dovecot/original-hg/dovecot-1.2: src/imap-login/client-authenticate.c annotate

annotate src/imap-login/client-authenticate.c @ 5150:16240711734e HEAD

If authentication fails and we've already destroyed the client, don't go io_add()ing the client anywhere.

author	Timo Sirainen <tss@iki.fi>
date	Fri, 16 Feb 2007 15:42:03 +0200
parents	98780639b190
children	723cf9d39692

rev	line source
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	1 /* Copyright (C) 2002-2004 Timo Sirainen */
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	2
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	3 #include "common.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	4 #include "base64.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	5 #include "buffer.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	6 #include "ioloop.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	7 #include "istream.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	8 #include "ostream.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	9 #include "safe-memset.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	10 #include "str.h"
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	11 #include "str-sanitize.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	12 #include "imap-parser.h"
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	13 #include "auth-client.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	14 #include "client.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	15 #include "client-authenticate.h"
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	16 #include "imap-proxy.h"
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	17
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	18 #include <stdlib.h>
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	19
4856 f75041ec22ba Changed the service name from uppercase IMAP/POP3 to lowercase imap/pop3 so Timo Sirainen <tss@iki.fi> parents: 4790 diff changeset	20 #define IMAP_SERVICE_NAME "imap"
f75041ec22ba Changed the service name from uppercase IMAP/POP3 to lowercase imap/pop3 so Timo Sirainen <tss@iki.fi> parents: 4790 diff changeset	21
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	22 const char *client_authenticate_get_capabilities(bool secured)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	23 {
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	24 const struct auth_mech_desc *mech;
d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	25 unsigned int i, count;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	26 string_t *str;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	27
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	28 str = t_str_new(128);
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	29 mech = auth_client_get_available_mechs(auth_client, &count);
d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	30 for (i = 0; i < count; i++) {
1949 d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	31 /* a) transport is secured
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	32 b) auth mechanism isn't plaintext
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	33 c) we allow insecure authentication
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	34 */
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	35 if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 &&
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	36 (secured \|\| !disable_plaintext_auth \|\|
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	37 (mech[i].flags & MECH_SEC_PLAINTEXT) == 0)) {
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	38 str_append_c(str, ' ');
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	39 str_append(str, "AUTH=");
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	40 str_append(str, mech[i].name);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	41 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	42 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	43
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	44 return str_c(str);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	45 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	46
4907 5b4c9b20eba0 Replaced void context from a lot of callbacks with the actual context Timo Sirainen <tss@iki.fi>* parents: 4856 diff changeset	47 static void client_auth_input(struct imap_client *client)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	48 {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	49 char *line;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	50
2237 6b05e30c669a crashfix if client closes connection while authenticating Timo Sirainen <tss@iki.fi> parents: 2097 diff changeset	51 if (!client_read(client))
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	52 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	53
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	54 if (client->skip_line) {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	55 if (i_stream_next_line(client->input) == NULL)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	56 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	57
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	58 client->skip_line = FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	59 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	60
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	61 /* @UNSAFE */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	62 line = i_stream_next_line(client->input);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	63 if (line == NULL)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	64 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	65
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	66 if (strcmp(line, "*") == 0) {
4301 0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	67 sasl_server_auth_client_error(&client->common,
0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	68 "Authentication aborted");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	69 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	70 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	71
4770 88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH Timo Sirainen <tss@iki.fi> parents: 4416 diff changeset	72 if (client->common.waiting_auth_reply) {
4301 0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	73 sasl_server_auth_client_error(&client->common,
0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	74 "Don't send unrequested data");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	75 } else {
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	76 auth_client_request_continue(client->common.auth_request, line);
4770 88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH Timo Sirainen <tss@iki.fi> parents: 4416 diff changeset	77 client->common.waiting_auth_reply = TRUE;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	78 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	79
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	80 /* clear sensitive data */
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	81 safe_memset(line, 0, strlen(line));
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	82 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	83
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	84 static bool client_handle_args(struct imap_client *client,
55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	85 const char const args, bool nologin)
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	86 {
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	87 const char reason = NULL, host = NULL, destuser = NULL, pass = NULL;
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	88 string_t *reply;
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	89 unsigned int port = 143;
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	90 bool proxy = FALSE, temp = FALSE;
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	91
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	92 for (; *args != NULL; args++) {
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	93 if (strcmp(*args, "nologin") == 0)
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	94 nologin = TRUE;
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	95 else if (strcmp(*args, "proxy") == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	96 proxy = TRUE;
3059 08c640bdf749 If authentication failed because of temporary failure, show different error Timo Sirainen <tss@iki.fi> parents: 2773 diff changeset	97 else if (strcmp(*args, "temp") == 0)
08c640bdf749 If authentication failed because of temporary failure, show different error Timo Sirainen <tss@iki.fi> parents: 2773 diff changeset	98 temp = TRUE;
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	99 else if (strncmp(*args, "reason=", 7) == 0)
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	100 reason = *args + 7;
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	101 else if (strncmp(*args, "host=", 5) == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	102 host = *args + 5;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	103 else if (strncmp(*args, "port=", 5) == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	104 port = atoi(*args + 5);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	105 else if (strncmp(*args, "destuser=", 9) == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	106 destuser = *args + 9;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	107 else if (strncmp(*args, "pass=", 5) == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	108 pass = *args + 5;
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	109 }
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	110
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	111 if (destuser == NULL)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	112 destuser = client->common.virtual_user;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	113
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	114 if (proxy) {
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	115 /* we want to proxy the connection to another server.
