Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/auth/passdb-vpopmail.c @ 8089:30e4c3360e76 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
author Timo Sirainen <tss@iki.fi>
date Tue, 12 Aug 2008 17:56:58 -0400
parents 7ed926ed7aa4
children c47b78e843aa
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
7086
7ed926ed7aa4 Updated copyright notices to include year 2008.
Timo Sirainen <tss@iki.fi>
parents: 6895
diff changeset
1 /* Copyright (c) 2002-2008 Dovecot authors, see the included COPYING file */
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
2
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
3 /* Thanks to Courier-IMAP for showing how the vpopmail API should be used */
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
4
3474
9096b7957413 Removed direct config.h including. I'm not sure why it was done before,
Timo Sirainen <tss@iki.fi>
parents: 3367
diff changeset
5 #include "common.h"
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
6
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
7 #ifdef PASSDB_VPOPMAIL
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
8
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
9 #include "safe-memset.h"
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
10 #include "passdb.h"
2366
33c584ef528a Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents: 2132
diff changeset
11 #include "password-scheme.h"
8089
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
12 #include "auth-cache.h"
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
13
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
14 #include "userdb-vpopmail.h"
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
15
2132
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
16 #include <stdlib.h>
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
17
3656
fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents: 3474
diff changeset
18 #define VPOPMAIL_DEFAULT_PASS_SCHEME "CRYPT"
fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents: 3474
diff changeset
19
8089
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
20 struct vpopmail_passdb_module {
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
21 struct passdb_module module;
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
22
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
23 struct ip_addr webmail_ip;
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
24 };
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
25
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
26 static bool vpopmail_is_disabled(struct auth_request *request,
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
27 const struct vqpasswd *vpw)
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
28 {
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
29 struct passdb_module *_module = request->passdb->passdb;
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
30 struct vpopmail_passdb_module *module =
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
31 (struct vpopmail_passdb_module *)_module;
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
32
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
33 if (strcmp(request->service, "IMAP") == 0) {
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
34 if ((vpw->pw_gid & NO_IMAP) != 0) {
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
35 /* IMAP from webmail IP may still be allowed */
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
36 if (!net_ip_compare(&module->webmail_ip,
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
37 &request->remote_ip))
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
38 return TRUE;
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
39 }
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
40 if ((vpw->pw_gid & NO_WEBMAIL) != 0) {
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
41 if (net_ip_compare(&module->webmail_ip,
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
42 &request->remote_ip))
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
43 return TRUE;
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
44 }
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
45 }
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
46 if ((vpw->pw_gid & NO_POP) != 0 &&
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
47 strcmp(request->service, "POP3") == 0)
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
48 return TRUE;
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
49 return FALSE;
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
50 }
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
51
4691
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
52 static char *
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
53 vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext,
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
54 enum passdb_result *result_r)
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
55 {
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
56 char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT];
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
57 struct vqpasswd *vpw;
4691
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
58 char *password;
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
59
4691
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
60 vpw = vpopmail_lookup_vqp(auth_request, vpop_user, vpop_domain);
1046
561da07883b6 Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents: 1035
diff changeset
61 if (vpw == NULL) {
4691
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
62 *result_r = PASSDB_RESULT_USER_UNKNOWN;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
63 return NULL;
1046
561da07883b6 Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents: 1035
diff changeset
64 }
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
65
8089
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
66 if (vpopmail_is_disabled(auth_request, vpw)) {
4691
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
67 auth_request_log_info(auth_request, "vpopmail",
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
68 "%s disabled", auth_request->service);
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
69 password = NULL;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
70 *result_r = PASSDB_RESULT_USER_DISABLED;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
71 } else {
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
72 password = t_strdup_noconst(cleartext ? vpw->pw_clear_passwd :
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
73 vpw->pw_passwd);
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
74 *result_r = password != NULL ? PASSDB_RESULT_OK :
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
75 PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
76 }
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
77
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
78 safe_memset(vpw->pw_passwd, 0, strlen(vpw->pw_passwd));
2366
33c584ef528a Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents: 2132
diff changeset
79 if (vpw->pw_clear_passwd != NULL) {
33c584ef528a Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents: 2132
diff changeset
80 safe_memset(vpw->pw_clear_passwd, 0,
33c584ef528a Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents: 2132
diff changeset
81 strlen(vpw->pw_clear_passwd));
33c584ef528a Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents: 2132
diff changeset
82 }
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
83
4691
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
84 return password;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
85 }
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
86
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
87 static void vpopmail_lookup_credentials(struct auth_request *request,
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
88 lookup_credentials_callback_t *callback)
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
89 {
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
90 enum passdb_result result;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
91 char *password;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
92
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
93 password = vpopmail_password_lookup(request, TRUE, &result);
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
94 if (password == NULL) {
5676
698da4fededa Compile fix
Timo Sirainen <tss@iki.fi>
parents: 5259
diff changeset
95 callback(result, "", 0, request);
4691
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
96 return;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
97 }
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
98
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
99 passdb_handle_credentials(PASSDB_RESULT_OK, password, "CLEARTEXT",
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
100 callback, request);
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
