dovecot/original-hg/dovecot-1.2: src/imap-login/client-authenticate.c annotate

annotate src/imap-login/client-authenticate.c @ 2077:d5b20d679b8a HEAD

Removed hardcoded mechanism lists. It's now possible to add them dynamically. Added support for SASL initial response.

author	Timo Sirainen <tss@iki.fi>
date	Sun, 30 May 2004 00:40:30 +0300
parents	6a72075e3543
children	4d0834aaa365

rev	line source
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	1 /* Copyright (C) 2002 Timo Sirainen */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	2
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	3 #include "common.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	4 #include "base64.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	5 #include "buffer.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	6 #include "ioloop.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	7 #include "istream.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	8 #include "ostream.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	9 #include "safe-memset.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	10 #include "str.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	11 #include "imap-parser.h"
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	12 #include "auth-client.h"
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	13 #include "ssl-proxy.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	14 #include "client.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	15 #include "client-authenticate.h"
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	16 #include "auth-common.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	17 #include "master.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	18
1725 cc0690f92d96 disable_plaintext_auth defaults to yes now. ipv4 127.* and ipv6 ::1 Timo Sirainen <tss@iki.fi> parents: 1714 diff changeset	19 const char *client_authenticate_get_capabilities(int secured)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	20 {
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	21 const struct auth_mech_desc *mech;
d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	22 unsigned int i, count;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	23 string_t *str;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	24
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	25 str = t_str_new(128);
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	26 mech = auth_client_get_available_mechs(auth_client, &count);
d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	27 for (i = 0; i < count; i++) {
1949 d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	28 /* a) transport is secured
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	29 b) auth mechanism isn't plaintext
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	30 c) we allow insecure authentication
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	31 - but don't advertise AUTH=PLAIN, as RFC 2595 requires
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	32 */
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	33 if (mech[i].advertise &&
d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	34 (secured \|\| !mech[i].plaintext)) {
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	35 str_append_c(str, ' ');
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	36 str_append(str, "AUTH=");
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	37 str_append(str, mech[i].name);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	38 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	39 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	40
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	41 return str_c(str);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	42 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	43
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	44 static void client_auth_abort(struct imap_client client, const char msg)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	45 {
1499 e850252cdc7e Removed I/O priorities. They were pretty much useless and were just getting Timo Sirainen <tss@iki.fi> parents: 1474 diff changeset	46 client->authenticating = FALSE;
e850252cdc7e Removed I/O priorities. They were pretty much useless and were just getting Timo Sirainen <tss@iki.fi> parents: 1474 diff changeset	47
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	48 if (client->common.auth_request != NULL) {
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	49 auth_client_request_abort(client->common.auth_request);
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	50 client->common.auth_request = NULL;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	51 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	52
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	53 client_send_tagline(client, msg != NULL ?
