Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/imap-login/client-authenticate.c @ 2766:26a091f3add6 HEAD
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
parameters from auth server.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 18 Oct 2004 04:13:25 +0300 |
parents | 0f31778d3c34 |
children | d344be0bb70f |
rev | line source |
---|---|
2691
46f879c46b45
auth_verbose now affects imap/pop3 login processes too. Every authentication
Timo Sirainen <tss@iki.fi>
parents:
2629
diff
changeset
|
1 /* Copyright (C) 2002-2004 Timo Sirainen */ |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 #include "common.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 #include "base64.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 #include "buffer.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #include "ioloop.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 #include "istream.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "ostream.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 #include "safe-memset.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include "str.h" |
2691
46f879c46b45
auth_verbose now affects imap/pop3 login processes too. Every authentication
Timo Sirainen <tss@iki.fi>
parents:
2629
diff
changeset
|
11 #include "str-sanitize.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 #include "imap-parser.h" |
1702
43815588dd6b
Moved client side code for auth process handling to lib-auth. Some other login process cleanups.
Timo Sirainen <tss@iki.fi>
parents:
1499
diff
changeset
|
13 #include "auth-client.h" |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 #include "client.h" |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 #include "client-authenticate.h" |
2691
46f879c46b45
auth_verbose now affects imap/pop3 login processes too. Every authentication
Timo Sirainen <tss@iki.fi>
parents:
2629
diff
changeset
|
16 |
1725
cc0690f92d96
disable_plaintext_auth defaults to yes now. ipv4 127.* and ipv6 ::1
Timo Sirainen <tss@iki.fi>
parents:
1714
diff
changeset
|
17 const char *client_authenticate_get_capabilities(int secured) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 { |
2077
d5b20d679b8a
Removed hardcoded mechanism lists. It's now possible to add them
Timo Sirainen <tss@iki.fi>
parents:
2076
diff
changeset
|
19 const struct auth_mech_desc *mech; |
d5b20d679b8a
Removed hardcoded mechanism lists. It's now possible to add them
Timo Sirainen <tss@iki.fi>
parents:
2076
diff
changeset
|
20 unsigned int i, count; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
21 string_t *str; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
23 str = t_str_new(128); |
2077
d5b20d679b8a
Removed hardcoded mechanism lists. It's now possible to add them
Timo Sirainen <tss@iki.fi>
parents:
2076
diff
changeset
|
24 mech = auth_client_get_available_mechs(auth_client, &count); |
d5b20d679b8a
Removed hardcoded mechanism lists. It's now possible to add them
Timo Sirainen <tss@iki.fi>
parents:
2076
diff
changeset
|
25 for (i = 0; i < count; i++) { |
1949
d2755efdd187
Don't advertise AUTH=PLAIN unless transport is secure
Timo Sirainen <tss@iki.fi>
parents:
1894
diff
changeset
|
26 /* a) transport is secured |
d2755efdd187
Don't advertise AUTH=PLAIN unless transport is secure
Timo Sirainen <tss@iki.fi>
parents:
1894
diff
changeset
|
27 b) auth mechanism isn't plaintext |
d2755efdd187
Don't advertise AUTH=PLAIN unless transport is secure
Timo Sirainen <tss@iki.fi>
parents:
1894
diff
changeset
|
28 c) we allow insecure authentication |
d2755efdd187
Don't advertise AUTH=PLAIN unless transport is secure
Timo Sirainen <tss@iki.fi>
parents:
1894
diff
changeset
|
29 */ |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
30 if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 && |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
31 (secured || !disable_plaintext_auth || |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
32 (mech[i].flags & MECH_SEC_PLAINTEXT) == 0)) { |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
33 str_append_c(str, ' '); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
34 str_append(str, "AUTH="); |
2077
d5b20d679b8a
Removed hardcoded mechanism lists. It's now possible to add them
Timo Sirainen <tss@iki.fi>
parents:
2076
diff
changeset
|
35 str_append(str, mech[i].name); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
36 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
37 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
38 |
2077
d5b20d679b8a
Removed hardcoded mechanism lists. It's now possible to add them
Timo Sirainen <tss@iki.fi>
parents:
2076
diff
changeset
|
39 return str_c(str); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
40 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
41 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
42 static void client_auth_input(void *context) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
43 { |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 struct imap_client *client = context; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
45 char *line; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
46 |
2237
6b05e30c669a
crashfix if client closes connection while authenticating
Timo Sirainen <tss@iki.fi>
parents:
2097
diff
changeset
|
47 if (!client_read(client)) |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
48 return; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
49 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
50 if (client->skip_line) { |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
51 if (i_stream_next_line(client->input) == NULL) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
52 return; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
53 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
54 client->skip_line = FALSE; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
55 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
56 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
57 /* @UNSAFE */ |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
58 line = i_stream_next_line(client->input); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
59 if (line == NULL) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
60 return; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
61 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
62 if (strcmp(line, "*") == 0) { |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
63 sasl_server_auth_cancel(&client->common, |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
64 "Authentication aborted"); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
65 return; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
66 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
67 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
68 if (client->common.auth_request == NULL) { |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
69 sasl_server_auth_cancel(&client->common, |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
70 "Don't send unrequested data"); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
71 } else { |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
72 auth_client_request_continue(client->common.auth_request, line); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
73 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
74 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
75 /* clear sensitive data */ |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
76 safe_memset(line, 0, strlen(line)); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
77 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 |
2766
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
79 static int client_handle_success_args(struct imap_client *client, |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
80 const char *const *args, int nologin) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
81 { |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
82 const char *reason = NULL, *referral = NULL; |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
83 string_t *reply; |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
84 |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
85 for (; *args != NULL; args++) { |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
86 if (strcmp(*args, "nologin") == 0) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
