Mercurial > dovecot > core-2.2
annotate src/auth/mech-login.c @ 22656:1789bf2a1e01
director: Make sure HOST-RESET-USERS isn't used with max_moving_users=0
The reset command would just hang in that case. doveadm would never have
sent this, so this is just an extra sanity check.
author | Timo Sirainen <timo.sirainen@dovecot.fi> |
---|---|
date | Sun, 05 Nov 2017 23:51:56 +0200 |
parents | 569d41d21ec3 |
children |
rev | line source |
---|---|
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1 /* |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 * LOGIN authentication mechanism. |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 * |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 * Copyright (c) 2004 Andrey Panin <pazke@donpac.ru> |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 * |
4382
f8d37e26a2b3
Relicensed dovecot-auth to MIT.
Timo Sirainen <tss@iki.fi>
parents:
4377
diff
changeset
|
6 * This software is released under the MIT license. |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 */ |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 |
9219
97cdfeb57129
Renamed headers to prevent collision if they were flattened on an install.
Mark Washenberger
parents:
8605
diff
changeset
|
9 #include "auth-common.h" |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include "mech.h" |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 #include "passdb.h" |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 #include "safe-memset.h" |
9219
97cdfeb57129
Renamed headers to prevent collision if they were flattened on an install.
Mark Washenberger
parents:
8605
diff
changeset
|
13 #include "mech-plain-common.h" |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
16 static void |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
17 mech_login_auth_continue(struct auth_request *request, |
3071 | 18 const unsigned char *data, size_t data_size) |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 { |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 static const char prompt2[] = "Password:"; |
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
21 const char *username, *error; |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
23 if (request->user == NULL) { |
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
24 username = t_strndup(data, data_size); |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
25 |
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
26 if (!auth_request_set_username(request, username, &error)) { |
17235
9b095cec9332
auth: Use special AUTH_SUBSYS_DB/MECH parameters as auth_request_log*() subsystem.
Timo Sirainen <tss@iki.fi>
parents:
11497
diff
changeset
|
27 auth_request_log_info(request, AUTH_SUBSYS_MECH, "%s", error); |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
28 auth_request_fail(request); |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
29 return; |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
30 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
31 |
11497
94f78f415811
auth: Removed unnecessary auth_request callback and context uses.
Timo Sirainen <tss@iki.fi>
parents:
10410
diff
changeset
|
32 auth_request_handler_reply_continue(request, prompt2, |
94f78f415811
auth: Removed unnecessary auth_request callback and context uses.
Timo Sirainen <tss@iki.fi>
parents:
10410
diff
changeset
|
33 strlen(prompt2)); |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
34 } else { |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
35 char *pass = p_strndup(unsafe_data_stack_pool, data, data_size); |
5830
0a08fa294c3b
Factor out duplicated verify_callback() function.
Andrey Panin <pazke@donpac.ru>
parents:
4782
diff
changeset
|
36 auth_request_verify_plain(request, pass, plain_verify_callback); |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
37 safe_memset(pass, 0, strlen(pass)); |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
38 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
39 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
40 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
41 static void |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
42 mech_login_auth_initial(struct auth_request *request, |
4377
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
43 const unsigned char *data, size_t data_size) |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 { |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
45 static const char prompt1[] = "Username:"; |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
46 |
4377
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
47 if (data_size == 0) { |
11497
94f78f415811
auth: Removed unnecessary auth_request callback and context uses.
Timo Sirainen <tss@iki.fi>
parents:
10410
diff
changeset
|
48 auth_request_handler_reply_continue(request, prompt1, |
94f78f415811
auth: Removed unnecessary auth_request callback and context uses.
Timo Sirainen <tss@iki.fi>
parents:
10410
diff
changeset
|
49 strlen(prompt1)); |
4377
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
50 } else { |
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
51 mech_login_auth_continue(request, data, data_size); |
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
52 } |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
53 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
54 |
3072 | 55 static struct auth_request *mech_login_auth_new(void) |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
56 { |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
57 struct auth_request *request; |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
58 pool_t pool; |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
59 |
17837
569d41d21ec3
auth: Mark memory pools as growing and use the same sizes for all mechanisms.
Timo Sirainen <tss@iki.fi>
parents:
17235
diff
changeset
|
60 pool = pool_alloconly_create(MEMPOOL_GROWING"login_auth_request", 2048); |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
61 request = p_new(pool, struct auth_request, 1); |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
62 request->pool = pool; |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
63 return request; |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
64 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
65 |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
66 const struct mech_module mech_login = { |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
67 "LOGIN", |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
68 |
10410
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
9219
diff
changeset
|
69 .flags = MECH_SEC_PLAINTEXT, |
b757dab45756
Removed MEMBER() macro. Require C99 style struct initializer.
Timo Sirainen <tss@iki.fi>
parents:
9219
diff
changeset
|
70 .passdb_need = MECH_PASSDB_NEED_VERIFY_PLAIN, |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
71 |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
72 mech_login_auth_new, |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
73 mech_login_auth_initial, |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
74 mech_login_auth_continue, |
4414
9017db478693
Added mech_generic_auth_internal() and mech_generic_auth_free() functions
Timo Sirainen <tss@iki.fi>
parents:
4382
diff
changeset
|
75 mech_generic_auth_free |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
76 }; |