Mercurial > dovecot > original-hg > dovecot-1.2
annotate src/auth/passdb-bsdauth.c @ 9608:f30e6a345d73 HEAD
Added tag 1.2.14 for changeset eb04e2b13e3d
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 24 Aug 2010 18:10:29 +0100 |
parents | 00cd9aacd03c |
children |
rev | line source |
---|---|
9532
00cd9aacd03c
Updated copyright notices to include year 2010.
Timo Sirainen <tss@iki.fi>
parents:
9427
diff
changeset
|
1 /* Copyright (c) 2002-2010 Dovecot authors, see the included COPYING file */ |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
2 |
3474
9096b7957413
Removed direct config.h including. I'm not sure why it was done before,
Timo Sirainen <tss@iki.fi>
parents:
3257
diff
changeset
|
3 #include "common.h" |
8217
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
4 #include "passdb.h" |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
5 |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
6 #ifdef PASSDB_BSDAUTH |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
7 |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
8 #include "safe-memset.h" |
8588
73b8468c3b87
bsdauth: Fix compiler warning + crash on 64bit systems.
Timo Sirainen <tss@iki.fi>
parents:
8522
diff
changeset
|
9 #include "auth-cache.h" |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
10 #include "mycrypt.h" |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
11 |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
12 #include <login_cap.h> |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
13 #include <bsd_auth.h> |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
14 #include <pwd.h> |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
15 |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
16 static void |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
17 bsdauth_verify_plain(struct auth_request *request, const char *password, |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
18 verify_plain_callback_t *callback) |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
19 { |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
20 struct passwd *pw; |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
21 int result; |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
22 |
5259 | 23 auth_request_log_debug(request, "bsdauth", "lookup"); |
24 | |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
25 pw = getpwnam(request->user); |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
26 if (pw == NULL) { |
3069 | 27 auth_request_log_info(request, "bsdauth", "unknown user"); |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
28 callback(PASSDB_RESULT_USER_UNKNOWN, request); |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
29 return; |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
30 } |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
31 |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
32 /* check if the password is valid */ |
2645 | 33 result = auth_userokay(request->user, NULL, NULL, |
34 t_strdup_noconst(password)); | |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
35 |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
36 /* clear the passwords from memory */ |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
37 safe_memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
38 |
3863
55df57c028d4
Added "bool" type and changed all ints that were used as booleans to bool.
Timo Sirainen <tss@iki.fi>
parents:
3657
diff
changeset
|
39 if (result == 0) { |
3069 | 40 auth_request_log_info(request, "bsdauth", "password mismatch"); |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
41 callback(PASSDB_RESULT_PASSWORD_MISMATCH, request); |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
42 return; |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
43 } |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
44 |
3257
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
45 /* make sure we're using the username exactly as it's in the database */ |
3635
c12df370e1b2
Added ssl_username_from_cert setting. Not actually tested yet..
Timo Sirainen <tss@iki.fi>
parents:
3474
diff
changeset
|
46 auth_request_set_field(request, "user", pw->pw_name, NULL); |
3257
92c16e82b806
passdb can now change the username that was used to log in. This is mostly
Timo Sirainen <tss@iki.fi>
parents:
3166
diff
changeset
|
47 |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
48 callback(PASSDB_RESULT_OK, request); |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
49 } |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
50 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
51 static struct passdb_module * |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
52 bsdauth_preinit(struct auth_passdb *auth_passdb, const char *args) |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3635
diff
changeset
|
53 { |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
54 struct passdb_module *module; |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3635
diff
changeset
|
55 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
56 module = p_new(auth_passdb->auth->pool, struct passdb_module, 1); |
9427
5fc4fb574c9f
bsdauth: And compile fix to previous change..
Timo Sirainen <tss@iki.fi>
parents:
9426
diff
changeset
|
57 module->default_pass_scheme = "PLAIN"; /* same reason as PAM */ |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3635
diff
changeset
|
58 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
59 if (strncmp(args, "cache_key=", 10) == 0) { |
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
60 module->cache_key = |
6241
17e056f924cb
Store cache_key via auth_cache_parse_key() which adds TABs between the
Timo Sirainen <tss@iki.fi>
parents:
5259
diff
changeset
|
61 auth_cache_parse_key(auth_passdb->auth->pool, |
17e056f924cb
Store cache_key via auth_cache_parse_key() which adds TABs between the
Timo Sirainen <tss@iki.fi>
parents:
5259
diff
changeset
|
62 args + 10); |
8522
b80ef0ddd1d3
Previous "Unknown setting" in passdb check changes were a bit broken.
Timo Sirainen <tss@iki.fi>
parents:
8513
diff
changeset
|
63 } else if (*args != '\0') |
8513
0691f5294bb9
Fail if trying to give unknown parameters to passdb/userdb.
Timo Sirainen <tss@iki.fi>
parents:
8217
diff
changeset
|
64 i_fatal("passdb bsdauth: Unknown setting: %s", args); |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
65 return module; |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3635
diff
changeset
|
66 } |
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3635
diff
changeset
|
67 |
6411
6a64e64fa3a3
Renamed __attr_*__ to ATTR_*. Renamed __attrs_used__ to ATTRS_DEFINED.
Timo Sirainen <tss@iki.fi>
parents:
6241
diff
changeset
|
68 static void bsdauth_deinit(struct passdb_module *module ATTR_UNUSED) |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
69 { |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
70 endpwent(); |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
71 } |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
72 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
73 struct passdb_module_interface passdb_bsdauth = { |
2942
c7d426f8cb58
Added name variable for userdb_module and passdb_module and changed their
Timo Sirainen <tss@iki.fi>
parents:
2648
diff
changeset
|
74 "bsdauth", |
c7d426f8cb58
Added name variable for userdb_module and passdb_module and changed their
Timo Sirainen <tss@iki.fi>
parents:
2648
diff
changeset
|
75 |
3657
0c10475d9968
Separated passdb_module's interface and the actual data struct. Now it's
Timo Sirainen <tss@iki.fi>
parents:
3656
diff
changeset
|
76 bsdauth_preinit, |
3656
fda241fa5d77
Make auth caching work with non-sql/ldap passdbs too.
Timo Sirainen <tss@iki.fi>
parents:
3635
diff
changeset
|
77 NULL, |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
78 bsdauth_deinit, |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
79 |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
80 bsdauth_verify_plain, |
4782
2c1cc5bbc260
Added auth_request_set_credentials() to modify credentials in passdb and
Timo Sirainen <tss@iki.fi>
parents:
4694
diff
changeset
|
81 NULL, |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
82 NULL |
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
83 }; |
8217
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
84 #else |
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
85 struct passdb_module_interface passdb_bsdauth = { |
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
86 MEMBER(name) "bsdauth" |
c47b78e843aa
Separate "unknown passdb/userdb X" and "support for X not compiled in" error messages.
Timo Sirainen <tss@iki.fi>
parents:
7086
diff
changeset
|
87 }; |
1851
d66d53f57e43
Added bsdauth support, patch by Dan Cross
Timo Sirainen <tss@iki.fi>
parents:
diff
changeset
|
88 #endif |