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	116
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	117 proxy host=.. [port=..] [destuser=..] pass=.. */
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	118 if (imap_proxy_new(client, host, port, destuser, pass) < 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	119 client_destroy_internal_failure(client);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	120 return TRUE;
3384 3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	121 }
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	122
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	123 if (host != NULL) {
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	124 /* IMAP referral
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	125
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	126 [nologin] referral host=.. [port=..] [destuser=..]
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	127 [reason=..]
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	128
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	129 NO [REFERRAL imap://destuser;AUTH=..@host:port/] Can't login.
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	130 OK [...] Logged in, but you should use this server instead.
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	131 .. [REFERRAL ..] (Reason from auth server)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	132 */
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	133 reply = t_str_new(128);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	134 str_append(reply, nologin ? "NO " : "OK ");
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	135 str_printfa(reply, "[REFERRAL imap://%s;AUTH=%s@%s",
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	136 destuser, client->common.auth_mech_name, host);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	137 if (port != 143)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	138 str_printfa(reply, ":%u", port);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	139 str_append(reply, "/] ");
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	140 if (reason != NULL)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	141 str_append(reply, reason);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	142 else if (nologin)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	143 str_append(reply, "Try this server instead.");
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	144 else {
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	145 str_append(reply, "Logged in, but you should use "
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	146 "this server instead.");
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	147 }
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	148 client_send_tagline(client, str_c(reply));
3384 3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	149 if (!nologin) {
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	150 client_destroy(client, "Login with referral");
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	151 return TRUE;
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	152 }
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	153 } else if (nologin) {
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	154 /* Authentication went ok, but for some reason user isn't
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	155 allowed to log in. Shouldn't probably happen. */
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	156 reply = t_str_new(128);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	157 if (reason != NULL)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	158 str_printfa(reply, "NO %s", reason);
3059 08c640bdf749 If authentication failed because of temporary failure, show different error Timo Sirainen <tss@iki.fi> parents: 2773 diff changeset	159 else if (temp)
08c640bdf749 If authentication failed because of temporary failure, show different error Timo Sirainen <tss@iki.fi> parents: 2773 diff changeset	160 str_append(reply, "NO "AUTH_TEMP_FAILED_MSG);
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	161 else
2773 e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just Timo Sirainen <tss@iki.fi> parents: 2768 diff changeset	162 str_append(reply, "NO "AUTH_FAILED_MSG);
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	163 client_send_tagline(client, str_c(reply));
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	164 } else {
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	165 /* normal login/failure */
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	166 return FALSE;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	167 }
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	168
3384 3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	169 i_assert(nologin);
3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	170
5150 16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	171 if (!client->destroyed) {
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	172 /* get back to normal client input. */
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	173 if (client->io != NULL)
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	174 io_remove(&client->io);
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	175 client->io = io_add(client->common.fd, IO_READ,
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	176 client_input, client);
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	177 }
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	178 return TRUE;
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	179 }
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	180
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	181 static void sasl_callback(struct client *_client, enum sasl_server_reply reply,
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	182 const char data, const char const *args)
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	183 {
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	184 struct imap_client client = (struct imap_client )_client;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	185 struct const_iovec iov[3];
4301 0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	186 const char *msg;
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	187 size_t data_len;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	188
4790 c6d77f917d12 Fixed potential problems with client disconnecting while master was handling Timo Sirainen <tss@iki.fi> parents: 4770 diff changeset	189 i_assert(!client->destroyed \|\|
c6d77f917d12 Fixed potential problems with client disconnecting while master was handling Timo Sirainen <tss@iki.fi> parents: 4770 diff changeset	190 reply == SASL_SERVER_REPLY_CLIENT_ERROR \|\|
c6d77f917d12 Fixed potential problems with client disconnecting while master was handling Timo Sirainen <tss@iki.fi> parents: 4770 diff changeset	191 reply == SASL_SERVER_REPLY_MASTER_FAILED);
