Mercurial > dovecot > original-hg > dovecot-1.2

changeset 2510:0f660149c7ef HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added auth_username_translation setting.
author Timo Sirainen <tss@iki.fi>
date Sat, 28 Aug 2004 16:25:42 +0300
parents 146591955618
children 710e0bf25bf8
files dovecot-example.conf src/auth/mech-apop.c src/auth/mech-cram-md5.c src/auth/mech-digest-md5.c src/auth/mech-login.c src/auth/mech-ntlm.c src/auth/mech-plain.c src/auth/mech-rpa.c src/auth/mech.c src/auth/mech.h src/master/auth-process.c src/master/master-settings.c src/master/master-settings.h
diffstat 13 files changed, 33 insertions(+), 12 deletions(-) [+]
line wrap: on
line diff
--- a/dovecot-example.conf	Sat Aug 28 16:10:22 2004 +0300
+++ b/dovecot-example.conf	Sat Aug 28 16:25:42 2004 +0300
@@ -422,6 +422,11 @@
 # set this value to empty.
 #auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
 
+# Username character translations before it's looked up from databases. The
+# value contains series of from -> to characters. For example "#@/@" means
+# that '#' and '/' characters are translated to '@'.
+#auth_username_translation =
+
 # Username to use for users logging in with ANONYMOUS SASL mechanism
 #auth_anonymous_username = anonymous
 
--- a/src/auth/mech-apop.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/auth/mech-apop.c	Sat Aug 28 16:25:42 2004 +0300
@@ -115,7 +115,7 @@
 	tmp++;
 
 	auth_request->user = p_strdup(auth->pool, username);
-	if (!mech_is_valid_username(auth_request->user)) {
+	if (!mech_fix_username(auth_request->user)) {
 		if (verbose) {
 			i_info("apop(%s): invalid username",
 			       get_log_prefix(auth_request));
--- a/src/auth/mech-cram-md5.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/auth/mech-cram-md5.c	Sat Aug 28 16:25:42 2004 +0300
@@ -138,7 +138,7 @@
 		auth_request->user =
 			p_strdup(auth_request->pool, auth->username);
 
-		if (mech_is_valid_username(auth_request->user)) {
+		if (mech_fix_username(auth_request->user)) {
 			passdb->lookup_credentials(&auth->auth_request,
 						   PASSDB_CREDENTIALS_CRAM_MD5,
 						   credentials_callback);
--- a/src/auth/mech-digest-md5.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/auth/mech-digest-md5.c	Sat Aug 28 16:25:42 2004 +0300
@@ -559,7 +559,7 @@
 							 realm, NULL);
 		}
 
-		if (mech_is_valid_username(auth_request->user)) {
+		if (mech_fix_username(auth_request->user)) {
 			passdb->lookup_credentials(&auth->auth_request,
 						PASSDB_CREDENTIALS_DIGEST_MD5,
 						credentials_callback);
--- a/src/auth/mech-login.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/auth/mech-login.c	Sat Aug 28 16:25:42 2004 +0300
@@ -34,7 +34,7 @@
 		auth_request->user =
 			p_strndup(auth_request->pool, data, data_size);
 
-		if (!mech_is_valid_username(auth_request->user)) {
+		if (!mech_fix_username(auth_request->user)) {
 			if (verbose) {
 				i_info("login(%s): invalid username",
 				       get_log_prefix(auth_request));
--- a/src/auth/mech-ntlm.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/auth/mech-ntlm.c	Sat Aug 28 16:25:42 2004 +0300
@@ -175,7 +175,7 @@
 		username = p_strdup(auth_request->pool,
 				    ntlmssp_t_str(auth->response, user));
 
-		if (!mech_is_valid_username(username)) {
+		if (!mech_fix_username(username)) {
 			if (verbose) {
 				i_info("ntlm(%s): invalid username",
 				       get_log_prefix(auth_request));
--- a/src/auth/mech-plain.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/auth/mech-plain.c	Sat Aug 28 16:25:42 2004 +0300
@@ -60,7 +60,7 @@
 						      authenid);
 		}
 
-		if (!mech_is_valid_username(auth_request->user)) {
+		if (!mech_fix_username(auth_request->user)) {
 			/* invalid username */
 			if (verbose) {
 				i_info("plain(%s): invalid username",
--- a/src/auth/mech-rpa.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/auth/mech-rpa.c	Sat Aug 28 16:25:42 2004 +0300
@@ -483,7 +483,7 @@
 		return TRUE;
 	}
 
