# HG changeset patch # User Timo Sirainen # Date 1093699542 -10800 # Node ID 0f660149c7ef3161c1fa898b5cefc10ff6373f90 # Parent 14659195561816f4af149c4d2b6bbaefd0ac1286 Added auth_username_translation setting. diff -r 146591955618 -r 0f660149c7ef dovecot-example.conf --- a/dovecot-example.conf Sat Aug 28 16:10:22 2004 +0300 +++ b/dovecot-example.conf Sat Aug 28 16:25:42 2004 +0300 @@ -422,6 +422,11 @@ # set this value to empty. #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ +# Username character translations before it's looked up from databases. The +# value contains series of from -> to characters. For example "#@/@" means +# that '#' and '/' characters are translated to '@'. +#auth_username_translation = + # Username to use for users logging in with ANONYMOUS SASL mechanism #auth_anonymous_username = anonymous diff -r 146591955618 -r 0f660149c7ef src/auth/mech-apop.c --- a/src/auth/mech-apop.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/auth/mech-apop.c Sat Aug 28 16:25:42 2004 +0300 @@ -115,7 +115,7 @@ tmp++; auth_request->user = p_strdup(auth->pool, username); - if (!mech_is_valid_username(auth_request->user)) { + if (!mech_fix_username(auth_request->user)) { if (verbose) { i_info("apop(%s): invalid username", get_log_prefix(auth_request)); diff -r 146591955618 -r 0f660149c7ef src/auth/mech-cram-md5.c --- a/src/auth/mech-cram-md5.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/auth/mech-cram-md5.c Sat Aug 28 16:25:42 2004 +0300 @@ -138,7 +138,7 @@ auth_request->user = p_strdup(auth_request->pool, auth->username); - if (mech_is_valid_username(auth_request->user)) { + if (mech_fix_username(auth_request->user)) { passdb->lookup_credentials(&auth->auth_request, PASSDB_CREDENTIALS_CRAM_MD5, credentials_callback); diff -r 146591955618 -r 0f660149c7ef src/auth/mech-digest-md5.c --- a/src/auth/mech-digest-md5.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/auth/mech-digest-md5.c Sat Aug 28 16:25:42 2004 +0300 @@ -559,7 +559,7 @@ realm, NULL); } - if (mech_is_valid_username(auth_request->user)) { + if (mech_fix_username(auth_request->user)) { passdb->lookup_credentials(&auth->auth_request, PASSDB_CREDENTIALS_DIGEST_MD5, credentials_callback); diff -r 146591955618 -r 0f660149c7ef src/auth/mech-login.c --- a/src/auth/mech-login.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/auth/mech-login.c Sat Aug 28 16:25:42 2004 +0300 @@ -34,7 +34,7 @@ auth_request->user = p_strndup(auth_request->pool, data, data_size); - if (!mech_is_valid_username(auth_request->user)) { + if (!mech_fix_username(auth_request->user)) { if (verbose) { i_info("login(%s): invalid username", get_log_prefix(auth_request)); diff -r 146591955618 -r 0f660149c7ef src/auth/mech-ntlm.c --- a/src/auth/mech-ntlm.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/auth/mech-ntlm.c Sat Aug 28 16:25:42 2004 +0300 @@ -175,7 +175,7 @@ username = p_strdup(auth_request->pool, ntlmssp_t_str(auth->response, user)); - if (!mech_is_valid_username(username)) { + if (!mech_fix_username(username)) { if (verbose) { i_info("ntlm(%s): invalid username", get_log_prefix(auth_request)); diff -r 146591955618 -r 0f660149c7ef src/auth/mech-plain.c --- a/src/auth/mech-plain.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/auth/mech-plain.c Sat Aug 28 16:25:42 2004 +0300 @@ -60,7 +60,7 @@ authenid); } - if (!mech_is_valid_username(auth_request->user)) { + if (!mech_fix_username(auth_request->user)) { /* invalid username */ if (verbose) { i_info("plain(%s): invalid username", diff -r 146591955618 -r 0f660149c7ef src/auth/mech-rpa.c --- a/src/auth/mech-rpa.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/auth/mech-rpa.c Sat Aug 28 16:25:42 2004 +0300 @@ -483,7 +483,7 @@ return TRUE; } - if (!mech_is_valid_username(auth_request->user)) { + if (!mech_fix_username(auth_request->user)) { if (verbose) { i_info("rpa(%s): invalid username", get_log_prefix(auth_request)); diff -r 146591955618 -r 0f660149c7ef src/auth/mech.c --- a/src/auth/mech.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/auth/mech.c Sat Aug 28 16:25:42 2004 +0300 @@ -16,7 +16,7 @@ const char *const *auth_realms; const char *default_realm; const char *anonymous_username; -char username_chars[256]; +char username_chars[256], username_translation[256]; static int set_use_cyrus_sasl; static int ssl_require_client_cert; @@ -253,11 +253,13 @@ } } -int mech_is_valid_username(const char *username) +int mech_fix_username(char *username) { - const unsigned char *p; + unsigned char *p; - for (p = (const unsigned char *)username; *p != '\0'; p++) { + for (p = (unsigned char *)username; *p != '\0'; p++) { + if (username_translation[*p & 0xff] != 0) + *p = username_translation[*p & 0xff]; if (username_chars[*p & 0xff] == 0) return FALSE; } @@ -470,6 +472,15 @@ username_chars[((unsigned char)*env) & 0xff] = 0xff; } + env = getenv("USERNAME_TRANSLATION"); + memset(username_translation, 0, sizeof(username_translation)); + if (env != NULL) { + for (; *env != '\0' && env[1] != '\0'; env += 2) { + username_translation[((unsigned char)*env) & 0xff] = + env[1]; + } + } + set_use_cyrus_sasl = getenv("USE_CYRUS_SASL") != NULL; #ifdef USE_CYRUS_SASL2 if (set_use_cyrus_sasl) diff -r 146591955618 -r 0f660149c7ef src/auth/mech.h --- a/src/auth/mech.h Sat Aug 28 16:10:22 2004 +0300 +++ b/src/auth/mech.h Sat Aug 28 16:25:42 2004 +0300 @@ -81,7 +81,7 @@ void mech_auth_finish(struct auth_request *auth_request, const void *data, size_t data_size, int success); -int mech_is_valid_username(const char *username); +int mech_fix_username(char *username); void mech_cyrus_sasl_init_lib(void); struct auth_request * diff -r 146591955618 -r 0f660149c7ef src/master/auth-process.c --- a/src/master/auth-process.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/master/auth-process.c Sat Aug 28 16:25:42 2004 +0300 @@ -382,6 +382,8 @@ env_put(t_strconcat("USERDB=", group->set->userdb, NULL)); env_put(t_strconcat("PASSDB=", group->set->passdb, NULL)); env_put(t_strconcat("USERNAME_CHARS=", group->set->username_chars, NULL)); + env_put(t_strconcat("USERNAME_TRANSLATION=", + group->set->username_translation, NULL)); env_put(t_strconcat("ANONYMOUS_USERNAME=", group->set->anonymous_username, NULL)); diff -r 146591955618 -r 0f660149c7ef src/master/master-settings.c --- a/src/master/master-settings.c Sat Aug 28 16:10:22 2004 +0300 +++ b/src/master/master-settings.c Sat Aug 28 16:25:42 2004 +0300 @@ -139,6 +139,7 @@ DEF(SET_STR, user), DEF(SET_STR, chroot), DEF(SET_STR, username_chars), + DEF(SET_STR, username_translation), DEF(SET_STR, anonymous_username), DEF(SET_BOOL, use_cyrus_sasl), @@ -302,6 +303,7 @@ MEMBER(user) "root", MEMBER(chroot) NULL, MEMBER(username_chars) "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@", + MEMBER(username_translation) "", MEMBER(anonymous_username) "anonymous", MEMBER(use_cyrus_sasl) FALSE, diff -r 146591955618 -r 0f660149c7ef src/master/master-settings.h --- a/src/master/master-settings.h Sat Aug 28 16:10:22 2004 +0300 +++ b/src/master/master-settings.h Sat Aug 28 16:25:42 2004 +0300 @@ -129,6 +129,7 @@ const char *user; const char *chroot; const char *username_chars; + const char *username_translation; const char *anonymous_username; int use_cyrus_sasl, verbose, debug;