Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/passdb-vpopmail.c @ 8999:afc1b0ef120d HEAD
When :MAILBOXDIR= was empty, we might have appended extra '/' to it, which caused problems.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Thu, 30 Apr 2009 20:00:09 -0400 |
parents | 2ed5d2250d1d |
children | 00cd9aacd03c |
rev | line source |
---|---|
8590
b9faf4db2a9f
Updated copyright notices to include year 2009.
Timo Sirainen <tss@iki.fi>
parents:
8513
diff
changeset
|
1 /* Copyright (c) 2002-2009 Dovecot authors, see the included COPYING file */ |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
3 /* Thanks to Courier-IMAP for showing how the vpopmail API should be used */ |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
4 |
3474
9096b7957413
Removed direct config.h including. I'm not sure why it was done before,
Timo Sirainen <tss@iki.fi>
parents:
3367
diff
changeset
|
5 #include "common.h" |
8217
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
8089
diff
changeset
|
6 #include "passdb.h" |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #ifdef PASSDB_VPOPMAIL |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
9 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include "safe-memset.h" |
2366
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
11 #include "password-scheme.h" |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
12 #include "auth-cache.h" |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 #include "userdb-vpopmail.h" |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 |
2132
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
16 #include <stdlib.h> |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
17 |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
18 #define VPOPMAIL_DEFAULT_PASS_SCHEME "CRYPT" |
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
19 |
8262
b51344f37d88
vpopmail: Use pw_flags field if vpopmail has it.
Timo Sirainen <tss@iki.fi>
parents:
8261
diff
changeset
|
20 /* pw_flags was added in vpopmail 5.4, olders use pw_gid field */ |
b51344f37d88
vpopmail: Use pw_flags field if vpopmail has it.
Timo Sirainen <tss@iki.fi>
parents:
8261
diff
changeset
|
21 #ifndef VQPASSWD_HAS_PW_FLAGS |
b51344f37d88
vpopmail: Use pw_flags field if vpopmail has it.
Timo Sirainen <tss@iki.fi>
parents:
8261
diff
changeset
|
22 # define pw_flags pw_gid |
b51344f37d88
vpopmail: Use pw_flags field if vpopmail has it.
Timo Sirainen <tss@iki.fi>
parents:
8261
diff
changeset
|
23 #endif |
b51344f37d88
vpopmail: Use pw_flags field if vpopmail has it.
Timo Sirainen <tss@iki.fi>
parents:
8261
diff
changeset
|
24 |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
25 struct vpopmail_passdb_module { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
26 struct passdb_module module; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
27 |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
28 struct ip_addr webmail_ip; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
29 }; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
30 |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
31 static bool vpopmail_is_disabled(struct auth_request *request, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
32 const struct vqpasswd *vpw) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
33 { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
34 struct passdb_module *_module = request->passdb->passdb; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
35 struct vpopmail_passdb_module *module = |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
36 (struct vpopmail_passdb_module *)_module; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
37 |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
38 if (strcmp(request->service, "IMAP") == 0) { |
8262
b51344f37d88
vpopmail: Use pw_flags field if vpopmail has it.
Timo Sirainen <tss@iki.fi>
parents:
8261
diff
changeset
|
39 if ((vpw->pw_flags & NO_IMAP) != 0) { |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
40 /* IMAP from webmail IP may still be allowed */ |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
41 if (!net_ip_compare(&module->webmail_ip, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
42 &request->remote_ip)) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
43 return TRUE; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
44 } |
8262
b51344f37d88
vpopmail: Use pw_flags field if vpopmail has it.
Timo Sirainen <tss@iki.fi>
parents:
8261
diff
changeset
|
45 if ((vpw->pw_flags & NO_WEBMAIL) != 0) { |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
46 if (net_ip_compare(&module->webmail_ip, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
47 &request->remote_ip)) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
48 return TRUE; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
49 } |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
50 } |
8262
b51344f37d88
vpopmail: Use pw_flags field if vpopmail has it.