4770 88c29111fcee Crashfixes and more asserts. Mostly related to use of AUTHENTICATE/AUTH Timo Sirainen <tss@iki.fi> parents: 4416 diff changeset	192
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	193 switch (reply) {
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	194 case SASL_SERVER_REPLY_SUCCESS:
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	195 if (args != NULL) {
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	196 if (client_handle_args(client, args, FALSE))
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	197 break;
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	198 }
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	199
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	200 client_send_tagline(client, "OK Logged in.");
3384 3b75956d20c4 Added configurable logging for login process. Added configurable pop3 logout Timo Sirainen <tss@iki.fi> parents: 3059 diff changeset	201 client_destroy(client, "Login");
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	202 break;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	203 case SASL_SERVER_REPLY_AUTH_FAILED:
4301 0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	204 case SASL_SERVER_REPLY_CLIENT_ERROR:
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	205 if (args != NULL) {
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	206 if (client_handle_args(client, args, TRUE))
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	207 break;
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	208 }
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	209
4301 0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	210 msg = reply == SASL_SERVER_REPLY_AUTH_FAILED ? "NO " : "BAD ";
0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	211 msg = t_strconcat(msg, data != NULL ? data : AUTH_FAILED_MSG,
0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	212 NULL);
0e10b01960a0 IMAP: Reply with tagged BAD if authentication is aborted because client sent Timo Sirainen <tss@iki.fi> parents: 3955 diff changeset	213 client_send_tagline(client, msg);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	214
5150 16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	215 if (!client->destroyed) {
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	216 /* get back to normal client input. */
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	217 if (client->io != NULL)
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	218 io_remove(&client->io);
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	219 client->io = io_add(client->common.fd, IO_READ,
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	220 client_input, client);
16240711734e If authentication fails and we've already destroyed the client, don't go Timo Sirainen <tss@iki.fi> parents: 4924 diff changeset	221 }
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	222 break;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	223 case SASL_SERVER_REPLY_MASTER_FAILED:
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	224 client_destroy_internal_failure(client);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	225 break;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	226 case SASL_SERVER_REPLY_CONTINUE:
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	227 data_len = strlen(data);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	228 iov[0].iov_base = "+ ";
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	229 iov[0].iov_len = 2;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	230 iov[1].iov_base = data;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	231 iov[1].iov_len = data_len;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	232 iov[2].iov_base = "\r\n";
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	233 iov[2].iov_len = 2;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	234
3955 295af5c1cce6 If client disconnected while we were trying to send authentication Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	235 /* don't check return value here. it gets tricky if we try
295af5c1cce6 If client disconnected while we were trying to send authentication Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	236 to call client_destroy() in here. */
295af5c1cce6 If client disconnected while we were trying to send authentication Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	237 (void)o_stream_sendv(client->output, iov, 3);
295af5c1cce6 If client disconnected while we were trying to send authentication Timo Sirainen <tss@iki.fi> parents: 3879 diff changeset	238 return;
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	239 }
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	240
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	241 client_unref(client);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	242 }
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	243
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	244 int cmd_authenticate(struct imap_client client, struct imap_arg args)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	245 {
4416 fc135e4c169e Don't crash if the initial response isn't given for AUTHENTICATE.. Timo Sirainen <tss@iki.fi> parents: 4411 diff changeset	246 const char mech_name, init_resp = NULL;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	247
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	248 /* we want only one argument: authentication mechanism name */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	249 if (args[0].type != IMAP_ARG_ATOM && args[0].type != IMAP_ARG_STRING)
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	250 return -1;
4411 a2420b745cd5 Added support for SASL-IR extension. Timo Sirainen <tss@iki.fi> parents: 4301 diff changeset	251 if (args[1].type != IMAP_ARG_EOL) {
a2420b745cd5 Added support for SASL-IR extension. Timo Sirainen <tss@iki.fi> parents: 4301 diff changeset	252 /* optional SASL initial response */
a2420b745cd5 Added support for SASL-IR extension. Timo Sirainen <tss@iki.fi> parents: 4301 diff changeset	253 if (args[1].type != IMAP_ARG_ATOM \|\|
a2420b745cd5 Added support for SASL-IR extension. Timo Sirainen <tss@iki.fi> parents: 4301 diff changeset	254 args[2].type != IMAP_ARG_EOL)
a2420b745cd5 Added support for SASL-IR extension. Timo Sirainen <tss@iki.fi> parents: 4301 diff changeset	255 return -1;
4416 fc135e4c169e Don't crash if the initial response isn't given for AUTHENTICATE.. Timo Sirainen <tss@iki.fi> parents: 4411 diff changeset	256 init_resp = IMAP_ARG_STR(&args[1]);
4411 a2420b745cd5 Added support for SASL-IR extension. Timo Sirainen <tss@iki.fi> parents: 4301 diff changeset	257 }
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	258
