[dovecot-cvs] dovecot/src/pop3-login client-authenticate.c, 1.20,
1.21 client-authenticate.h, 1.2, 1.3 client.c, 1.21,
1.22 client.h, 1.8, 1.9
cras at procontrol.fi
cras at procontrol.fi
Sat Jul 3 01:03:40 EEST 2004
- Previous message: [dovecot-cvs] dovecot/src/lib-auth auth-client.c, 1.4,
1.5 auth-client.h, 1.6, 1.7 auth-server-connection.c, 1.5,
1.6 auth-server-connection.h, 1.4, 1.5 auth-server-request.c,
1.11, 1.12
- Next message: [dovecot-cvs] dovecot/src/pop3-login client.c, 1.22, 1.23 client.h,
1.9, 1.10
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /home/cvs/dovecot/src/pop3-login
In directory talvi:/tmp/cvs-serv28586/src/pop3-login
Modified Files:
client-authenticate.c client-authenticate.h client.c client.h
Log Message:
Added APOP authentication for POP3. Patch by Andrey Panin.
This required some changes in auth APIs.
Index: client-authenticate.c
===================================================================
RCS file: /home/cvs/dovecot/src/pop3-login/client-authenticate.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -d -r1.20 -r1.21
--- client-authenticate.c 23 Jun 2004 18:05:14 -0000 1.20
+++ client-authenticate.c 2 Jul 2004 22:03:37 -0000 1.21
@@ -3,6 +3,7 @@
#include "common.h"
#include "base64.h"
#include "buffer.h"
+#include "hex-binary.h"
#include "ioloop.h"
#include "istream.h"
#include "ostream.h"
@@ -184,7 +185,7 @@
client_ref(client);
client->common.auth_request =
- auth_client_request_new(auth_client, &info,
+ auth_client_request_new(auth_client, NULL, &info,
login_callback, client, &error);
if (client->common.auth_request != NULL) {
@@ -322,7 +323,7 @@
client_ref(client);
client->common.auth_request =
- auth_client_request_new(auth_client, &info,
+ auth_client_request_new(auth_client, NULL, &info,
authenticate_callback, client, &error);
if (client->common.auth_request != NULL) {
/* following input data will go to authentication */
@@ -338,3 +339,69 @@
return TRUE;
}
+
+int cmd_apop(struct pop3_client *client, const char *args)
+{
+ struct auth_request_info info;
+ const char *error, *p;
+ buffer_t *apop_data;
+
+ if (client->apop_challenge == NULL) {
+ client_send_line(client, "-ERR APOP not enabled.");
+ return TRUE;
+ }
+
+ /* <username> <md5 sum in hex> */
+ p = strchr(args, ' ');
+ if (p == NULL || strlen(p+1) != 32) {
+ client_send_line(client, "-ERR Invalid parameters.");
+ return TRUE;
+ }
+
+ /* APOP challenge \0 username \0 APOP response */
+ apop_data = buffer_create_dynamic(pool_datastack_create(),
+ 128, (size_t)-1);
+ buffer_append(apop_data, client->apop_challenge,
+ strlen(client->apop_challenge)+1);
+ buffer_append(apop_data, args, (size_t)(p-args));
+ buffer_append_c(apop_data, '\0');
+
+ if (hex_to_binary(p+1, apop_data) <= 0) {
+ client_send_line(client,
+ "-ERR Invalid characters in MD5 response.");
+ return TRUE;
+ }
+
+ memset(&info, 0, sizeof(info));
+ info.mech = "APOP";
+ info.protocol = "POP3";
+ info.flags = client_get_auth_flags(client);
+ info.local_ip = client->common.local_ip;
+ info.remote_ip = client->common.ip;
+ info.initial_resp_data =
+ buffer_get_data(apop_data, &info.initial_resp_size);
+
+ client_ref(client);
+ client->common.auth_request =
+ auth_client_request_new(auth_client, &client->auth_id, &info,
+ login_callback, client, &error);
+
+ if (client->common.auth_request != NULL) {
+ /* don't read any input from client until login is finished */
+ if (client->common.io != NULL) {
+ io_remove(client->common.io);
+ client->common.io = NULL;
+ }
+ } else if (error == NULL) {
+ /* the auth connection was lost. we have no choice
