diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2016-11-03 17:59:06 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2016-11-03 18:07:28 +0200 |
commit | edb05144ade1984e28d88cfaea7c2fb0ec675f5b (patch) | |
tree | 0a06f61a55274abbdcd0daa921084783fc5d828a /libmu_auth | |
parent | d644964e497147d7a3ee0e0693f37ec917a6c738 (diff) | |
download | mailutils-edb05144ade1984e28d88cfaea7c2fb0ec675f5b.tar.gz mailutils-edb05144ade1984e28d88cfaea7c2fb0ec675f5b.tar.bz2 |
Fix docs. Change argument of the field-map configuration statement
The field-map statement (.ldap.field-map & .sql.field-map) takes a
list of mappings as argument. For compatibility and for internal purposes,
a string is still allowed.
* doc/texinfo/programs.texi: Update.
* include/mailutils/cfg.h (mu_cfg_field_map): New proto.
* include/mailutils/sql.h (mu_password_type): Rename.
(mu_sql_module_config) <positional>: Remove.
(mu_sql_decode_password_type): Remove prototype.
* libmailutils/base/mutil.c (mu_sql_decode_password_type): Remove
function.
* libmailutils/cfg/driver.c (mu_cfg_field_map): New function.
* libmu_auth/ldap.c (cb_field_map): Use mu_cfg_field_map.
(module_init): Fix default filter.
* libmu_auth/sql.c (cb_field_map): Use mu_cfg_field_map.
(mu_sql_param): Rename "password-type" statement to "password-encryption".
Remove the "positional" statement.
Diffstat (limited to 'libmu_auth')
-rw-r--r-- | libmu_auth/gsasl.c | 10 | ||||
-rw-r--r-- | libmu_auth/ldap.c | 36 | ||||
-rw-r--r-- | libmu_auth/sql.c | 130 |
3 files changed, 60 insertions, 116 deletions
diff --git a/libmu_auth/gsasl.c b/libmu_auth/gsasl.c index d1f3b54d9..1e5ce20a4 100644 --- a/libmu_auth/gsasl.c +++ b/libmu_auth/gsasl.c @@ -39,12 +39,8 @@ #include <gsasl.h> struct mu_gsasl_module_data mu_gsasl_module_data = { - 1, - NULL, - NULL, - NULL, - NULL, - SITE_CRAM_MD5_PWD + .enable = 1, + .cram_md5_pwd = SITE_CRAM_MD5_PWD }; static struct mu_cfg_param mu_gsasl_param[] = { @@ -65,7 +61,7 @@ static struct mu_cfg_param mu_gsasl_param[] = { { "anonymous-user", mu_c_string, &mu_gsasl_module_data.anon_user, 0, NULL, N_("Anonymous user name."), N_("name") }, - + { NULL } }; diff --git a/libmu_auth/ldap.c b/libmu_auth/ldap.c index ac3955839..4798b563c 100644 --- a/libmu_auth/ldap.c +++ b/libmu_auth/ldap.c @@ -60,24 +60,22 @@ const char *default_field_map = "shell=loginShell"; static struct mu_ldap_module_config ldap_param; - - static int -_cb2_field_map (const char *arg, void *data) +cb_field_map (void *data, mu_config_value_t *val) { - int err; - int rc = mutil_parse_field_map (arg, &ldap_param.field_map, &err); + char *err_term; + int rc = mu_cfg_field_map (val, &ldap_param.field_map, &err_term); + if (rc) - /* FIXME: this message can be misleading */ - mu_error (_("error near element %d: %s"), err, mu_strerror (rc)); - return 0; -} + { + if (err_term) + mu_error (_("error near %s: %s"), err_term, mu_strerror (rc)); + else + mu_error ("%s", mu_strerror (rc)); + } -static int -cb_field_map (void *data, mu_config_value_t *val) -{ - return mu_cfg_string_value_cb (val, _cb2_field_map, NULL); + return rc; } static struct mu_cfg_param mu_ldap_param[] = { @@ -140,14 +138,18 @@ module_init (void *ptr) if (ldap_param.enable) { if (!ldap_param.getpwnam_filter) - ldap_param.getpwnam_filter = "(&(objectClass=posixAccount) (uid=%u))"; + ldap_param.getpwnam_filter = + "(&(objectClass=posixAccount) (uid=$user))"; if (!ldap_param.getpwuid_filter) ldap_param.getpwuid_filter = - "&(objectClass=posixAccount) (uidNumber=%u))"; + "(&(objectClass=posixAccount) (uidNumber=$user))"; if (!ldap_param.field_map) { - int d; - mutil_parse_field_map (default_field_map, &ldap_param.field_map, &d); + struct mu_config_value val; + val.type = MU_CFG_STRING; + val.v.string = default_field_map; + if (mu_cfg_field_map (&val, &ldap_param.field_map, NULL)) + abort (); } } } diff --git a/libmu_auth/sql.c b/libmu_auth/sql.c index e40b7109a..6dbe66492 100644 --- a/libmu_auth/sql.c +++ b/libmu_auth/sql.c @@ -51,38 +51,53 @@ #include <mailutils/cstr.h> #include <mailutils/wordsplit.h> #include <mailutils/cli.h> +#include <mailutils/kwd.h> #include "sql.h" #ifdef USE_SQL struct mu_sql_module_config mu_sql_module_config; + /* Resource file configuration */ + +static struct mu_kwd password_encryption[] = { + { "plain", mu_sql_password_plaintext }, + { "scrambled", mu_sql_password_scrambled }, + { "hash", mu_sql_password_hash }, + { "crypt", mu_sql_password_hash }, + { NULL } +}; + static int -cb_password_type (void *data, mu_config_value_t *val) +cb_password_encryption (void *data, mu_config_value_t *val) { + int res; + if (mu_cfg_assert_value_type (val, MU_CFG_STRING)) return 1; - - if (mu_sql_decode_password_type (val->v.string, &mu_sql_module_config.password_type)) - mu_error (_("unknown password type `%s'"), val->v.string); - return 0; -} -static int -_cb2_field_map (const char *arg, void *data) -{ - int err; - int rc = mutil_parse_field_map (arg, &mu_sql_module_config.field_map, &err); - if (rc) - /* FIXME: this message may be misleading */ - mu_error (_("error near element %d: %s"), err, mu_strerror (rc)); + if (mu_kwd_xlat_name (password_encryption, val->v.string, &res)) + mu_error ("%s", _("unrecognized password encryption")); + else + mu_sql_module_config.password_encryption = res; return 0; } static int cb_field_map (void *data, mu_config_value_t *val) { - return mu_cfg_string_value_cb (val, _cb2_field_map, NULL); + char *err_term; + int rc = mu_cfg_field_map (val, &mu_sql_module_config.field_map, &err_term); + + if (rc) + { + if (err_term) + mu_error (_("error near %s: %s"), err_term, mu_strerror (rc)); + else + mu_error ("%s", mu_strerror (rc)); + } + + return rc; } static int @@ -124,12 +139,10 @@ static struct mu_cfg_param mu_sql_param[] = { N_("SQL server port.") }, { "db", mu_c_string, &mu_sql_module_config.db, 0, NULL, N_("Database name.") }, - { "password-type", mu_cfg_callback, NULL, 0, cb_password_type, + { "password-encryption", mu_cfg_callback, NULL, 0, cb_password_encryption, N_("Type of password returned by getpass query."), /* TRANSLATORS: Words to the right of : are keywords - do not translate */ - N_("arg: plain|hash|scrambled") }, - { "positional", mu_c_bool, &mu_sql_module_config.positional, 0, NULL, - N_("Use positional (v1.0 compatible) field interface.") }, + N_("arg: plain|hash|crypt|scrambled") }, { "field-map", mu_cfg_callback, NULL, 0, cb_field_map, N_("Set a field-map for parsing SQL