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	259 mech_name = IMAP_ARG_STR(&args[0]);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	260 if (*mech_name == '\0')
3863 55df57c028d4 Added "bool" type and changed all ints that were used as booleans to bool. Timo Sirainen <tss@iki.fi> parents: 3384 diff changeset	261 return 0;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	262
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	263 client_ref(client);
4856 f75041ec22ba Changed the service name from uppercase IMAP/POP3 to lowercase imap/pop3 so Timo Sirainen <tss@iki.fi> parents: 4790 diff changeset	264 sasl_server_auth_begin(&client->common, IMAP_SERVICE_NAME, mech_name,
4416 fc135e4c169e Don't crash if the initial response isn't given for AUTHENTICATE.. Timo Sirainen <tss@iki.fi> parents: 4411 diff changeset	265 init_resp, sasl_callback);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	266 if (!client->common.authenticating)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	267 return 1;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	268
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	269 /* following input data will go to authentication */
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	270 if (client->io != NULL)
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	271 io_remove(&client->io);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	272 client->io = io_add(client->common.fd, IO_READ,
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	273 client_auth_input, client);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	274 return 0;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	275 }
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	276
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	277 int cmd_login(struct imap_client client, struct imap_arg args)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	278 {
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	279 const char user, pass;
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	280 string_t plain_login, base64;
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	281
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	282 /* two arguments: username and password */
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	283 if (args[0].type != IMAP_ARG_ATOM && args[0].type != IMAP_ARG_STRING)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	284 return -1;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	285 if (args[1].type != IMAP_ARG_ATOM && args[1].type != IMAP_ARG_STRING)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	286 return -1;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	287 if (args[2].type != IMAP_ARG_EOL)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	288 return -1;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	289
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	290 user = IMAP_ARG_STR(&args[0]);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	291 pass = IMAP_ARG_STR(&args[1]);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	292
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	293 if (!client->common.secured && disable_plaintext_auth) {
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	294 if (verbose_auth) {
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	295 client_syslog(&client->common, "Login failed: "
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	296 "Plaintext authentication disabled");
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	297 }
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	298 client_send_line(client,
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	299 "* BAD [ALERT] Plaintext authentication is disabled, "
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	300 "but your client sent password in plaintext anyway. "
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	301 "If anyone was listening, the password was exposed.");
4924 98780639b190 "Plaintext authentication disabled" -> "Plaintext authentication disallowed Timo Sirainen <tss@iki.fi> parents: 4907 diff changeset	302 client_send_tagline(client, "NO "AUTH_PLAINTEXT_DISABLED_MSG);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	303 return 1;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	304 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	305
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	306 /* authorization ID \0 authentication ID \0 pass */
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	307 plain_login = buffer_create_dynamic(pool_datastack_create(), 64);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	308 buffer_append_c(plain_login, '\0');
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	309 buffer_append(plain_login, user, strlen(user));
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	310 buffer_append_c(plain_login, '\0');
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	311 buffer_append(plain_login, pass, strlen(pass));
2097 4e77cb0aff21 Added %l, %r and %P variables and mail_log_prefix setting. Timo Sirainen <tss@iki.fi> parents: 2088 diff changeset	312
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	313 base64 = buffer_create_dynamic(pool_datastack_create(),
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	314 MAX_BASE64_ENCODED_SIZE(plain_login->used));
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	315 base64_encode(plain_login->data, plain_login->used, base64);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	316
1714 96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	317 client_ref(client);
4856 f75041ec22ba Changed the service name from uppercase IMAP/POP3 to lowercase imap/pop3 so Timo Sirainen <tss@iki.fi> parents: 4790 diff changeset	318 sasl_server_auth_begin(&client->common, IMAP_SERVICE_NAME, "PLAIN",
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	319 str_c(base64), sasl_callback);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	320 if (!client->common.authenticating)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	321 return 1;
2421 d141e1bfdd63 We never do blocking reads/writes to network anymore. Changed imap and pop3 Timo Sirainen <tss@iki.fi> parents: 2287 diff changeset	322
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	323 /* don't read any input from client until login is finished */
3879 928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	324 if (client->io != NULL)
928229f8b3e6 deinit, unref, destroy, close, free, etc. functions now take a pointer to Timo Sirainen <tss@iki.fi> parents: 3863 diff changeset	325 io_remove(&client->io);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	326
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	327 return 0;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	328 }

Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/imap-login/client-authenticate.c @ 5150:16240711734e HEAD