(conn);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen}
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic void
63b70dd3e4b4d68a02b1bf7d78e92076210e3e1aTimo Sirainenauth_server_connection_reconnect(struct auth_server_connection *conn)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    time_t next_connect;
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen
63b70dd3e4b4d68a02b1bf7d78e92076210e3e1aTimo Sirainen    auth_server_connection_disconnect(conn);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    next_connect = conn->last_connect + AUTH_SERVER_RECONNECT_TIMEOUT_SECS;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->to = timeout_add(ioloop_time >= next_connect ? 0 :
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                   (next_connect - ioloop_time) * 1000,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                   auth_server_reconnect_timeout, conn);
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen}
a272994d43de80a306a8ed1f2983960d1f3102d0Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenvoid auth_server_connection_deinit(struct auth_server_connection **_conn)
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        struct auth_server_connection *conn = *_conn;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    *_conn = NULL;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
63b70dd3e4b4d68a02b1bf7d78e92076210e3e1aTimo Sirainen    auth_server_connection_disconnect(conn);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    hash_table_destroy(&conn->requests);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    array_free(&conn->available_auth_mechs);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    pool_unref(&conn->pool);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen}
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenstatic void auth_client_handshake_timeout(struct auth_server_connection *conn)
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    i_error("Timeout waiting for handshake from auth server. "
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        "my pid=%u, input bytes=%"PRIuUOFF_T,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        conn->client->client_pid, conn->input->v_offset);
63b70dd3e4b4d68a02b1bf7d78e92076210e3e1aTimo Sirainen    auth_server_connection_reconnect(conn);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen}
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenint auth_server_connection_connect(struct auth_server_connection *conn)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    const char *handshake;
21c1655dbc5fe861a152dc9a8a388d0d64f5ae20Timo Sirainen    int fd;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    i_assert(conn->fd == -1);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->last_connect = ioloop_time;
366e81c4f5329857fefb4bc7751fb72d5dd28959Timo Sirainen    if (conn->to != NULL)
366e81c4f5329857fefb4bc7751fb72d5dd28959Timo Sirainen        timeout_remove(&conn->to);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    /* max. 1 second wait here. */
21c1655dbc5fe861a152dc9a8a388d0d64f5ae20Timo Sirainen    fd = net_connect_unix_with_retries(conn->client->auth_socket_path,
21c1655dbc5fe861a152dc9a8a388d0d64f5ae20Timo Sirainen                       1000);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (fd == -1) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        if (errno == EACCES) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            i_error("auth: %s",
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                eacces_error_get("connect",
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                    conn->client->auth_socket_path));
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        } else {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen            i_error("auth: connect(%s) failed: %m",
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                conn->client->auth_socket_path);
d1414c09cf0d58ac983054e2f4e1a1f329272dcfTimo Sirainen        }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->fd = fd;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->io = io_add(fd, IO_READ, auth_server_connection_input, conn);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->input = i_stream_create_fd(fd, AUTH_SERVER_CONN_MAX_LINE_LENGTH,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                     FALSE);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->output = o_stream_create_fd(fd, (size_t)-1, FALSE);
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    handshake = t_strdup_printf("VERSION\t%u\t%u\nCPID\t%u\n",
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                    AUTH_CLIENT_PROTOCOL_MAJOR_VERSION,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                                    AUTH_CLIENT_PROTOCOL_MINOR_VERSION,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                    conn->client->client_pid);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (o_stream_send_str(conn->output, handshake) < 0) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        i_warning("Error sending handshake to auth server: %m");
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        auth_server_connection_disconnect(conn);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        return -1;
f540662dd02e930cf704c1468cccd05d512bc663Timo Sirainen    }
f540662dd02e930cf704c1468cccd05d512bc663Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    conn->to = timeout_add(AUTH_HANDSHAKE_TIMEOUT,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                   auth_client_handshake_timeout, conn);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return 0;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen}
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenunsigned int
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainenauth_server_connection_add_request(struct auth_server_connection *conn,
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen                   struct auth_client_request *request)
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen{
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    unsigned int id;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    id = ++conn->client->request_id_counter;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    if (id == 0) {
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        /* wrapped - ID 0 not allowed */
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen        id = ++conn->client->request_id_counter;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    }
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    hash_table_insert(conn->requests, POINTER_CAST(id), request);
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    return id;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen}