diff --git a/src/doveadm/doveadm-auth.c b/src/doveadm/doveadm-auth.c index 26183724bd..55aa9b1553 100644 --- a/src/doveadm/doveadm-auth.c +++ b/src/doveadm/doveadm-auth.c @@ -176,6 +176,8 @@ static void auth_connected(struct auth_client *client, info.remote_ip = input->info.remote_ip; info.remote_port = input->info.remote_port; info.initial_resp_base64 = str_c(base64_resp); + if (doveadm_settings->auth_debug) + info.flags |= AUTH_REQUEST_FLAG_DEBUG; input->request = auth_client_request_new(client, &info, auth_callback, input); @@ -280,15 +282,20 @@ static void cmd_auth_cache_flush(int argc, char *argv[]) auth_master_deinit(&conn); } +static void authtest_input_init(struct authtest_input *input) +{ + memset(input, 0, sizeof(*input)); + input->info.service = "doveadm"; + input->info.debug = doveadm_settings->auth_debug; +} + static void cmd_auth_test(int argc, char *argv[]) { const char *auth_socket_path = NULL; struct authtest_input input; int c; - memset(&input, 0, sizeof(input)); - input.info.service = "doveadm"; - + authtest_input_init(&input); while ((c = getopt(argc, argv, "a:M:x:")) > 0) { switch (c) { case 'a': @@ -374,9 +381,7 @@ static void cmd_auth_login(int argc, char *argv[]) struct authtest_input input; int c; - memset(&input, 0, sizeof(input)); - input.info.service = "doveadm"; - + authtest_input_init(&input); auth_login_socket_path = t_strconcat(doveadm_settings->base_dir, "/auth-login", NULL); auth_master_socket_path = t_strconcat(doveadm_settings->base_dir, @@ -433,9 +438,7 @@ static void cmd_auth_lookup(int argc, char *argv[]) bool first = TRUE; int c, ret; - memset(&input, 0, sizeof(input)); - input.info.service = "doveadm"; - + authtest_input_init(&input); while ((c = getopt(argc, argv, "a:f:x:")) > 0) { switch (c) { case 'a': @@ -507,6 +510,7 @@ static int cmd_user_mail_input(struct mail_storage_service_ctx *storage_service, service_input.local_port = input->info.local_port; service_input.remote_ip = input->info.remote_ip; service_input.remote_port = input->info.remote_port; + service_input.debug = input->info.debug; pool = pool_alloconly_create("userdb fields", 1024); mail_storage_service_save_userdb_fields(storage_service, pool, @@ -567,9 +571,7 @@ static void cmd_user(int argc, char *argv[]) bool have_wildcards, userdb_only = FALSE, first = TRUE; int c, ret; - memset(&input, 0, sizeof(input)); - input.info.service = "doveadm"; - + authtest_input_init(&input); while ((c = getopt(argc, argv, "a:f:ux:")) > 0) { switch (c) { case 'a': diff --git a/src/doveadm/doveadm-settings.c b/src/doveadm/doveadm-settings.c index 5618a39a1b..df1228415d 100644 --- a/src/doveadm/doveadm-settings.c +++ b/src/doveadm/doveadm-settings.c @@ -56,6 +56,7 @@ static const struct setting_define doveadm_setting_defines[] = { DEF(SET_STR, libexec_dir), DEF(SET_STR, mail_plugins), DEF(SET_STR, mail_plugin_dir), + DEF(SET_BOOL, auth_debug), DEF(SET_STR, auth_socket_path), DEF(SET_STR, doveadm_socket_path), DEF(SET_UINT, doveadm_worker_count), @@ -81,6 +82,7 @@ const struct doveadm_settings doveadm_default_settings = { .libexec_dir = PKG_LIBEXECDIR, .mail_plugins = "", .mail_plugin_dir = MODULEDIR, + .auth_debug = FALSE, .auth_socket_path = "auth-userdb", .doveadm_socket_path = "doveadm-server", .doveadm_worker_count = 0, diff --git a/src/doveadm/doveadm-settings.h b/src/doveadm/doveadm-settings.h index 10c6e69a32..07ecd3d940 100644 --- a/src/doveadm/doveadm-settings.h +++ b/src/doveadm/doveadm-settings.h @@ -8,6 +8,7 @@ struct doveadm_settings { const char *libexec_dir; const char *mail_plugins; const char *mail_plugin_dir; + bool auth_debug; const char *auth_socket_path; const char *doveadm_socket_path; unsigned int doveadm_worker_count; diff --git a/src/lib-auth/auth-client-request.c b/src/lib-auth/auth-client-request.c index 6c72d7bc9c..fde65bf5a8 100644 --- a/src/lib-auth/auth-client-request.c +++ b/src/lib-auth/auth-client-request.c @@ -42,6 +42,8 @@ static void auth_server_send_new_request(struct auth_server_connection *conn, str_append(str, "\tno-penalty"); if ((info->flags & AUTH_REQUEST_FLAG_VALID_CLIENT_CERT) != 0) str_append(str, "\tvalid-client-cert"); + if ((info->flags & AUTH_REQUEST_FLAG_DEBUG) != 0) + str_append(str, "\tdebug"); if (info->session_id != NULL) { str_append(str, "\tsession="); diff --git a/src/lib-auth/auth-client.h b/src/lib-auth/auth-client.h index d4ec82019e..59cf3d46d9 100644 --- a/src/lib-auth/auth-client.h +++ b/src/lib-auth/auth-client.h @@ -13,7 +13,9 @@ enum auth_request_flags { /* Skip penalty checks for this request */ AUTH_REQUEST_FLAG_NO_PENALTY = 0x04, /* Support final SASL response */ - AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP = 0x08 + AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP = 0x08, + /* Enable auth_debug=yes logging for this request */ + AUTH_REQUEST_FLAG_DEBUG = 0x10 }; enum auth_request_status { diff --git a/src/lib-auth/auth-master.c b/src/lib-auth/auth-master.c index db4a24add0..a138417e20 100644 --- a/src/lib-auth/auth-master.c +++ b/src/lib-auth/auth-master.c @@ -467,6 +467,8 @@ auth_user_info_export(string_t *str, const struct auth_user_info *info) str_printfa(str, "\trip=%s", net_ip2addr(&info->remote_ip)); if (info->remote_port != 0) str_printfa(str, "\trport=%d", info->remote_port); + if (info->debug) + str_append(str, "\tdebug"); } int auth_master_user_lookup(struct auth_master_connection *conn, diff --git a/src/lib-auth/auth-master.h b/src/lib-auth/auth-master.h index 44e74d0fcf..07de9c230f 100644 --- a/src/lib-auth/auth-master.h +++ b/src/lib-auth/auth-master.h @@ -14,6 +14,7 @@ struct auth_user_info { const char *service; struct ip_addr local_ip, remote_ip; in_port_t local_port, remote_port; + bool debug; }; struct auth_user_reply {