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	54 t_strconcat("NO ", msg, NULL) :
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	55 "NO Authentication failed.");
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	56 o_stream_flush(client->output);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	57
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	58 /* get back to normal client input */
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	59 if (client->common.io != NULL)
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	60 io_remove(client->common.io);
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	61 client->common.io = client->common.fd == -1 ? NULL :
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	62 io_add(client->common.fd, IO_READ, client_input, client);
1714 96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	63
96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	64 client_unref(client);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	65 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	66
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	67 static void master_callback(struct client *_client, int success)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	68 {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	69 struct imap_client client = (struct imap_client ) _client;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	70 const char *reason = NULL;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	71
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	72 if (success) {
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	73 reason = t_strconcat("Login: ", client->common.virtual_user,
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	74 NULL);
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	75 } else {
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	76 reason = t_strconcat("Internal login failure: ",
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	77 client->common.virtual_user, NULL);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	78 client_send_line(client, "* BYE Internal login failure.");
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	79 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	80
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	81 client_destroy(client, reason);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	82 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	83
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	84 static void client_send_auth_data(struct imap_client *client,
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	85 const unsigned char *data, size_t size)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	86 {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	87 buffer_t *buf;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	88
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	89 t_push();
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	90
1782 2f3d906d99d8 data_stack_pool split into two: unsafe_data_stack_pool which works like Timo Sirainen <tss@iki.fi> parents: 1725 diff changeset	91 buf = buffer_create_dynamic(pool_datastack_create(),
2f3d906d99d8 data_stack_pool split into two: unsafe_data_stack_pool which works like Timo Sirainen <tss@iki.fi> parents: 1725 diff changeset	92 size*2, (size_t)-1);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	93 buffer_append(buf, "+ ", 2);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	94 base64_encode(data, size, buf);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	95 buffer_append(buf, "\r\n", 2);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	96
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	97 o_stream_send(client->output, buffer_get_data(buf, NULL),
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	98 buffer_get_used_size(buf));
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	99 o_stream_flush(client->output);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	100
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	101 t_pop();
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	102 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	103
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	104 static void login_callback(struct auth_request *request,
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	105 struct auth_client_request_reply *reply,
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	106 const unsigned char data, void context)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	107 {
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	108 struct imap_client *client = context;
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	109 const char *error;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	110 const void *ptr;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	111 size_t size;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	112
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	113 switch (auth_callback(request, reply, data, &client->common,
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	114 master_callback, &error)) {
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	115 case -1:
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	116 /* login failed */
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	117 client_auth_abort(client, error);
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	118 break;
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	119
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	120 case 0:
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	121 /* continue */
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	122 ptr = buffer_get_data(client->plain_login, &size);
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	123 auth_client_request_continue(request, ptr, size);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	124
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	125 buffer_set_used_size(client->plain_login, 0);
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	126 break;
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	127 default:
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	128 /* success, we should be able to log in. if we fail, just
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	129 disconnect the client. */
1275 af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1085 diff changeset	130 client->authenticating = FALSE;
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	131 client_send_tagline(client, "OK Logged in.");
1714 96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	132 client_unref(client);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	133 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	134 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	135
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	136 static enum auth_client_request_new_flags
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	137 client_get_auth_flags(struct imap_client *client)
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	138 {
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	139 enum auth_client_request_new_flags auth_flags = 0;
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	140
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	141 if (client->common.proxy != NULL &&
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	142 ssl_proxy_has_valid_client_cert(client->common.proxy))
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	143 auth_flags \|= AUTH_CLIENT_FLAG_SSL_VALID_CLIENT_CERT;
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	144 return auth_flags;
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	145 }
dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	146
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	147 int cmd_login(struct imap_client client, struct imap_arg args)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	148 {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	149 const char user, pass, *error;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	150
