Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/plugins/expire/auth-client.c @ 4523:99699cf9df43 HEAD
Initial import of expire plugin code. Seems to work with at least one user. :)
| author | Timo Sirainen <timo.sirainen@movial.fi> |
|---|---|
| date | Mon, 31 Jul 2006 02:12:51 +0300 |
| parents | |
| children | 5b4c9b20eba0 |
| rev | line source |
|---|---|
|
4523
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
1 /* Copyright (C) 2005-2006 Timo Sirainen */ |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
2 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
3 #include "lib.h" |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
4 #include "ioloop.h" |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
5 #include "network.h" |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
6 #include "istream.h" |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
7 #include "ostream.h" |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
8 #include "env-util.h" |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
9 #include "restrict-access.h" |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
10 #include "auth-client.h" |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
11 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
12 #include <stdlib.h> |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
13 #include <unistd.h> |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
14 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
15 #define MAX_INBUF_SIZE 8192 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
16 #define MAX_OUTBUF_SIZE 512 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
17 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
18 struct auth_connection { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
19 char *auth_socket; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
20 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
21 int fd; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
22 struct io *io; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
23 struct istream *input; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
24 struct ostream *output; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
25 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
26 uid_t orig_uid, current_uid; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
27 const char *current_user; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
28 int return_value; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
29 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
30 unsigned int handshaked:1; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
31 }; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
32 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
33 static void auth_input(void *context); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
34 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
35 static int auth_connection_connect(struct auth_connection *conn) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
36 { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
37 int fd; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
38 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
39 if (conn->fd != -1) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
40 return 0; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
41 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
42 fd = net_connect_unix(conn->auth_socket); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
43 if (fd < 0) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
44 i_error("net_connect(%s) failed: %m", conn->auth_socket); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
45 return -1; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
46 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
47 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
48 conn->fd = fd; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
49 conn->input = |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
50 i_stream_create_file(fd, default_pool, MAX_INBUF_SIZE, FALSE); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
51 conn->output = |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
52 o_stream_create_file(fd, default_pool, MAX_OUTBUF_SIZE, FALSE); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
53 conn->io = io_add(fd, IO_READ, auth_input, conn); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
54 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
55 o_stream_send_str(conn->output, "VERSION\t1\t0\n"); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
56 return 0; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
57 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
58 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
59 static void auth_connection_close(struct auth_connection *conn) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
60 { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
61 if (conn->fd == -1) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
62 return; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
63 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
64 io_remove(&conn->io); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
65 i_stream_unref(&conn->input); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
66 o_stream_unref(&conn->output); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
67 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
68 if (close(conn->fd) < 0) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
69 i_error("close() failed: %m"); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
70 conn->fd = -1; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
71 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
72 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
73 struct auth_connection *auth_connection_init(const char *auth_socket) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
74 { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
75 struct auth_connection *conn; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
76 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
77 conn = i_new(struct auth_connection, 1); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
78 conn->auth_socket = i_strdup(auth_socket); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
79 conn->orig_uid = conn->current_uid = geteuid(); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
80 conn->fd = -1; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
81 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
82 (void)auth_connection_connect(conn); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
83 return conn; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
84 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
85 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
86 void auth_connection_deinit(struct auth_connection *conn) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
87 { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
88 auth_connection_close(conn); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
89 i_free(conn->auth_socket); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
90 i_free(conn); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
91 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
92 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
93 static void auth_parse_input(struct auth_connection *conn, const char *args) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
94 { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
95 const char *const *tmp, *key, *value; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
96 uid_t uid = (uid_t)-1; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
97 int home_found = FALSE; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
98 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
99 for (tmp = t_strsplit(args, "\t"); *tmp != NULL; tmp++) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
100 if (strncmp(*tmp, "uid=", 4) == 0) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
101 uid = strtoul(*tmp + 4, NULL, 10); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
102 else if (strncmp(*tmp, "gid=", 4) == 0) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
103 gid_t gid = strtoul(*tmp + 4, NULL, 10); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
104 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
105 if (conn->orig_uid == 0 || getegid() != gid) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
106 env_put(t_strconcat("RESTRICT_SETGID=", |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
107 *tmp + 4, NULL)); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
108 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
109 } else if (strncmp(*tmp, "chroot=", 7) == 0) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
