dovecot/original-hg/dovecot-1.2: src/imap-login/client-authenticate.c annotate

annotate src/imap-login/client-authenticate.c @ 2773:e624a9ad6a30 HEAD

More smart IMAP and POP3 proxies. Now if remote login fails, it just destroys the proxy and allows trying another username which can go elsewhere. Also now replies with the same old "Authentication failed" error message instead of showing remote server's failure message.

author	Timo Sirainen <tss@iki.fi>
date	Tue, 19 Oct 2004 02:07:01 +0300
parents	d344be0bb70f
children	08c640bdf749

rev	line source
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	1 /* Copyright (C) 2002-2004 Timo Sirainen */
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	2
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	3 #include "common.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	4 #include "base64.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	5 #include "buffer.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	6 #include "ioloop.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	7 #include "istream.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	8 #include "ostream.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	9 #include "safe-memset.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	10 #include "str.h"
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	11 #include "str-sanitize.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	12 #include "imap-parser.h"
1702 43815588dd6b Moved client side code for auth process handling to lib-auth. Some other login process cleanups. Timo Sirainen <tss@iki.fi> parents: 1499 diff changeset	13 #include "auth-client.h"
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	14 #include "client.h"
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	15 #include "client-authenticate.h"
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	16 #include "imap-proxy.h"
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	17
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	18 #include <stdlib.h>
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	19
1725 cc0690f92d96 disable_plaintext_auth defaults to yes now. ipv4 127.* and ipv6 ::1 Timo Sirainen <tss@iki.fi> parents: 1714 diff changeset	20 const char *client_authenticate_get_capabilities(int secured)
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	21 {
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	22 const struct auth_mech_desc *mech;
d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	23 unsigned int i, count;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	24 string_t *str;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	25
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	26 str = t_str_new(128);
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	27 mech = auth_client_get_available_mechs(auth_client, &count);
d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	28 for (i = 0; i < count; i++) {
1949 d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	29 /* a) transport is secured
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	30 b) auth mechanism isn't plaintext
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	31 c) we allow insecure authentication
d2755efdd187 Don't advertise AUTH=PLAIN unless transport is secure Timo Sirainen <tss@iki.fi> parents: 1894 diff changeset	32 */
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	33 if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 &&
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	34 (secured \|\| !disable_plaintext_auth \|\|
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	35 (mech[i].flags & MECH_SEC_PLAINTEXT) == 0)) {
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	36 str_append_c(str, ' ');
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	37 str_append(str, "AUTH=");
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	38 str_append(str, mech[i].name);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	39 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	40 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	41
2077 d5b20d679b8a Removed hardcoded mechanism lists. It's now possible to add them Timo Sirainen <tss@iki.fi> parents: 2076 diff changeset	42 return str_c(str);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	43 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	44
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	45 static void client_auth_input(void *context)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	46 {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	47 struct imap_client *client = context;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	48 char *line;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	49
2237 6b05e30c669a crashfix if client closes connection while authenticating Timo Sirainen <tss@iki.fi> parents: 2097 diff changeset	50 if (!client_read(client))
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	51 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	52
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	53 if (client->skip_line) {
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	54 if (i_stream_next_line(client->input) == NULL)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	55 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	56
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	57 client->skip_line = FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	58 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	59
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	60 /* @UNSAFE */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	61 line = i_stream_next_line(client->input);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	62 if (line == NULL)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	63 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	64
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	65 if (strcmp(line, "*") == 0) {
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	66 sasl_server_auth_cancel(&client->common,
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	67 "Authentication aborted");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	68 return;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	69 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	70
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	71 if (client->common.auth_request == NULL) {
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	72 sasl_server_auth_cancel(&client->common,
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	73 "Don't send unrequested data");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	74 } else {
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	75 auth_client_request_continue(client->common.auth_request, line);
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	76 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	77
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	78 /* clear sensitive data */
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	79 safe_memset(line, 0, strlen(line));
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	80 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	81
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	82 static int client_handle_args(struct imap_client *client,
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	83 const char const args, int nologin)
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	84 {
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	85 const char reason = NULL, host = NULL, destuser = NULL, pass = NULL;
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	86 string_t *reply;
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	87 unsigned int port = 143;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	88 int proxy = FALSE;
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	89
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	90 for (; *args != NULL; args++) {
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	91 if (strcmp(*args, "nologin") == 0)
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	92 nologin = TRUE;
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	93 else if (strcmp(*args, "proxy") == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	94 proxy = TRUE;
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	95 else if (strncmp(*args, "reason=", 7) == 0)
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	96 reason = *args + 7;
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	97 else if (strncmp(*args, "host=", 5) == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	98 host = *args + 5;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	99 else if (strncmp(*args, "port=", 5) == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	100 port = atoi(*args + 5);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	101 else if (strncmp(*args, "destuser=", 9) == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	102 destuser = *args + 9;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	103 else if (strncmp(*args, "pass=", 5) == 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	104 pass = *args + 5;