-	if (!mech_is_valid_username(auth_request->user)) {
+	if (!mech_fix_username(auth_request->user)) {
 		if (verbose) {
 			i_info("rpa(%s): invalid username",
 			       get_log_prefix(auth_request));
--- a/src/auth/mech.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/auth/mech.c	Sat Aug 28 16:25:42 2004 +0300
@@ -16,7 +16,7 @@
 const char *const *auth_realms;
 const char *default_realm;
 const char *anonymous_username;
-char username_chars[256];
+char username_chars[256], username_translation[256];
 
 static int set_use_cyrus_sasl;
 static int ssl_require_client_cert;
@@ -253,11 +253,13 @@
 	}
 }
 
-int mech_is_valid_username(const char *username)
+int mech_fix_username(char *username)
 {
-	const unsigned char *p;
+	unsigned char *p;
 
-	for (p = (const unsigned char *)username; *p != '\0'; p++) {
+	for (p = (unsigned char *)username; *p != '\0'; p++) {
+		if (username_translation[*p & 0xff] != 0)
+			*p = username_translation[*p & 0xff];
 		if (username_chars[*p & 0xff] == 0)
 			return FALSE;
 	}
@@ -470,6 +472,15 @@
 			username_chars[((unsigned char)*env) & 0xff] = 0xff;
 	}
 
+	env = getenv("USERNAME_TRANSLATION");
+	memset(username_translation, 0, sizeof(username_translation));
+	if (env != NULL) {
+		for (; *env != '\0' && env[1] != '\0'; env += 2) {
+			username_translation[((unsigned char)*env) & 0xff] =
+				env[1];
+		}
+	}
+
 	set_use_cyrus_sasl = getenv("USE_CYRUS_SASL") != NULL;
 #ifdef USE_CYRUS_SASL2
 	if (set_use_cyrus_sasl)
--- a/src/auth/mech.h	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/auth/mech.h	Sat Aug 28 16:25:42 2004 +0300
@@ -81,7 +81,7 @@
 void mech_auth_finish(struct auth_request *auth_request,
 		      const void *data, size_t data_size, int success);
 
-int mech_is_valid_username(const char *username);
+int mech_fix_username(char *username);
 
 void mech_cyrus_sasl_init_lib(void);
 struct auth_request *
--- a/src/master/auth-process.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/master/auth-process.c	Sat Aug 28 16:25:42 2004 +0300
@@ -382,6 +382,8 @@
 	env_put(t_strconcat("USERDB=", group->set->userdb, NULL));
 	env_put(t_strconcat("PASSDB=", group->set->passdb, NULL));
 	env_put(t_strconcat("USERNAME_CHARS=", group->set->username_chars, NULL));
+	env_put(t_strconcat("USERNAME_TRANSLATION=",
+			    group->set->username_translation, NULL));
 	env_put(t_strconcat("ANONYMOUS_USERNAME=",
 			    group->set->anonymous_username, NULL));
 
--- a/src/master/master-settings.c	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/master/master-settings.c	Sat Aug 28 16:25:42 2004 +0300
@@ -139,6 +139,7 @@
 	DEF(SET_STR, user),
 	DEF(SET_STR, chroot),
 	DEF(SET_STR, username_chars),
+	DEF(SET_STR, username_translation),
 	DEF(SET_STR, anonymous_username),
 
 	DEF(SET_BOOL, use_cyrus_sasl),
@@ -302,6 +303,7 @@
 	MEMBER(user) "root",
 	MEMBER(chroot) NULL,
 	MEMBER(username_chars) "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@",
+	MEMBER(username_translation) "",
 	MEMBER(anonymous_username) "anonymous",
 
 	MEMBER(use_cyrus_sasl) FALSE,
--- a/src/master/master-settings.h	Sat Aug 28 16:10:22 2004 +0300
+++ b/src/master/master-settings.h	Sat Aug 28 16:25:42 2004 +0300
@@ -129,6 +129,7 @@
 	const char *user;
 	const char *chroot;
 	const char *username_chars;
+	const char *username_translation;
 	const char *anonymous_username;
 
 	int use_cyrus_sasl, verbose, debug;