mirrors/maddy
1
0
Fork 0
mirror of https://github.com/foxcpp/maddy.git synced 2025-04-04 21:47:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

endpoint: Clean-up dead auth_map code

Browse source
This commit is contained in:
fox.cpp 2025-01-24 23:12:45 +03:00
parent f9d49170af
commit 120c5c9ea2
No known key found for this signature in database
GPG key ID: 5B991F6215D2FCC0
4 changed files with 7 additions and 62 deletions
Download patch file Download diff file Expand all files Collapse all files

9
internal/endpoint/dovecot_sasld/dovecot_sasl.go
View file

@ -44,9 +44,6 @@ type Endpoint struct {
listenersWg sync.WaitGroup listenersWg sync.WaitGroup
authNormalize authz.NormalizeFunc
authMap module.Table
srv *dovecotsasl.Server srv *dovecotsasl.Server
} }
@ -74,8 +71,8 @@ func (endp *Endpoint) Init(cfg *config.Map) error {
}) })
cfg.Bool("sasl_login", false, false, &endp.saslAuth.EnableLogin) cfg.Bool("sasl_login", false, false, &endp.saslAuth.EnableLogin)
config.EnumMapped(cfg, "auth_map_normalize", true, false, authz.NormalizeFuncs, authz.NormalizeAuto, config.EnumMapped(cfg, "auth_map_normalize", true, false, authz.NormalizeFuncs, authz.NormalizeAuto,
&endp.authNormalize) &endp.saslAuth.AuthNormalize)
modconfig.Table(cfg, "auth_map", true, false, nil, &endp.authMap) modconfig.Table(cfg, "auth_map", true, false, nil, &endp.saslAuth.AuthMap)
if _, err := cfg.Process(); err != nil { if _, err := cfg.Process(); err != nil {
return err return err
} }
@ -83,8 +80,6 @@ func (endp *Endpoint) Init(cfg *config.Map) error {
endp.srv = dovecotsasl.NewServer() endp.srv = dovecotsasl.NewServer()
endp.srv.Log = stdlog.New(endp.log, "", 0) endp.srv.Log = stdlog.New(endp.log, "", 0)
endp.saslAuth.AuthMap = endp.authMap
endp.saslAuth.AuthNormalize = endp.authNormalize
for _, mech := range endp.saslAuth.SASLMechanisms() { for _, mech := range endp.saslAuth.SASLMechanisms() {
mech := mech mech := mech
endp.srv.AddMechanism(mech, mechInfo[mech], func(req *dovecotsasl.AuthReq) sasl.Server { endp.srv.AddMechanism(mech, mechInfo[mech], func(req *dovecotsasl.AuthReq) sasl.Server {

29
internal/endpoint/imap/imap.go
View file

@ -62,8 +62,6 @@ type Endpoint struct {
storageNormalize authz.NormalizeFunc storageNormalize authz.NormalizeFunc
storageMap module.Table storageMap module.Table
authNormalize authz.NormalizeFunc
authMap module.Table
Log log.Logger Log log.Logger
} }
@ -102,8 +100,8 @@ func (endp *Endpoint) Init(cfg *config.Map) error {
&endp.storageNormalize) &endp.storageNormalize)
modconfig.Table(cfg, "storage_map", false, false, nil, &endp.storageMap) modconfig.Table(cfg, "storage_map", false, false, nil, &endp.storageMap)
config.EnumMapped(cfg, "auth_map_normalize", true, false, authz.NormalizeFuncs, authz.NormalizeAuto, config.EnumMapped(cfg, "auth_map_normalize", true, false, authz.NormalizeFuncs, authz.NormalizeAuto,
&endp.authNormalize) &endp.saslAuth.AuthNormalize)
modconfig.Table(cfg, "auth_map", true, false, nil, &endp.authMap) modconfig.Table(cfg, "auth_map", true, false, nil, &endp.saslAuth.AuthMap)
if _, err := cfg.Process(); err != nil { if _, err := cfg.Process(); err != nil {
return err return err
} }
@ -140,8 +138,6 @@ func (endp *Endpoint) Init(cfg *config.Map) error {
return err return err
} }
endp.saslAuth.AuthNormalize = endp.authNormalize
endp.saslAuth.AuthMap = endp.authMap
for _, mech := range endp.saslAuth.SASLMechanisms() { for _, mech := range endp.saslAuth.SASLMechanisms() {
mech := mech mech := mech
endp.serv.EnableAuth(mech, func(c imapserver.Conn) sasl.Server { endp.serv.EnableAuth(mech, func(c imapserver.Conn) sasl.Server {
@ -217,27 +213,6 @@ func (endp *Endpoint) Close() error {
return nil return nil
} }
func (endp *Endpoint) usernameForAuth(ctx context.Context, saslUsername string) (string, error) {
saslUsername, err := endp.authNormalize(saslUsername)
if err != nil {
return "", err
}
if endp.authMap == nil {
return saslUsername, nil
}
mapped, ok, err := endp.authMap.Lookup(ctx, saslUsername)
if err != nil {
return "", err
}
if !ok {
return "", imapbackend.ErrInvalidCredentials
}
return mapped, nil
}
func (endp *Endpoint) usernameForStorage(ctx context.Context, saslUsername string) (string, error) { func (endp *Endpoint) usernameForStorage(ctx context.Context, saslUsername string) (string, error) {
saslUsername, err := endp.storageNormalize(saslUsername) saslUsername, err := endp.storageNormalize(saslUsername)
if err != nil { if err != nil {