+ but to fail the APOP logins completely since the
+ challenge is auth connection-specific. disconnect. */
+ client_destroy(client, "APOP auth connection lost");
+ client_unref(client);
+ } else {
+ client_send_line(client,
+ t_strconcat("-ERR Login failed: ", error, NULL));
+ client_unref(client);
+ }
+ return TRUE;
+}
Index: client-authenticate.h
===================================================================
RCS file: /home/cvs/dovecot/src/pop3-login/client-authenticate.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- client-authenticate.h 30 Jan 2003 19:52:39 -0000 1.2
+++ client-authenticate.h 2 Jul 2004 22:03:37 -0000 1.3
@@ -5,5 +5,6 @@
int cmd_user(struct pop3_client *client, const char *args);
int cmd_pass(struct pop3_client *client, const char *args);
int cmd_auth(struct pop3_client *client, const char *args);
+int cmd_apop(struct pop3_client *client, const char *args);
#endif
Index: client.c
===================================================================
RCS file: /home/cvs/dovecot/src/pop3-login/client.c,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -d -r1.21 -r1.22
--- client.c 31 May 2004 18:04:47 -0000 1.21
+++ client.c 2 Jul 2004 22:03:37 -0000 1.22
@@ -13,6 +13,8 @@
#include "client-authenticate.h"
#include "auth-client.h"
#include "ssl-proxy.h"
+#include "hostpid.h"
+#include "imem.h"
/* max. length of input command line (spec says 512) */
#define MAX_INBUF_SIZE 2048
@@ -122,6 +124,8 @@
return cmd_pass(client, args);
if (strcmp(cmd, "AUTH") == 0)
return cmd_auth(client, args);
+ if (strcmp(cmd, "APOP") == 0)
+ return cmd_apop(client, args);
if (strcmp(cmd, "STLS") == 0)
return cmd_stls(client);
if (strcmp(cmd, "QUIT") == 0)
@@ -228,6 +232,19 @@
}
}
+static char *get_apop_challenge(void)
+{
+ struct auth_connect_id id;
+
+ /* FIXME: breaks if we're not connected! */
+
+ if (!auth_client_reserve_connection(auth_client, "APOP", &id))
+ return NULL;
+
+ return i_strdup_printf("<%x.%x.%s@%s>", id.server_pid, id.connect_uid,
+ dec2str(ioloop_time), my_hostname);
+}
+
struct client *client_create(int fd, int ssl, const struct ip_addr *local_ip,
const struct ip_addr *ip)
{
@@ -265,7 +282,9 @@
main_ref();
- client_send_line(client, "+OK " PACKAGE " ready.");
+ client->apop_challenge = get_apop_challenge();
+ client_send_line(client, t_strconcat("+OK " PACKAGE " ready.",
+ client->apop_challenge, NULL));
client_set_title(client);
return &client->common;
}
@@ -318,6 +337,7 @@
i_stream_unref(client->input);
o_stream_unref(client->output);
+ i_free(client->apop_challenge);
i_free(client->common.virtual_user);
i_free(client);
Index: client.h
===================================================================
RCS file: /home/cvs/dovecot/src/pop3-login/client.h,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- client.h 31 May 2004 18:04:47 -0000 1.8
+++ client.h 2 Jul 2004 22:03:37 -0000 1.9
@@ -4,6 +4,7 @@
#include "network.h"
#include "master.h"
#include "client-common.h"
+#include "auth-client.h"
struct pop3_client {
struct client common;
@@ -19,6 +20,9 @@
char *last_user;
+ char *apop_challenge;
+ struct auth_connect_id auth_id;
+
unsigned int tls:1;
unsigned int secured:1;
unsigned int input_blocked:1;
- Previous message: [dovecot-cvs] dovecot/src/lib-auth auth-client.c, 1.4,
1.5 auth-client.h, 1.6, 1.7 auth-server-connection.c, 1.5,
1.6 auth-server-connection.h, 1.4, 1.5 auth-server-request.c,
1.11, 1.12
- Next message: [dovecot-cvs] dovecot/src/pop3-login client.c, 1.22, 1.23 client.h,
1.9, 1.10
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list