Timo Sirainen <tss@iki.fi>
parents:
8261
diff
changeset
|
51 if ((vpw->pw_flags & NO_POP) != 0 && |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
52 strcmp(request->service, "POP3") == 0) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
53 return TRUE; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
54 return FALSE; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
55 } |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
56 |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
57 static char * |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
58 vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext, |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
59 enum passdb_result *result_r) |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
60 { |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
61 char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT]; |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
62 struct vqpasswd *vpw; |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
63 char *password; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
64 |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
65 vpw = vpopmail_lookup_vqp(auth_request, vpop_user, vpop_domain); |
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
66 if (vpw == NULL) { |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
67 *result_r = PASSDB_RESULT_USER_UNKNOWN; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
68 return NULL; |
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
69 } |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
70 |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
71 if (vpopmail_is_disabled(auth_request, vpw)) { |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
72 auth_request_log_info(auth_request, "vpopmail", |
8261
7f7cef2b5552
vpopmail: Improve imap/pop3 disabled error message.
Timo Sirainen <tss@iki.fi>
parents:
8217
diff
changeset
|
73 "%s disabled in vpopmail for this user", |
7f7cef2b5552
vpopmail: Improve imap/pop3 disabled error message.
Timo Sirainen <tss@iki.fi>
parents:
8217
diff
changeset
|
74 auth_request->service); |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
75 password = NULL; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
76 *result_r = PASSDB_RESULT_USER_DISABLED; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
77 } else { |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
78 password = t_strdup_noconst(cleartext ? vpw->pw_clear_passwd : |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
79 vpw->pw_passwd); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
80 *result_r = password != NULL ? PASSDB_RESULT_OK : |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
81 PASSDB_RESULT_SCHEME_NOT_AVAILABLE; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
82 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
83 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
84 safe_memset(vpw->pw_passwd, 0, strlen(vpw->pw_passwd)); |
2366
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
85 if (vpw->pw_clear_passwd != NULL) { |
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
86 safe_memset(vpw->pw_clear_passwd, 0, |
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
87 strlen(vpw->pw_clear_passwd)); |
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
88 } |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
89 |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
90 return password; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
91 } |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
92 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
93 static void vpopmail_lookup_credentials(struct auth_request *request, |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
94 lookup_credentials_callback_t *callback) |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
95 { |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
96 enum passdb_result result; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
97 char *password; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
98 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
99 password = vpopmail_password_lookup(request, TRUE, &result); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
100 if (password == NULL) { |
8825 | 101 callback(result, NULL, 0, request); |
4691
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
102 return; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
103 } |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
104 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
105 passdb_handle_credentials(PASSDB_RESULT_OK, password, "CLEARTEXT", |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
106 callback, request); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
107 safe_memset(password, 0, strlen(password)); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
108 } |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
109 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
110 static void |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
111 vpopmail_verify_plain(struct auth_request *request, const char *password, |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
112 verify_plain_callback_t *callback) |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
113 { |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
114 enum passdb_result result; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
115 const char *scheme, *tmp_pass; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
116 char *crypted_pass; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
117 int ret; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
118 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
119 crypted_pass = vpopmail_password_lookup(request, FALSE, &result); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
120 if (crypted_pass == NULL) { |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
121 callback(result, request); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
122 return; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
123 } |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
124 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
125 tmp_pass = crypted_pass; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
126 scheme = password_get_scheme(&tmp_pass); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
127 if (scheme == NULL) |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
128 scheme = request->passdb->passdb->default_pass_scheme; |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
129 |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
130 ret = auth_request_password_verify(request, password, |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
131 tmp_pass, scheme, "vpopmail"); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
132 safe_memset(crypted_pass, 0, strlen(crypted_pass)); |
a6abe149c2a4
Added support for non-plaintext authentication for vpopmail if it returns
Timo Sirainen <tss@iki.fi>
parents:
3918
diff
changeset
|
133 |
2366
33c584ef528a
Support MD5 passwords. Patch by Pascal Malterre
Timo Sirainen <tss@iki.fi>
parents:
2132
diff
changeset
|
134 if (ret <= 0) { |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1046
diff
changeset
|
135 callback(PASSDB_RESULT_PASSWORD_MISMATCH, request); |
1046
561da07883b6
Async userdb and passdb interface.