110 env_put(t_strconcat("RESTRICT_CHROOT=", |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
111 *tmp + 7, NULL)); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
112 } else if (strncmp(*tmp, "home=", 5) == 0) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
113 home_found = TRUE; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
114 env_put(t_strconcat("HOME=", *tmp + 5, NULL)); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
115 } else { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
116 key = t_str_ucase(t_strcut(*tmp, '=')); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
117 value = strchr(*tmp, '='); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
118 if (value != NULL) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
119 env_put(t_strconcat(key, "=", value+1, NULL)); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
120 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
121 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
122 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
123 if (!home_found) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
124 /* we must have a home directory */ |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
125 i_error("userdb(%s) didn't return a home directory", |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
126 conn->current_user); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
127 return; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
128 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
129 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
130 if (uid == (uid_t)-1) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
131 i_error("userdb(%s) didn't return uid", conn->current_user); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
132 return; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
133 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
134 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
135 /* we'll change only effective UID. This is a bit unfortunate since |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
136 it allows reverting back to root, but we'll have to be able to |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
137 access different users' mailboxes.. */ |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
138 if (uid != conn->current_uid) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
139 if (conn->current_uid != 0) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
140 if (seteuid(0) != 0) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
141 i_fatal("seteuid(0) failed: %m"); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
142 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
143 if (seteuid(uid) < 0) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
144 i_fatal("seteuid(%s) failed: %m", dec2str(uid)); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
145 conn->current_uid = uid; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
146 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
147 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
148 restrict_access_by_env(FALSE); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
149 conn->return_value = 1; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
150 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
151 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
152 static void auth_input(void *context) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
153 { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
154 struct auth_connection *conn = context; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
155 const char *line; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
156 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
157 switch (i_stream_read(conn->input)) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
158 case 0: |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
159 return; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
160 case -1: |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
161 /* disconnected */ |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
162 auth_connection_close(conn); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
163 return; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
164 case -2: |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
165 /* buffer full */ |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
166 i_error("BUG: Auth master sent us more than %d bytes", |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
167 MAX_INBUF_SIZE); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
168 auth_connection_close(conn); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
169 return; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
170 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
171 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
172 if (!conn->handshaked) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
173 while ((line = i_stream_next_line(conn->input)) != NULL) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
174 if (strncmp(line, "VERSION\t", 8) == 0) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
175 if (strncmp(line + 8, "1\t", 2) != 0) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
176 i_error("Auth master version mismatch"); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
177 auth_connection_close(conn); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
178 return; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
179 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
180 } else if (strncmp(line, "SPID\t", 5) == 0) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
181 conn->handshaked = TRUE; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
182 break; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
183 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
184 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
185 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
186 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
187 line = i_stream_next_line(conn->input); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
188 if (line != NULL) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
189 if (strncmp(line, "USER\t1\t", 7) == 0) { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
190 auth_parse_input(conn, line + 7); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
191 } else if (strcmp(line, "NOTFOUND\t1") == 0) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
192 conn->return_value = 0; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
193 else if (strncmp(line, "FAIL\t1\t", 7) == 0) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
194 conn->return_value = -1; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
195 else { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
196 i_error("BUG: Unexpected input from auth master: %s", |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
197 line); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
198 auth_connection_close(conn); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
199 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
200 io_loop_stop(current_ioloop); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
201 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
202 } |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
203 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
204 int auth_client_put_user_env(struct auth_connection *conn, |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
205 const char *user) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
206 { |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
207 if (auth_connection_connect(conn) < 0) |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
208 return -1; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
209 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
210 conn->current_user = user; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
211 conn->return_value = -1; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
212 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
213 o_stream_send_str(conn->output, |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
214 t_strconcat("USER\t1\t", user, "\t" |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
215 "service=expire\n", NULL)); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
216 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
217 io_loop_run(current_ioloop); |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
218 |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
219 conn->current_user = NULL; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
220 return conn->return_value; |
|
99699cf9df43
Initial import of expire plugin code. Seems to work with at least one user. :)
Timo Sirainen <timo.sirainen@movial.fi>
parents:
diff
changeset
|
221 } |