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	105 }
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	106
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	107 if (destuser == NULL)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	108 destuser = client->common.virtual_user;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	109
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	110 if (proxy) {
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	111 /* we want to proxy the connection to another server.
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	112
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	113 proxy host=.. [port=..] [destuser=..] pass=.. */
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	114 if (imap_proxy_new(client, host, port, destuser, pass) < 0)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	115 client_destroy_internal_failure(client);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	116 return TRUE;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	117 } else if (host != NULL) {
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	118 /* IMAP referral
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	119
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	120 [nologin] referral host=.. [port=..] [destuser=..]
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	121 [reason=..]
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	122
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	123 NO [REFERRAL imap://destuser;AUTH=..@host:port/] Can't login.
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	124 OK [...] Logged in, but you should use this server instead.
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	125 .. [REFERRAL ..] (Reason from auth server)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	126 */
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	127 reply = t_str_new(128);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	128 str_append(reply, nologin ? "NO " : "OK ");
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	129 str_printfa(reply, "[REFERRAL imap://%s;AUTH=%s@%s",
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	130 destuser, client->common.auth_mech_name, host);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	131 if (port != 143)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	132 str_printfa(reply, ":%u", port);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	133 str_append(reply, "/] ");
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	134 if (reason != NULL)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	135 str_append(reply, reason);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	136 else if (nologin)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	137 str_append(reply, "Try this server instead.");
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	138 else {
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	139 str_append(reply, "Logged in, but you should use "
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	140 "this server instead.");
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	141 }
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	142 client_send_tagline(client, str_c(reply));
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	143 } else if (nologin) {
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	144 /* Authentication went ok, but for some reason user isn't
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	145 allowed to log in. Shouldn't probably happen. */
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	146 reply = t_str_new(128);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	147 if (reason != NULL)
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	148 str_printfa(reply, "NO %s", reason);
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	149 else
2773 e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just Timo Sirainen <tss@iki.fi> parents: 2768 diff changeset	150 str_append(reply, "NO "AUTH_FAILED_MSG);
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	151 client_send_tagline(client, str_c(reply));
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	152 } else {
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	153 /* normal login/failure */
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	154 return FALSE;
d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	155 }
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	156
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	157 if (!nologin) {
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	158 client_destroy(client, t_strconcat(
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	159 "Login: ", client->common.virtual_user, NULL));
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	160 } else {
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	161 /* get back to normal client input. */
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	162 if (client->io != NULL)
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	163 io_remove(client->io);
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	164 client->io = io_add(client->common.fd, IO_READ,
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	165 client_input, client);
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	166 }
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	167 return TRUE;
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	168 }
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	169
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	170 static void sasl_callback(struct client *_client, enum sasl_server_reply reply,
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	171 const char data, const char const *args)
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	172 {
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	173 struct imap_client client = (struct imap_client )_client;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	174 struct const_iovec iov[3];
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	175 size_t data_len;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	176 ssize_t ret;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	177
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	178 switch (reply) {
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	179 case SASL_SERVER_REPLY_SUCCESS:
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	180 if (args != NULL) {
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	181 if (client_handle_args(client, args, FALSE))
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	182 break;
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	183 }
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	184
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	185 client_send_tagline(client, "OK Logged in.");
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	186 client_destroy(client, t_strconcat(
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	187 "Login: ", client->common.virtual_user, NULL));
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	188 break;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	189 case SASL_SERVER_REPLY_AUTH_FAILED:
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	190 if (args != NULL) {
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	191 if (client_handle_args(client, args, TRUE))
2766 26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	192 break;
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	193 }
26a091f3add6 Implemented support for LOGIN-REFERRALS using "referral" and "reason" Timo Sirainen <tss@iki.fi> parents: 2736 diff changeset	194
2773 e624a9ad6a30 More smart IMAP and POP3 proxies. Now if remote login fails, it just Timo Sirainen <tss@iki.fi> parents: 2768 diff changeset	195 client_send_tagline(client, "NO "AUTH_FAILED_MSG);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	196
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	197 /* get back to normal client input. */
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	198 if (client->io != NULL)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	199 io_remove(client->io);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	200 client->io = io_add(client->common.fd, IO_READ,
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	201 client_input, client);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	202 break;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	203 case SASL_SERVER_REPLY_MASTER_FAILED:
2768 d344be0bb70f Added IMAP and POP3 proxying support. Timo Sirainen <tss@iki.fi> parents: 2766 diff changeset	204 client_destroy_internal_failure(client);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	205 break;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	206 case SASL_SERVER_REPLY_CONTINUE:
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	207 data_len = strlen(data);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	208 iov[0].iov_base = "+ ";
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	209 iov[0].iov_len = 2;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	210 iov[1].iov_base = data;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	211 iov[1].iov_len = data_len;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	212 iov[2].iov_base = "\r\n";
