[dovecot-cvs] dovecot/src/auth mech-apop.c,NONE,1.1
cras at procontrol.fi
cras at procontrol.fi
Sat Jul 3 13:43:14 EEST 2004
- Previous message: [dovecot-cvs] dovecot/src/lib-storage/index/mbox mbox-storage.h,
1.22, 1.23
- Next message: [dovecot-cvs] dovecot/src/lib-index
mail-index-transaction-private.h, 1.7,
1.8 mail-index-transaction-view.c, 1.2,
1.3 mail-index-transaction.c, 1.15, 1.16 mail-index.h, 1.121, 1.122
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /home/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv20459
Added Files:
mech-apop.c
Log Message:
was missing from last commit
--- NEW FILE: mech-apop.c ---
/*
* APOP (RFC-1460) authentication mechanism.
*
* Copyright (c) 2004 Andrey Panin <pazke at donpac.ru>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published
* by the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*/
#include "common.h"
#include "safe-memset.h"
#include "mech.h"
#include "passdb.h"
#include "md5.h"
#include "buffer.h"
#include "auth-client-connection.h"
#include "auth-master-connection.h"
#include <ctype.h>
struct apop_auth_request {
struct auth_request auth_request;
pool_t pool;
/* requested: */
char *challenge;
/* received: */
unsigned char digest[16];
};
static void
apop_credentials_callback(const char *credentials,
struct auth_request *auth_request)
{
struct apop_auth_request *auth =
(struct apop_auth_request *)auth_request;
unsigned char digest[16];
struct md5_context ctx;
md5_init(&ctx);
md5_update(&ctx, auth->challenge, strlen(auth->challenge));
md5_update(&ctx, credentials, strlen(credentials));
md5_final(&ctx, digest);
mech_auth_finish(auth_request, NULL, 0,
memcmp(digest, auth->digest, 16) == 0);
}
static int
mech_apop_auth_initial(struct auth_request *auth_request,
struct auth_client_request_new *request,
const unsigned char *data,
mech_callback_t *callback)
{
struct apop_auth_request *auth =
(struct apop_auth_request *)auth_request;
const unsigned char *tmp, *end, *username = NULL;
const char *str;
auth_request->callback = callback;
if (!AUTH_CLIENT_REQUEST_HAVE_INITIAL_RESPONSE(request)) {
/* Should never happen */
if (verbose) {
i_info("apop(%s): no initial respone",
get_log_prefix(auth_request));
}
mech_auth_finish(auth_request, NULL, 0, FALSE);
return TRUE;
}
tmp = data = data + request->initial_resp_idx;
end = data + request->data_size - request->initial_resp_idx;
while (tmp != end && *tmp != '\0')
tmp++;
/* the challenge must begin with trusted unique ID. we trust only
ourself, so make sure it matches our connection specific UID
which we told to client in handshake. */
str = t_strdup_printf("<%x.%x.", auth_request->conn->master->pid,
auth_request->conn->connect_uid);
if (memcmp(data, str, strlen(str)) != 0) {
if (verbose) {
i_info("apop(%s): invalid challenge",
get_log_prefix(auth_request));
}
mech_auth_finish(auth_request, NULL, 0, FALSE);
return TRUE;
}
auth->challenge = p_strdup(auth->pool, data);
if (tmp != end) {
username = ++tmp;
while (tmp != end && *tmp != '\0')
tmp++;
}
if (tmp + 1 + 16 != end) {
/* Should never happen */
if (verbose) {
i_info("apop(%s): malformed data",
get_log_prefix(auth_request));
}
mech_auth_finish(auth_request, NULL, 0, FALSE);
return TRUE;
}
tmp++;
auth_request->user = p_strdup(auth->pool, username);
if (!mech_is_valid_username(auth_request->user)) {
if (verbose) {
i_info("apop(%s): invalid username",
get_log_prefix(auth_request));
}
mech_auth_finish(auth_request, NULL, 0, FALSE);
return TRUE;
}
memcpy(auth->digest, tmp, sizeof(auth->digest));
passdb->lookup_credentials(auth_request, PASSDB_CREDENTIALS_PLAINTEXT,
apop_credentials_callback);
return TRUE;
}
static void mech_apop_auth_free(struct auth_request *auth_request)
{
pool_unref(auth_request->pool);
}
static struct auth_request *mech_apop_auth_new(void)
{
struct apop_auth_request *auth;
pool_t pool;
pool = pool_alloconly_create("apop_auth_request", 256);
auth = p_new(pool, struct apop_auth_request, 1);
auth->pool = pool;
auth->auth_request.refcount = 1;
auth->auth_request.pool = pool;
auth->auth_request.auth_initial = mech_apop_auth_initial;
auth->auth_request.auth_continue = NULL;
auth->auth_request.auth_free = mech_apop_auth_free;
return &auth->auth_request;
}
const struct mech_module mech_apop = {
"APOP",
MEMBER(plaintext) FALSE,
MEMBER(advertise) FALSE,
MEMBER(passdb_need_plain) FALSE,
MEMBER(passdb_need_credentials) TRUE,
mech_apop_auth_new,
};
- Previous message: [dovecot-cvs] dovecot/src/lib-storage/index/mbox mbox-storage.h,
1.22, 1.23
- Next message: [dovecot-cvs] dovecot/src/lib-index
mail-index-transaction-private.h, 1.7,
1.8 mail-index-transaction-view.c, 1.2,
1.3 mail-index-transaction.c, 1.15, 1.16 mail-index.h, 1.121, 1.122
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list