2
internal/endpoint/smtp/session.go
View file

@ -435,7 +435,7 @@ func (s *Session) Logout() error {
} }
func (s *Session) prepareBody(r io.Reader) (textproto.Header, buffer.Buffer, error) { func (s *Session) prepareBody(r io.Reader) (textproto.Header, buffer.Buffer, error) {
limitr := limitReader(r, int64(s.endp.maxHeaderBytes), &exterrors.SMTPError{ limitr := limitReader(r, s.endp.maxHeaderBytes, &exterrors.SMTPError{
Code: 552, Code: 552,
EnhancedCode: exterrors.EnhancedCode{5, 3, 4}, EnhancedCode: exterrors.EnhancedCode{5, 3, 4},
Message: "Message header size exceeds limit", Message: "Message header size exceeds limit",

29
internal/endpoint/smtp/smtp.go
View file

@ -252,8 +252,8 @@ func (endp *Endpoint) setConfig(cfg *config.Map) error {
cfg.Bool("sasl_login", false, false, &endp.saslAuth.EnableLogin) cfg.Bool("sasl_login", false, false, &endp.saslAuth.EnableLogin)
cfg.String("hostname", true, true, "", &hostname) cfg.String("hostname", true, true, "", &hostname)
config.EnumMapped(cfg, "auth_map_normalize", true, false, authz.NormalizeFuncs, authz.NormalizeAuto, config.EnumMapped(cfg, "auth_map_normalize", true, false, authz.NormalizeFuncs, authz.NormalizeAuto,
&endp.authNormalize) &endp.saslAuth.AuthNormalize)
modconfig.Table(cfg, "auth_map", true, false, nil, &endp.authMap) modconfig.Table(cfg, "auth_map", true, false, nil, &endp.saslAuth.AuthMap)
cfg.Duration("write_timeout", false, false, 1*time.Minute, &endp.serv.WriteTimeout) cfg.Duration("write_timeout", false, false, 1*time.Minute, &endp.serv.WriteTimeout)
cfg.Duration("read_timeout", false, false, 10*time.Minute, &endp.serv.ReadTimeout) cfg.Duration("read_timeout", false, false, 10*time.Minute, &endp.serv.ReadTimeout)
cfg.DataSize("max_message_size", false, false, 32*1024*1024, &endp.serv.MaxMessageBytes) cfg.DataSize("max_message_size", false, false, 32*1024*1024, &endp.serv.MaxMessageBytes)
@ -358,31 +358,6 @@ func (endp *Endpoint) setupListeners(addresses []config.Endpoint) error {
return nil return nil
} }
func (endp *Endpoint) usernameForAuth(ctx context.Context, saslUsername string) (string, error) {
saslUsername, err := endp.authNormalize(saslUsername)
if err != nil {
return "", err
}
if endp.authMap == nil {
return saslUsername, nil
}
mapped, ok, err := endp.authMap.Lookup(ctx, saslUsername)
if err != nil {
return "", err
}
if !ok {
return "", &smtp.SMTPError{
Code: 535,
EnhancedCode: smtp.EnhancedCode{5, 7, 8},
Message: "Invalid credentials",
}
}
return mapped, nil
}
func (endp *Endpoint) NewSession(conn *smtp.Conn) (smtp.Session, error) { func (endp *Endpoint) NewSession(conn *smtp.Conn) (smtp.Session, error) {
sess := endp.newSession(conn) sess := endp.newSession(conn)