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	213 iov[2].iov_len = 2;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	214
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	215 ret = o_stream_sendv(client->output, iov, 3);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	216 if (ret < 0)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	217 client_destroy(client, "Disconnected");
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	218 else if ((size_t)ret != 2 + data_len + 2)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	219 client_destroy(client, "Transmit buffer full");
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	220 else {
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	221 /* continue */
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	222 return;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	223 }
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	224 break;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	225 }
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	226
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	227 client_unref(client);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	228 }
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	229
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	230 int cmd_authenticate(struct imap_client client, struct imap_arg args)
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	231 {
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	232 const char *mech_name;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	233
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	234 /* we want only one argument: authentication mechanism name */
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	235 if (args[0].type != IMAP_ARG_ATOM && args[0].type != IMAP_ARG_STRING)
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	236 return -1;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	237 if (args[1].type != IMAP_ARG_EOL)
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	238 return -1;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	239
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	240 mech_name = IMAP_ARG_STR(&args[0]);
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	241 if (*mech_name == '\0')
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	242 return FALSE;
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	243
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	244 client_ref(client);
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	245 sasl_server_auth_begin(&client->common, "IMAP", mech_name, NULL,
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	246 sasl_callback);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	247 if (!client->common.authenticating)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	248 return 1;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	249
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	250 /* following input data will go to authentication */
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	251 if (client->io != NULL)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	252 io_remove(client->io);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	253 client->io = io_add(client->common.fd, IO_READ,
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	254 client_auth_input, client);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	255 return 0;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	256 }
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	257
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	258 int cmd_login(struct imap_client client, struct imap_arg args)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	259 {
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	260 const char user, pass;
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	261 string_t plain_login, base64;
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	262
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	263 /* two arguments: username and password */
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	264 if (args[0].type != IMAP_ARG_ATOM && args[0].type != IMAP_ARG_STRING)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	265 return -1;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	266 if (args[1].type != IMAP_ARG_ATOM && args[1].type != IMAP_ARG_STRING)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	267 return -1;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	268 if (args[2].type != IMAP_ARG_EOL)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	269 return -1;
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	270
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	271 user = IMAP_ARG_STR(&args[0]);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	272 pass = IMAP_ARG_STR(&args[1]);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	273
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	274 if (!client->common.secured && disable_plaintext_auth) {
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	275 if (verbose_auth) {
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	276 client_syslog(&client->common, "Login failed: "
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	277 "Plaintext authentication disabled");
2691 46f879c46b45 auth_verbose now affects imap/pop3 login processes too. Every authentication Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	278 }
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	279 client_send_line(client,
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	280 "* BAD [ALERT] Plaintext authentication is disabled, "
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	281 "but your client sent password in plaintext anyway. "
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	282 "If anyone was listening, the password was exposed.");
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	283 client_send_tagline(client,
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	284 "NO Plaintext authentication disabled.");
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	285 return 1;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	286 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	287
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	288 /* authorization ID \0 authentication ID \0 pass */
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	289 plain_login = buffer_create_dynamic(pool_datastack_create(), 64);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	290 buffer_append_c(plain_login, '\0');
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	291 buffer_append(plain_login, user, strlen(user));
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	292 buffer_append_c(plain_login, '\0');
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	293 buffer_append(plain_login, pass, strlen(pass));
2097 4e77cb0aff21 Added %l, %r and %P variables and mail_log_prefix setting. Timo Sirainen <tss@iki.fi> parents: 2088 diff changeset	294
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	295 base64 = buffer_create_dynamic(pool_datastack_create(),
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	296 MAX_BASE64_ENCODED_SIZE(plain_login->used));
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	297 base64_encode(plain_login->data, plain_login->used, base64);
0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	298
1714 96dab004a87a fixes. maybe it works now. Timo Sirainen <tss@iki.fi> parents: 1702 diff changeset	299 client_ref(client);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	300 sasl_server_auth_begin(&client->common, "IMAP", "PLAIN",
2736 0f31778d3c34 Changed dovecot-auth protocol to ASCII based. Should be easier now to write Timo Sirainen <tss@iki.fi> parents: 2734 diff changeset	301 str_c(base64), sasl_callback);
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	302 if (!client->common.authenticating)
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	303 return 1;
2421 d141e1bfdd63 We never do blocking reads/writes to network anymore. Changed imap and pop3 Timo Sirainen <tss@iki.fi> parents: 2287 diff changeset	304
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	305 /* don't read any input from client until login is finished */
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	306 if (client->io != NULL) {
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	307 io_remove(client->io);
9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	308 client->io = NULL;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	309 }
c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	310
2733 9b9d9c164a31 Login process cleanups. Share more authentication code between pop3/imap. Timo Sirainen <tss@iki.fi> parents: 2708 diff changeset	311 return 0;
1049 c41787e8c3f4 Moved common login process code to login-common, created pop3-login. Timo Sirainen <tss@iki.fi> parents: diff changeset	312 }

Mercurial > dovecot > original-hg > dovecot-1.2

annotate src/imap-login/client-authenticate.c @ 2773:e624a9ad6a30 HEAD