Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/passdb-vpopmail.c @ 8089:30e4c3360e76 HEAD
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 12 Aug 2008 17:56:58 -0400 |
parents | 7ed926ed7aa4 |
children | c47b78e843aa |
rev | line source |
---|---|
7086
7ed926ed7aa4
Updated copyright notices to include year 2008.
Timo Sirainen <tss@iki.fi>
parents:
6895
diff
changeset
|
1 /* Copyright (c) 2002-2008 Dovecot authors, see the included COPYING file */ |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 /* Thanks to Courier-IMAP for showing how the vpopmail API should be used */ |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 |
3474
9096b7957413
Removed direct config.h including. I'm not sure why it was done before,
Timo Sirainen <tss@iki.fi>
parents:
3367
diff
changeset
|
5 #include "common.h" |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 #ifdef PASSDB_VPOPMAIL |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 #include "safe-memset.h" |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include "passdb.h" |
2366
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
11 #include "password-scheme.h" |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
12 #include "auth-cache.h" |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 #include "userdb-vpopmail.h" |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 |
2132
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
16 #include <stdlib.h> |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
17 |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
18 #define VPOPMAIL_DEFAULT_PASS_SCHEME "CRYPT" |
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
19 |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
20 struct vpopmail_passdb_module { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
21 struct passdb_module module; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
22 |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
23 struct ip_addr webmail_ip; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
24 }; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
25 |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
26 static bool vpopmail_is_disabled(struct auth_request *request, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
27 const struct vqpasswd *vpw) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
28 { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
29 struct passdb_module *_module = request->passdb->passdb; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
30 struct vpopmail_passdb_module *module = |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
31 (struct vpopmail_passdb_module *)_module; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
32 |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
33 if (strcmp(request->service, "IMAP") == 0) { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
34 if ((vpw->pw_gid & NO_IMAP) != 0) { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
35 /* IMAP from webmail IP may still be allowed */ |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
36 if (!net_ip_compare(&module->webmail_ip, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
37 &request->remote_ip)) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
38 return TRUE; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
39 } |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
40 if ((vpw->pw_gid & NO_WEBMAIL) != 0) { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
41 if (net_ip_compare(&module->webmail_ip, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
42 &request->remote_ip)) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
43 return TRUE; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
44 } |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
45 } |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
46 if ((vpw->pw_gid & NO_POP) != 0 && |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
47 strcmp(request->service, "POP3") == 0) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
48 return TRUE; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
49 return FALSE; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
50 } |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
51 |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
52 static char * |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
53 vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext, |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
54 enum passdb_result *result_r) |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
55 { |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
56 char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT]; |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
57 struct vqpasswd *vpw; |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
58 char *password; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
59 |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
60 vpw = vpopmail_lookup_vqp(auth_request, vpop_user, vpop_domain); |
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
61 if (vpw == NULL) { |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
62 *result_r = PASSDB_RESULT_USER_UNKNOWN; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
63 return NULL; |
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
64 } |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
65 |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
66 if (vpopmail_is_disabled(auth_request, vpw)) { |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
67 auth_request_log_info(auth_request, "vpopmail", |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
68 "%s disabled", auth_request->service); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
69 password = NULL; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
70 *result_r = PASSDB_RESULT_USER_DISABLED; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
71 } else { |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
72 password = t_strdup_noconst(cleartext ? vpw->pw_clear_passwd : |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
73 vpw->pw_passwd); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
74 *result_r = password != NULL ? PASSDB_RESULT_OK : |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
75 PASSDB_RESULT_SCHEME_NOT_AVAILABLE; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
76 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
77 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 safe_memset(vpw->pw_passwd, 0, strlen(vpw->pw_passwd)); |
2366
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
79 if (vpw->pw_clear_passwd != NULL) { |
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
80 safe_memset(vpw->pw_clear_passwd, 0, |
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
81 strlen(vpw->pw_clear_passwd)); |
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
82 } |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
83 |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
84 return password; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
85 } |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
86 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
87 static void vpopmail_lookup_credentials(struct auth_request *request, |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
88 lookup_credentials_callback_t *callback) |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
89 { |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
90 enum passdb_result result; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
91 char *password; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
92 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
93 password = vpopmail_password_lookup(request, TRUE, &result); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
94 if (password == NULL) { |
5676 | 95 callback(result, "", 0, request); |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
96 return; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
97 } |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
98 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
99 passdb_handle_credentials(PASSDB_RESULT_OK, password, "CLEARTEXT", |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
100 callback, request); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
