[dovecot-cvs] dovecot/src/imap-login client-authenticate.c, 1.30,
1.31
cras at dovecot.org
cras at dovecot.org
Wed Oct 13 19:38:36 EEST 2004
- Previous message: [dovecot-cvs] dovecot/src/auth Makefile.am, 1.34,
1.35 auth-client-connection.c, 1.12,
1.13 auth-client-connection.h, 1.2,
1.3 auth-client-interface.h, 1.8, 1.9 auth-master-connection.c,
1.11, 1.12 auth-master-connection.h, 1.4,
1.5 auth-master-interface.h, 1.5, NONE mech-anonymous.c, 1.5,
1.6 mech-apop.c, 1.5, 1.6 mech-cram-md5.c, 1.12,
1.13 mech-digest-md5.c, 1.25, 1.26 mech-login.c, 1.3,
1.4 mech-ntlm.c, 1.6, 1.7 mech-plain.c, 1.21, 1.22 mech-rpa.c,
1.5, 1.6 mech.c, 1.41, 1.42 mech.h, 1.22, 1.23 userdb.h, 1.10, 1.11
- Next message: [dovecot-cvs] dovecot/src/lib-auth auth-client.h, 1.7,
1.8 auth-server-connection.c, 1.8,
1.9 auth-server-connection.h, 1.5, 1.6 auth-server-request.c,
1.14, 1.15 auth-server-request.h, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /var/lib/cvs/dovecot/src/imap-login
In directory talvi:/tmp/cvs-serv8894/imap-login
Modified Files:
client-authenticate.c
Log Message:
Changed dovecot-auth protocol to ASCII based. Should be easier now to write
replacement server if needed by someone. Also cleaned up/made more
consistent auth code. The new code could still use some cleaning though..
Index: client-authenticate.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/imap-login/client-authenticate.c,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -d -r1.30 -r1.31
--- client-authenticate.c 11 Oct 2004 18:27:42 -0000 1.30
+++ client-authenticate.c 13 Oct 2004 16:38:34 -0000 1.31
@@ -26,10 +26,10 @@
/* a) transport is secured
b) auth mechanism isn't plaintext
c) we allow insecure authentication
- - but don't advertise AUTH=PLAIN, as RFC 2595 requires
*/
- if (mech[i].advertise &&
- (secured || !mech[i].plaintext)) {
+ if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 &&
+ (secured || !disable_plaintext_auth ||
+ (mech[i].flags & MECH_SEC_PLAINTEXT) == 0)) {
str_append_c(str, ' ');
str_append(str, "AUTH=");
str_append(str, mech[i].name);
@@ -42,9 +42,7 @@
static void client_auth_input(void *context)
{
struct imap_client *client = context;
- buffer_t *buf;
char *line;
- size_t linelen, bufsize;
if (!client_read(client))
return;
@@ -67,25 +65,15 @@
return;
}
- linelen = strlen(line);
- buf = buffer_create_static_hard(pool_datastack_create(), linelen);
-
- if (base64_decode(line, linelen, NULL, buf) < 0) {
- /* failed */
- sasl_server_auth_cancel(&client->common, "Invalid base64 data");
- } else if (client->common.auth_request == NULL) {
+ if (client->common.auth_request == NULL) {
sasl_server_auth_cancel(&client->common,
"Don't send unrequested data");
} else {
- auth_client_request_continue(client->common.auth_request,
- buf->data, buf->used);
+ auth_client_request_continue(client->common.auth_request, line);
}
/* clear sensitive data */
- safe_memset(line, 0, linelen);
-
- bufsize = buffer_get_used_size(buf);
- safe_memset(buffer_free_without_data(buf), 0, bufsize);
+ safe_memset(line, 0, strlen(line));
}
static void sasl_callback(struct client *_client, enum sasl_server_reply reply,
@@ -162,7 +150,7 @@
return FALSE;
client_ref(client);
- sasl_server_auth_begin(&client->common, "IMAP", mech_name, NULL, 0,
+ sasl_server_auth_begin(&client->common, "IMAP", mech_name, NULL,
sasl_callback);
if (!client->common.authenticating)
return 1;
@@ -178,7 +166,7 @@
int cmd_login(struct imap_client *client, struct imap_arg *args)
{
const char *user, *pass;
- string_t *plain_login;
+ string_t *plain_login, *base64;
/* two arguments: username and password */
if (args[0].type != IMAP_ARG_ATOM && args[0].type != IMAP_ARG_STRING)
@@ -212,10 +200,13 @@
buffer_append_c(plain_login, '\0');
buffer_append(plain_login, pass, strlen(pass));
+ base64 = buffer_create_dynamic(pool_datastack_create(),
+ MAX_BASE64_ENCODED_SIZE(plain_login->used));
+ base64_encode(plain_login->data, plain_login->used, base64);
+
client_ref(client);
sasl_server_auth_begin(&client->common, "IMAP", "PLAIN",
- plain_login->data, plain_login->used,
- sasl_callback);
+ str_c(base64), sasl_callback);
if (!client->common.authenticating)
return 1;
- Previous message: [dovecot-cvs] dovecot/src/auth Makefile.am, 1.34,
1.35 auth-client-connection.c, 1.12,
1.13 auth-client-connection.h, 1.2,
1.3 auth-client-interface.h, 1.8, 1.9 auth-master-connection.c,
1.11, 1.12 auth-master-connection.h, 1.4,
1.5 auth-master-interface.h, 1.5, NONE mech-anonymous.c, 1.5,
1.6 mech-apop.c, 1.5, 1.6 mech-cram-md5.c, 1.12,
1.13 mech-digest-md5.c, 1.25, 1.26 mech-login.c, 1.3,
1.4 mech-ntlm.c, 1.6, 1.7 mech-plain.c, 1.21, 1.22 mech-rpa.c,
1.5, 1.6 mech.c, 1.41, 1.42 mech.h, 1.22, 1.23 userdb.h, 1.10, 1.11
- Next message: [dovecot-cvs] dovecot/src/lib-auth auth-client.h, 1.7,
1.8 auth-server-connection.c, 1.8,
1.9 auth-server-connection.h, 1.5, 1.6 auth-server-request.c,
1.14, 1.15 auth-server-request.h, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list