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	151 /* two arguments: username and password */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	152 if (args[0].type != IMAP_ARG_ATOM && args[0].type != IMAP_ARG_STRING)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	153 return FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	154 if (args[1].type != IMAP_ARG_ATOM && args[1].type != IMAP_ARG_STRING)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	155 return FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	156 if (args[2].type != IMAP_ARG_EOL)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	157 return FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	158
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	159 user = IMAP_ARG_STR(&args[0]);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	160 pass = IMAP_ARG_STR(&args[1]);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	161
1725 cc0690f92d96 disable_plaintext_auth defaults to yes now. ipv4 127.* and ipv6 ::1 Timo Sirainen <tss@iki.fi> parents: 1714 diff changeset	162 if (!client->secured && disable_plaintext_auth) {
1474 e0065ebba5b3 If client tries to do LOGIN even if it's disabled, send [ALERT] to user. Timo Sirainen <tss@iki.fi> parents: 1473 diff changeset	163 client_send_line(client,
e0065ebba5b3 If client tries to do LOGIN even if it's disabled, send [ALERT] to user. Timo Sirainen <tss@iki.fi> parents: 1473 diff changeset	164 "* BAD [ALERT] Plaintext authentication is disabled, "
1725 cc0690f92d96 disable_plaintext_auth defaults to yes now. ipv4 127.* and ipv6 ::1 Timo Sirainen <tss@iki.fi> parents: 1714 diff changeset	165 "but your client sent password in plaintext anyway. "
1474 e0065ebba5b3 If client tries to do LOGIN even if it's disabled, send [ALERT] to user. Timo Sirainen <tss@iki.fi> parents: 1473 diff changeset	166 "If anyone was listening, the password was exposed.");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	167 client_send_tagline(client,
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	168 "NO Plaintext authentication disabled.");
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	169 return TRUE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	170 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	171
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	172 /* authorization ID \0 authentication ID \0 pass */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	173 buffer_set_used_size(client->plain_login, 0);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	174 buffer_append_c(client->plain_login, '\0');
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	175 buffer_append(client->plain_login, user, strlen(user));
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	176 buffer_append_c(client->plain_login, '\0');
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	177 buffer_append(client->plain_login, pass, strlen(pass));
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	178
1714 96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	179 client_ref(client);
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	180
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	181 client->common.auth_request =
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	182 auth_client_request_new(auth_client, "PLAIN", "IMAP",
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	183 client_get_auth_flags(client),
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	184 NULL, 0, login_callback,
d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	185 client, &error);
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	186 if (client->common.auth_request == NULL) {
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	187 client_send_tagline(client, t_strconcat(
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	188 "NO Login failed: ", error, NULL));
1714 96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	189 client_unref(client);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	190 return TRUE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	191 }
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	192
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	193 /* don't read any input from client until login is finished */
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	194 if (client->common.io != NULL) {
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	195 io_remove(client->common.io);
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	196 client->common.io = NULL;
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	197 }
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	198
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	199 client->authenticating = TRUE;
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	200 return TRUE;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	201 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	202
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	203 static void authenticate_callback(struct auth_request *request,
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	204 struct auth_client_request_reply *reply,
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	205 const unsigned char data, void context)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	206 {
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	207 struct imap_client *client = context;
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	208 const char *error;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	209
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	210 switch (auth_callback(request, reply, data, &client->common,
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	211 master_callback, &error)) {
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	212 case -1:
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	213 /* login failed */
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	214 client_auth_abort(client, error);
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	215 break;
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	216
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	217 case 0:
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	218 /* continue */
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	219 client_send_auth_data(client, data, reply->data_size);
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	220 break;
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	221 default:
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	222 /* success, we should be able to log in. if we fail, just
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	223 disconnect the client. */
1275 af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1085 diff changeset	224 client->authenticating = FALSE;
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	225 client_send_tagline(client, "OK Logged in.");
1714 96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	226 client_unref(client);
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	227 }
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	228 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	229
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	230 static void client_auth_input(void *context)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	231 {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	232 struct imap_client *client = context;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	233 buffer_t *buf;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	234 char *line;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	235 size_t linelen, bufsize;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	236
1894 07324c0d1d0a IMAP AUTHENTICATE and POP3 AUTH commands could have left the process stuck Timo Sirainen <tss@iki.fi> parents: 1782 diff changeset	237 if (!client_read(client)) {
07324c0d1d0a IMAP AUTHENTICATE and POP3 AUTH commands could have left the process stuck Timo Sirainen <tss@iki.fi> parents: 1782 diff changeset	238 client_unref(client);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	239 return;