101 safe_memset(password, 0, strlen(password));
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
102 }
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
103
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
104 static void
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
105 vpopmail_verify_plain(struct auth_request *request, const char *password,
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
106 verify_plain_callback_t *callback)
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
107 {
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
108 enum passdb_result result;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
109 const char *scheme, *tmp_pass;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
110 char *crypted_pass;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
111 int ret;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
112
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
113 crypted_pass = vpopmail_password_lookup(request, FALSE, &result);
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
114 if (crypted_pass == NULL) {
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
115 callback(result, request);
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
116 return;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
117 }
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
118
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
119 tmp_pass = crypted_pass;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
120 scheme = password_get_scheme(&tmp_pass);
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
121 if (scheme == NULL)
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
122 scheme = request->passdb->passdb->default_pass_scheme;
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
123
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
124 ret = auth_request_password_verify(request, password,
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
125 tmp_pass, scheme, "vpopmail");
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
126 safe_memset(crypted_pass, 0, strlen(crypted_pass));
a6abe149c2a4 Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents: 3918
diff changeset
127
2366
33c584ef528a Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents: 2132
diff changeset
128 if (ret <= 0) {
1075
f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents: 1046
diff changeset
129 callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);
1046
561da07883b6 Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents: 1035
diff changeset
130 return;
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
131 }
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
132
2132
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
133 #ifdef HAVE_VPOPMAIL_OPEN_SMTP_RELAY
2781
e44a84dc947c s/protocol/service/ in authentication
Timo Sirainen <tss@iki.fi>
parents: 2678
diff changeset
134 if (strcmp(request->service, "POP3") == 0 ||
e44a84dc947c s/protocol/service/ in authentication
Timo Sirainen <tss@iki.fi>
parents: 2678
diff changeset
135 strcmp(request->service, "IMAP") == 0) {
2132
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
136 const char *host = net_ip2addr(&request->remote_ip);
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
137 if (host != NULL) {
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
138 /* use putenv() directly rather than env_put() which
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
139 would leak memory every time we got here. use a
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
140 static buffer for putenv() as SUSv2 requirements
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
141 would otherwise corrupt our environment later. */
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
142 static char ip_env[256];
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
143
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
144 i_snprintf(ip_env, sizeof(ip_env),
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
145 "TCPREMOTEIP=%s", host);
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
146 putenv(ip_env);
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
147 open_smtp_relay();
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
148 }
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
149 }
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
150 #endif
91358abe5874 Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents: 2099
diff changeset
151
1075
f1401fa7ab03 auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents: 1046
diff changeset
152 callback(PASSDB_RESULT_OK, request);
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
153 }
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
154
3657
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents: 3656
diff changeset
155 static struct passdb_module *
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents: 3656
diff changeset
156 vpopmail_preinit(struct auth_passdb *auth_passdb, const char *args)
3656
fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents: 3474
diff changeset
157 {
8089
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
158 struct vpopmail_passdb_module *module;
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
159 const char *const *tmp;
3656
fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents: 3474
diff changeset
160
8089
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
161 module = p_new(auth_passdb->auth->pool,
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
162 struct vpopmail_passdb_module, 1);
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
163 module->module.default_pass_scheme = VPOPMAIL_DEFAULT_PASS_SCHEME;
3656
fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents: 3474
diff changeset
164
8089
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
165 tmp = t_strsplit_spaces(args, " ");
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
166 for (; *tmp != NULL; tmp++) {
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
167 if (strncmp(*tmp, "cache_key=", 10) == 0) {
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
168 module->module.cache_key =
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
169 auth_cache_parse_key(auth_passdb->auth->pool,
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
170 *tmp + 10);
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
171 } else if (strncmp(*tmp, "webmail=", 8) == 0) {
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
172 if (net_addr2ip(*tmp + 8, &module->webmail_ip) < 0)
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
173 i_fatal("vpopmail: Invalid webmail IP address");
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
174 } else {
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
175 i_fatal("vpopmail: Unknown setting: %s", *tmp);
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
176 }
3657
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents: 3656
diff changeset
177 }
8089
30e4c3360e76 vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents: 7086
diff changeset
178 return &module->module;
3656
fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents: 3474
diff changeset
179 }
fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents: 3474
diff changeset
180
6411
6a64e64fa3a3 Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents: 6241
diff changeset
181 static void vpopmail_deinit(struct passdb_module *module ATTR_UNUSED)
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
182 {
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
183 vclose();
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
184 }
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
185
3657
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents: 3656
diff changeset
186 struct passdb_module_interface passdb_vpopmail = {
2942
c7d426f8cb58 Added name variable for userdb_module and passdb_module and changed their
Timo Sirainen <tss@iki.fi>
parents: 2781
diff changeset
187 "vpopmail",
3657
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents: 3656
diff changeset
188
0c10475d9968 Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents: 3656
diff changeset
189 vpopmail_preinit,
3656
fda241fa5d77 Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents: 3474
diff changeset
190 NULL,
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
191 vpopmail_deinit,
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
192
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
193 vpopmail_verify_plain,
4782
2c1cc5bbc260 Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents: 4691
diff changeset
194 vpopmail_lookup_credentials,
2c1cc5bbc260 Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents: 4691
diff changeset
195 NULL
1035
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
196 };
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
197
fe49ece0f3ea We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff changeset
198 #endif