87 nologin = TRUE; |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
88 else if (strncmp(*args, "reason=", 7) == 0) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
89 reason = *args + 7; |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
90 else if (strncmp(*args, "referral=", 9) == 0) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
91 referral = *args + 9; |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
92 } |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
93 |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
94 if (!nologin && referral == NULL) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
95 return FALSE; |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
96 |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
97 reply = t_str_new(128); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
98 str_append(reply, nologin ? "NO " : "OK "); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
99 if (referral != NULL) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
100 str_printfa(reply, "[REFERRAL %s] ", referral); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
101 |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
102 if (reason != NULL) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
103 str_append(reply, reason); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
104 else if (!nologin) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
105 str_append(reply, "Logged in."); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
106 else if (referral != NULL) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
107 str_append(reply, "Try this server instead."); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
108 else |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
109 str_append(reply, "Login disabled."); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
110 |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
111 client_send_tagline(client, str_c(reply)); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
112 if (!nologin) { |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
113 client_destroy(client, t_strconcat( |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
114 "Login: ", client->common.virtual_user, NULL)); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
115 } else { |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
116 /* get back to normal client input. */ |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
117 if (client->io != NULL) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
118 io_remove(client->io); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
119 client->io = io_add(client->common.fd, IO_READ, |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
120 client_input, client); |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
121 } |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
122 return TRUE; |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
123 } |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
124 |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
125 static void sasl_callback(struct client *_client, enum sasl_server_reply reply, |
2766
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
126 const char *data, const char *const *args) |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
127 { |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
128 struct imap_client *client = (struct imap_client *)_client; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
129 struct const_iovec iov[3]; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
130 size_t data_len; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
131 ssize_t ret; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
132 |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
133 switch (reply) { |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
134 case SASL_SERVER_REPLY_SUCCESS: |
2766
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
135 if (args != NULL) { |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
136 if (client_handle_success_args(client, args, FALSE)) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
137 break; |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
138 } |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
139 |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
140 client_send_tagline(client, "OK Logged in."); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
141 client_destroy(client, t_strconcat( |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
142 "Login: ", client->common.virtual_user, NULL)); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
143 break; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
144 case SASL_SERVER_REPLY_AUTH_FAILED: |
2766
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
145 if (args != NULL) { |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
146 if (client_handle_success_args(client, args, TRUE)) |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
147 break; |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
148 } |
26a091f3add6
Implemented support for LOGIN-REFERRALS using "referral" and "reason"
Timo Sirainen <tss@iki.fi>
parents:
2736
diff
changeset
|
149 |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
150 if (data == NULL) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
151 client_send_tagline(client, "Authentication failed"); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
152 else { |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
153 client_send_tagline(client, t_strconcat( |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
154 "NO Authentication failed: ", data, NULL)); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
155 } |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
156 |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
157 /* get back to normal client input. */ |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
158 if (client->io != NULL) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
159 io_remove(client->io); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
160 client->io = io_add(client->common.fd, IO_READ, |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
161 client_input, client); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
162 break; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
163 case SASL_SERVER_REPLY_MASTER_FAILED: |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
164 client_send_line(client, "* BYE Internal login failure. " |
2734
e2ce951fa8e6
Changed the "internal error" message, once again. Hopefully this is finally
Timo Sirainen <tss@iki.fi>
parents:
2733
diff
changeset
|
165 "Refer to server log for more information."); |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
166 client_destroy(client, t_strconcat("Internal login failure: ", |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
167 client->common.virtual_user, |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
168 NULL)); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
169 break; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
170 case SASL_SERVER_REPLY_CONTINUE: |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
171 data_len = strlen(data); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
172 iov[0].iov_base = "+ "; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
173 iov[0].iov_len = 2; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
174 iov[1].iov_base = data; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
175 iov[1].iov_len = data_len; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
176 iov[2].iov_base = "\r\n"; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
177 iov[2].iov_len = 2; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
178 |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
179 ret = o_stream_sendv(client->output, iov, 3); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
180 if (ret < 0) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
181 client_destroy(client, "Disconnected"); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
182 else if ((size_t)ret != 2 + data_len + 2) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
183 client_destroy(client, "Transmit buffer full"); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