1894 07324c0d1d0a IMAP AUTHENTICATE and POP3 AUTH commands could have left the process stuck Timo Sirainen <tss@iki.fi> parents: 1782 diff changeset	240 }
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	241
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	242 if (client->skip_line) {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	243 if (i_stream_next_line(client->input) == NULL)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	244 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	245
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	246 client->skip_line = FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	247 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	248
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	249 /* @UNSAFE */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	250 line = i_stream_next_line(client->input);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	251 if (line == NULL)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	252 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	253
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	254 if (strcmp(line, "*") == 0) {
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	255 client_auth_abort(client, "Authentication aborted");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	256 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	257 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	258
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	259 linelen = strlen(line);
1782 2f3d906d99d8 data_stack_pool split into two: unsafe_data_stack_pool which works like Timo Sirainen <tss@iki.fi> parents: 1725 diff changeset	260 buf = buffer_create_static_hard(pool_datastack_create(), linelen);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	261
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	262 if (base64_decode((const unsigned char *) line, linelen,
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	263 NULL, buf) <= 0) {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	264 /* failed */
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	265 client_auth_abort(client, "Invalid base64 data");
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	266 } else if (client->common.auth_request == NULL) {
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	267 client_auth_abort(client, "Don't send unrequested data");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	268 } else {
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	269 auth_client_request_continue(client->common.auth_request,
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	270 buffer_get_data(buf, NULL),
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	271 buffer_get_used_size(buf));
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	272 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	273
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	274 /* clear sensitive data */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	275 safe_memset(line, 0, linelen);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	276
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	277 bufsize = buffer_get_used_size(buf);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	278 safe_memset(buffer_free_without_data(buf), 0, bufsize);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	279 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	280
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	281 int cmd_authenticate(struct imap_client client, struct imap_arg args)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	282 {
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	283 const struct auth_mech_desc *mech;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	284 const char mech_name, error;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	285
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	286 /* we want only one argument: authentication mechanism name */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	287 if (args[0].type != IMAP_ARG_ATOM && args[0].type != IMAP_ARG_STRING)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	288 return FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	289 if (args[1].type != IMAP_ARG_EOL)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	290 return FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	291
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	292 mech_name = IMAP_ARG_STR(&args[0]);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	293 if (*mech_name == '\0')
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	294 return FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	295
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	296 mech = auth_client_find_mech(auth_client, mech_name);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	297 if (mech == NULL) {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	298 client_send_tagline(client,
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	299 "NO Unsupported authentication mechanism.");
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	300 return TRUE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	301 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	302
1725 cc0690f92d96 disable_plaintext_auth defaults to yes now. ipv4 127.* and ipv6 ::1 Timo Sirainen <tss@iki.fi> parents: 1714 diff changeset	303 if (!client->secured && mech->plaintext && disable_plaintext_auth) {
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	304 client_send_tagline(client,
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	305 "NO Plaintext authentication disabled.");
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	306 return TRUE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	307 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	308
1714 96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	309 client_ref(client);
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	310 client->common.auth_request =
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	311 auth_client_request_new(auth_client, mech->name, "IMAP",
2027 dc5d0da1abe9 Added ssl_require_client_cert auth-specific setting. Hide Timo Sirainen <tss@iki.fi> parents: 1949 diff changeset	312 client_get_auth_flags(client),
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	313 NULL, 0, authenticate_callback,
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	314 client, &error);
43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	315 if (client->common.auth_request != NULL) {
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	316 /* following input data will go to authentication */
1084 86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	317 if (client->common.io != NULL)
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	318 io_remove(client->common.io);
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	319 client->common.io = io_add(client->common.fd, IO_READ,
86b8c9cb7ac0 Moved more auth code to login-common. Timo Sirainen <tss@iki.fi> parents: 1083 diff changeset	320 client_auth_input, client);
1275 af685269ead0 login: Wait until we're connected to auth process before executing command Timo Sirainen <tss@iki.fi> parents: 1085 diff changeset	321 client->authenticating = TRUE;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	322 } else {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	323 client_send_tagline(client, t_strconcat(
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	324 "NO Authentication failed: ", error, NULL));
1714 96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	325 client_unref(client);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	326 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	327
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	328 return TRUE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	329 }

Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/imap-login/client-authenticate.c @ 2077:d5b20d679b8a HEAD