Timo Sirainen <tss@iki.fi>
parents:
1035
diff
changeset
|
136 return; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
137 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
138 |
2132
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
139 #ifdef HAVE_VPOPMAIL_OPEN_SMTP_RELAY |
2781
e44a84dc947c
s/protocol/service/ in authentication
Timo Sirainen <tss@iki.fi>
parents:
2678
diff
changeset
|
140 if (strcmp(request->service, "POP3") == 0 || |
e44a84dc947c
s/protocol/service/ in authentication
Timo Sirainen <tss@iki.fi>
parents:
2678
diff
changeset
|
141 strcmp(request->service, "IMAP") == 0) { |
2132
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
142 const char *host = net_ip2addr(&request->remote_ip); |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
143 if (host != NULL) { |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
144 /* use putenv() directly rather than env_put() which |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
145 would leak memory every time we got here. use a |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
146 static buffer for putenv() as SUSv2 requirements |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
147 would otherwise corrupt our environment later. */ |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
148 static char ip_env[256]; |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
149 |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
150 i_snprintf(ip_env, sizeof(ip_env), |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
151 "TCPREMOTEIP=%s", host); |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
152 putenv(ip_env); |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
153 open_smtp_relay(); |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
154 } |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
155 } |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
156 #endif |
91358abe5874
Added support for vpopmail pop-before-smtp relay
Timo Sirainen <tss@iki.fi>
parents:
2099
diff
changeset
|
157 |
1075
f1401fa7ab03
auth process fixes, LDAP seems to be working (with the kludge define or
Timo Sirainen <tss@iki.fi>
parents:
1046
diff
changeset
|
158 callback(PASSDB_RESULT_OK, request); |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
159 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
160 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
161 static struct passdb_module * |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
162 vpopmail_preinit(struct auth_passdb *auth_passdb, const char *args) |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
163 { |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
164 struct vpopmail_passdb_module *module; |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
165 const char *const *tmp; |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
166 |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
167 module = p_new(auth_passdb->auth->pool, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
168 struct vpopmail_passdb_module, 1); |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
169 module->module.default_pass_scheme = VPOPMAIL_DEFAULT_PASS_SCHEME; |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
170 |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
171 tmp = t_strsplit_spaces(args, " "); |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
172 for (; *tmp != NULL; tmp++) { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
173 if (strncmp(*tmp, "cache_key=", 10) == 0) { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
174 module->module.cache_key = |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
175 auth_cache_parse_key(auth_passdb->auth->pool, |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
176 *tmp + 10); |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
177 } else if (strncmp(*tmp, "webmail=", 8) == 0) { |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
178 if (net_addr2ip(*tmp + 8, &module->webmail_ip) < 0) |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
179 i_fatal("vpopmail: Invalid webmail IP address"); |
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
180 } else { |
8513
0691f5294bb9
Fail if trying to give unknown parameters to passdb/userdb.
Timo Sirainen <tss@iki.fi>
parents:
8262
diff
changeset
|
181 i_fatal("passdb vpopmail: Unknown setting: %s", *tmp); |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
182 } |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
183 } |
8089
30e4c3360e76
vpopmail: Added webmail=ip parameter. Use it for checking imap/webmail access.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
184 return &module->module; |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
185 } |
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
186 |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
6241
diff
changeset
|
187 static void vpopmail_deinit(struct passdb_module *module ATTR_UNUSED) |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
188 { |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
189 vclose(); |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
190 } |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
191 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
192 struct passdb_module_interface passdb_vpopmail = { |
2942
c7d426f8cb58
Added name variable for userdb_module and passdb_module and changed their
Timo Sirainen <tss@iki.fi>
parents:
2781
diff
changeset
|
193 "vpopmail", |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
194 |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
195 vpopmail_preinit, |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
196 NULL, |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
197 vpopmail_deinit, |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
198 |
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
199 vpopmail_verify_plain, |
4782
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4691
diff
changeset
|
200 vpopmail_lookup_credentials, |
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4691
diff
changeset
|
201 NULL |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
202 }; |
8217
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
8089
diff
changeset
|
203 #else |
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
8089
diff
changeset
|
204 struct passdb_module_interface passdb_vpopmail = { |
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
8089
diff
changeset
|
205 MEMBER(name) "vpopmail" |
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
8089
diff
changeset
|
206 }; |
1035
fe49ece0f3ea
We have now separate "userdb" and "passdb". They aren't tied to each others
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
207 #endif |