184 else { |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
185 /* continue */ |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
186 return; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
187 } |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
188 break; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
189 } |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
190 |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
191 client_unref(client); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
192 } |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
193 |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
194 int cmd_authenticate(struct imap_client *client, struct imap_arg *args) |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
195 { |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
196 const char *mech_name; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
197 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
198 /* we want only one argument: authentication mechanism name */ |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
199 if (args[0].type != IMAP_ARG_ATOM && args[0].type != IMAP_ARG_STRING) |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
200 return -1; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
201 if (args[1].type != IMAP_ARG_EOL) |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
202 return -1; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
203 |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
204 mech_name = IMAP_ARG_STR(&args[0]); |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
205 if (*mech_name == '\0') |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
206 return FALSE; |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
207 |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
208 client_ref(client); |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
209 sasl_server_auth_begin(&client->common, "IMAP", mech_name, NULL, |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
210 sasl_callback); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
211 if (!client->common.authenticating) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
212 return 1; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
213 |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
214 /* following input data will go to authentication */ |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
215 if (client->io != NULL) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
216 io_remove(client->io); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
217 client->io = io_add(client->common.fd, IO_READ, |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
218 client_auth_input, client); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
219 return 0; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
220 } |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
221 |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
222 int cmd_login(struct imap_client *client, struct imap_arg *args) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
223 { |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
224 const char *user, *pass; |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
225 string_t *plain_login, *base64; |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
226 |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
227 /* two arguments: username and password */ |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
228 if (args[0].type != IMAP_ARG_ATOM && args[0].type != IMAP_ARG_STRING) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
229 return -1; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
230 if (args[1].type != IMAP_ARG_ATOM && args[1].type != IMAP_ARG_STRING) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
231 return -1; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
232 if (args[2].type != IMAP_ARG_EOL) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
233 return -1; |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
234 |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
235 user = IMAP_ARG_STR(&args[0]); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
236 pass = IMAP_ARG_STR(&args[1]); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
237 |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
238 if (!client->common.secured && disable_plaintext_auth) { |
2691
46f879c46b45
auth_verbose now affects imap/pop3 login processes too. Every authentication
Timo Sirainen <tss@iki.fi>
parents:
2629
diff
changeset
|
239 if (verbose_auth) { |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
240 client_syslog(&client->common, "Login failed: " |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
241 "Plaintext authentication disabled"); |
2691
46f879c46b45
auth_verbose now affects imap/pop3 login processes too. Every authentication
Timo Sirainen <tss@iki.fi>
parents:
2629
diff
changeset
|
242 } |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
243 client_send_line(client, |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
244 "* BAD [ALERT] Plaintext authentication is disabled, " |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
245 "but your client sent password in plaintext anyway. " |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
246 "If anyone was listening, the password was exposed."); |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
247 client_send_tagline(client, |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
248 "NO Plaintext authentication disabled."); |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
249 return 1; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
250 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
251 |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
252 /* authorization ID \0 authentication ID \0 pass */ |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
253 plain_login = buffer_create_dynamic(pool_datastack_create(), 64); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
254 buffer_append_c(plain_login, '\0'); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
255 buffer_append(plain_login, user, strlen(user)); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
256 buffer_append_c(plain_login, '\0'); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
257 buffer_append(plain_login, pass, strlen(pass)); |
2097
4e77cb0aff21
Added %l, %r and %P variables and mail_log_prefix setting.
Timo Sirainen <tss@iki.fi>
parents:
2088
diff
changeset
|
258 |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
259 base64 = buffer_create_dynamic(pool_datastack_create(), |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
260 MAX_BASE64_ENCODED_SIZE(plain_login->used)); |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
261 base64_encode(plain_login->data, plain_login->used, base64); |
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
262 |
1714 | 263 client_ref(client); |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
264 sasl_server_auth_begin(&client->common, "IMAP", "PLAIN", |
2736
0f31778d3c34
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
Timo Sirainen <tss@iki.fi>
parents:
2734
diff
changeset
|
265 str_c(base64), sasl_callback); |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
266 if (!client->common.authenticating) |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
267 return 1; |
2421
d141e1bfdd63
We never do blocking reads/writes to network anymore. Changed imap and pop3
Timo Sirainen <tss@iki.fi>
parents:
2287
diff
changeset
|
268 |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
269 /* don't read any input from client until login is finished */ |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
270 if (client->io != NULL) { |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
271 io_remove(client->io); |
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
272 client->io = NULL; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
273 } |
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
274 |
2733
9b9d9c164a31
Login process cleanups. Share more authentication code between pop3/imap.
Timo Sirainen <tss@iki.fi>
parents:
2708
diff
changeset
|
275 return 0; |
1049
c41787e8c3f4
Moved common login process code to login-common, created pop3-login.
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
276 } |