101 safe_memset(password, 0, strlen(password)); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
102 } |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
103 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
104 static void |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
105 vpopmail_verify_plain(struct auth_request *request, const char *password, |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
106 verify_plain_callback_t *callback) |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
107 { |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
108 enum passdb_result result; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
109 const char *scheme, *tmp_pass; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
110 char *crypted_pass; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
111 int ret; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
112 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
113 crypted_pass = vpopmail_password_lookup(request, FALSE, &result); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
114 if (crypted_pass == NULL) { |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
115 callback(result, request); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
116 return; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
117 } |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
118 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
119 tmp_pass = crypted_pass; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
120 scheme = password_get_scheme(&tmp_pass); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
121 if (scheme == NULL) |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
122 scheme = request->passdb->passdb->default_pass_scheme; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
123 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
124 ret = auth_request_password_verify(request, password, |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
125 tmp_pass, scheme, "vpopmail"); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
126 safe_memset(crypted_pass, 0, strlen(crypted_pass)); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
127 |
2366
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
128 if (ret <= 0) { |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1046
diff
changeset
|
129 callback(PASSDB_RESULT_PASSWORD_MISMATCH, request); |
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
130 return; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
131 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
132 |
2132
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
133 #ifdef HAVE_VPOPMAIL_OPEN_SMTP_RELAY |
2781
e44a84dc947c
s/protocol/service/ in authentication
Timo Sirainen <tss@iki.fi>
parents:
2678
diff
changeset
|
134 if (strcmp(request->service, "POP3") == 0 || |
e44a84dc947c
s/protocol/service/ in authentication
Timo Sirainen <tss@iki.fi>
parents:
2678
diff
changeset
|
135 strcmp(request->service, "IMAP") == 0) { |
2132
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
136 const char *host = net_ip2addr(&request->remote_ip); |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
137 if (host != NULL) { |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
138 /* use putenv() directly rather than env_put() which |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
139 would leak memory every time we got here. use a |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
140 static buffer for putenv() as SUSv2 requirements |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
141 would otherwise corrupt our environment later. */ |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
142 static char ip_env[256]; |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
143 |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
144 i_snprintf(ip_env, sizeof(ip_env), |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
145 "TCPREMOTEIP=%s", host); |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
146 putenv(ip_env); |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
147 open_smtp_relay(); |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
148 } |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
149 } |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
150 #endif |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
151 |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1046
diff
changeset
|
152 callback(PASSDB_RESULT_OK, request); |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
153 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
154 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
155 static struct passdb_module * |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
156 vpopmail_preinit(struct auth_passdb *auth_passdb, const char *args) |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
157 { |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
158 struct vpopmail_passdb_module *module; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
159 const char *const *tmp; |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
160 |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
161 module = p_new(auth_passdb->auth->pool, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
162 struct vpopmail_passdb_module, 1); |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
163 module->module.default_pass_scheme = VPOPMAIL_DEFAULT_PASS_SCHEME; |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
164 |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
165 tmp = t_strsplit_spaces(args, " "); |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
166 for (; *tmp != NULL; tmp++) { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
167 if (strncmp(*tmp, "cache_key=", 10) == 0) { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
168 module->module.cache_key = |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
169 auth_cache_parse_key(auth_passdb->auth->pool, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
170 *tmp + 10); |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
171 } else if (strncmp(*tmp, "webmail=", 8) == 0) { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
172 if (net_addr2ip(*tmp + 8, &module->webmail_ip) < 0) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
173 i_fatal("vpopmail: Invalid webmail IP address"); |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
174 } else { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
175 i_fatal("vpopmail: Unknown setting: %s", *tmp); |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
176 } |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
177 } |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
178 return &module->module; |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
179 } |
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
180 |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
6241
diff
changeset
|
181 static void vpopmail_deinit(struct passdb_module *module ATTR_UNUSED) |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
182 { |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
183 vclose(); |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
184 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
185 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
186 struct passdb_module_interface passdb_vpopmail = { |
2942
c7d426f8cb58
Added name variable for userdb_module and passdb_module and changed their
Timo Sirainen <tss@iki.fi>
parents:
2781
diff
changeset
|
187 "vpopmail", |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
188 |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
189 vpopmail_preinit, |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
190 NULL, |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
191 vpopmail_deinit, |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
192 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
193 vpopmail_verify_plain, |
4782
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4691
diff
changeset
|
194 vpopmail_lookup_credentials, |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4691
diff
changeset
|
195 NULL |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
196 }; |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
197 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
198 #endif |