Mercurial > dovecot > core-2.2
annotate src/auth/mech-login.c @ 4414:9017db478693 HEAD
Added mech_generic_auth_internal() and mech_generic_auth_free() functions
and used them wherever possible to reduce code duplication. Patch by Andrey
Panin.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Sat, 17 Jun 2006 22:15:20 +0300 |
parents | f8d37e26a2b3 |
children | 2c1cc5bbc260 |
rev | line source |
---|---|
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
1 /* |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 * LOGIN authentication mechanism. |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 * |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 * Copyright (c) 2004 Andrey Panin <pazke@donpac.ru> |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 * |
4382
f8d37e26a2b3
Relicensed dovecot-auth to MIT.
Timo Sirainen <tss@iki.fi>
parents:
4377
diff
changeset
|
6 * This software is released under the MIT license. |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 */ |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 #include "common.h" |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include "mech.h" |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 #include "passdb.h" |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 #include "safe-memset.h" |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 static void verify_callback(enum passdb_result result, |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 struct auth_request *request) |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
16 { |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
17 switch (result) { |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
18 case PASSDB_RESULT_OK: |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
19 auth_request_success(request, NULL, 0); |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
20 break; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
21 case PASSDB_RESULT_INTERNAL_FAILURE: |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
22 auth_request_internal_failure(request); |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
23 break; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
24 default: |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
25 auth_request_fail(request); |
3058
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
26 break; |
052f3a5743af
Make FAIL reply contain "temp" parameter if the authentication failed
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
27 } |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
28 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
29 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
30 static void |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
31 mech_login_auth_continue(struct auth_request *request, |
3071 | 32 const unsigned char *data, size_t data_size) |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
33 { |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
34 static const char prompt2[] = "Password:"; |
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
35 const char *username, *error; |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
36 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
37 if (request->user == NULL) { |
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
38 username = t_strndup(data, data_size); |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
39 |
3065
29d83a8bb50d
Reorganized the code to have less global/static variables.
Timo Sirainen <tss@iki.fi>
parents:
3064
diff
changeset
|
40 if (!auth_request_set_username(request, username, &error)) { |
3069 | 41 auth_request_log_info(request, "login", "%s", error); |
3064
2d33734b16d5
Split auth_request* functions from mech.c to auth-request.c
Timo Sirainen <tss@iki.fi>
parents:
3058
diff
changeset
|
42 auth_request_fail(request); |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
43 return; |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
45 |
3071 | 46 request->callback(request, AUTH_CLIENT_RESULT_CONTINUE, |
47 prompt2, strlen(prompt2)); | |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
48 } else { |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
49 char *pass = p_strndup(unsafe_data_stack_pool, data, data_size); |
3068 | 50 auth_request_verify_plain(request, pass, verify_callback); |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
51 safe_memset(pass, 0, strlen(pass)); |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
52 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
53 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
54 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
55 static void |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
56 mech_login_auth_initial(struct auth_request *request, |
4377
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
57 const unsigned char *data, size_t data_size) |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
58 { |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
59 static const char prompt1[] = "Username:"; |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
60 |
4377
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
61 if (data_size == 0) { |
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
62 request->callback(request, AUTH_CLIENT_RESULT_CONTINUE, |
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
63 prompt1, strlen(prompt1)); |
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
64 } else { |
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
65 mech_login_auth_continue(request, data, data_size); |
25b6b670656d
Support initial SASL response with LOGIN mechanism. Patch by Anders Karlsson
Timo Sirainen <tss@iki.fi>
parents:
3766
diff
changeset
|
66 } |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
67 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
68 |
3072 | 69 static struct auth_request *mech_login_auth_new(void) |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
70 { |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
71 struct auth_request *request; |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
72 pool_t pool; |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
73 |
3695
4f8598b0ca62
Use a bit larger initial pool sizes
Timo Sirainen <tss@iki.fi>
parents:
3683
diff
changeset
|
74 pool = pool_alloconly_create("login_auth_request", 1024); |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
75 request = p_new(pool, struct auth_request, 1); |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
76 request->pool = pool; |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
77 return request; |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 } |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
79 |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
80 const struct mech_module mech_login = { |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
81 "LOGIN", |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
82 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
83 MEMBER(flags) MECH_SEC_PLAINTEXT, |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
84 |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
85 MEMBER(passdb_need_plain) TRUE, |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
86 MEMBER(passdb_need_credentials) FALSE, |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
87 |
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
88 mech_login_auth_new, |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
89 mech_login_auth_initial, |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2522
diff
changeset
|
90 mech_login_auth_continue, |
4414
9017db478693
Added mech_generic_auth_internal() and mech_generic_auth_free() functions
Timo Sirainen <tss@iki.fi>
parents:
4382
diff
changeset
|
91 mech_generic_auth_free |
2346
13ed27a24f46
Added LOGIN SASL mechanism. Patch by Andrey Panin
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
92 }; |