replies. The map is a " "column-separated list of definitions. Each definition has the " @@ -207,65 +220,8 @@ mu_sql_expand_query (const char *query, const char *ustr) free (esc_ustr); return res; } - static int -decode_tuple_v1_0 (mu_sql_connection_t conn, int n, - struct mu_auth_data **return_data) -{ - int rc; - char *mailbox_name = NULL; - char *name; - - if (mu_sql_get_column (conn, 0, 0, &name)) - return MU_ERR_FAILURE; - - if (n == 7) - { - char *tmp; - if (mu_sql_get_column (conn, 0, 6, &tmp)) - return MU_ERR_FAILURE; - if (tmp && (mailbox_name = strdup (tmp)) == NULL) - return ENOMEM; - } - else if (mu_construct_user_mailbox_url (&mailbox_name, name)) - return MU_ERR_FAILURE; - - if (mailbox_name) - { - char *passwd, *suid, *sgid, *dir, *shell; - - if (mu_sql_get_column (conn, 0, 1, &passwd) - || !passwd - || mu_sql_get_column (conn, 0, 2, &suid) - || !suid - || mu_sql_get_column (conn, 0, 3, &sgid) - || !sgid - || mu_sql_get_column (conn, 0, 4, &dir) - || !dir - || mu_sql_get_column (conn, 0, 5, &shell) - || !shell) - return MU_ERR_FAILURE; - - rc = mu_auth_data_alloc (return_data, - name, - passwd, - atoi (suid), - atoi (sgid), - "SQL User", - dir, - shell, - mailbox_name, - 1); - } - else - rc = MU_ERR_AUTH_FAILURE; - - free (mailbox_name); - return rc; -} - -static int get_field (mu_sql_connection_t conn, const char *id, char **ret, int mandatory) { const char **name = mu_assoc_ref (mu_sql_module_config.field_map, id); @@ -292,8 +248,8 @@ get_field (mu_sql_connection_t conn, const char *id, char **ret, int mandatory) } static int -decode_tuple_new (mu_sql_connection_t conn, int n, - struct mu_auth_data **return_data) +decode_tuple (mu_sql_connection_t conn, int n, + struct mu_auth_data **return_data) { int rc; char *mailbox_name = NULL; @@ -403,16 +359,6 @@ decode_tuple_new (mu_sql_connection_t conn, int n, } static int -decode_tuple (mu_sql_connection_t conn, int n, - struct mu_auth_data **return_data) -{ - if (mu_sql_module_config.field_map || !mu_sql_module_config.positional) - return decode_tuple_new (conn, n, return_data); - else - return decode_tuple_v1_0 (conn, n, return_data); -} - -static int mu_auth_sql_by_name (struct mu_auth_data **return_data, const void *key, void *func_data MU_ARG_UNUSED, @@ -723,9 +669,9 @@ mu_sql_authenticate (struct mu_auth_data **return_data MU_ARG_UNUSED, if ((rc = mu_sql_getpass (auth_data->name, &sql_pass))) return rc; - switch (mu_sql_module_config.password_type) + switch (mu_sql_module_config.password_encryption) { - case password_hash: + case mu_sql_password_hash: crypt_pass = crypt (pass, sql_pass); if (!crypt_pass) rc = 1; @@ -733,7 +679,7 @@ mu_sql_authenticate (struct mu_auth_data **return_data MU_ARG_UNUSED, rc = strcmp (sql_pass, crypt_pass); break; - case password_scrambled: + case mu_sql_password_scrambled: /* FIXME: Should this call be implementation-independent? I mean, should we have mu_sql_check_scrambled() that will match the password depending on the exact type of the underlying database, @@ -745,7 +691,7 @@ mu_sql_authenticate (struct mu_auth_data **return_data MU_ARG_UNUSED, #endif break; - case password_plaintext: + case mu_sql_password_plaintext: rc = strcmp (sql_pass, pass); break; } |