[dovecot-cvs] dovecot/src/auth passdb-vpopmail.c,1.24,1.25
tss at dovecot.org
tss at dovecot.org
Sun Oct 15 21:30:08 UTC 2006
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv29132
Modified Files:
passdb-vpopmail.c
Log Message:
Added support for non-plaintext authentication for vpopmail if it returns
plaintext passwords. Based on patch by Remi Gacogne (rgacogne aquaray com).
Index: passdb-vpopmail.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/passdb-vpopmail.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -d -r1.24 -r1.25
--- passdb-vpopmail.c 22 Jan 2006 11:33:27 -0000 1.24
+++ passdb-vpopmail.c 15 Oct 2006 20:30:06 -0000 1.25
@@ -16,48 +16,87 @@
#define VPOPMAIL_DEFAULT_PASS_SCHEME "CRYPT"
-static void
-vpopmail_verify_plain(struct auth_request *request, const char *password,
- verify_plain_callback_t *callback)
+static char *
+vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext,
+ enum passdb_result *result_r)
{
char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT];
struct vqpasswd *vpw;
- const char *crypted_pass;
- const char *scheme;
- int ret;
+ char *password;
- vpw = vpopmail_lookup_vqp(request, vpop_user, vpop_domain);
+ vpw = vpopmail_lookup_vqp(auth_request, vpop_user, vpop_domain);
if (vpw == NULL) {
- callback(PASSDB_RESULT_USER_UNKNOWN, request);
- return;
+ *result_r = PASSDB_RESULT_USER_UNKNOWN;
+ return NULL;
}
if (((vpw->pw_gid & NO_IMAP) != 0 &&
- strcmp(request->service, "IMAP") == 0) ||
+ strcmp(auth_request->service, "IMAP") == 0) ||
((vpw->pw_gid & NO_POP) != 0 &&
- strcmp(request->service, "POP3") == 0)) {
- auth_request_log_info(request, "vpopmail",
- "%s disabled", request->service);
- callback(PASSDB_RESULT_USER_DISABLED, request);
+ strcmp(auth_request->service, "POP3") == 0)) {
+ auth_request_log_info(auth_request, "vpopmail",
+ "%s disabled", auth_request->service);
+ password = NULL;
+ *result_r = PASSDB_RESULT_USER_DISABLED;
+ } else {
+ password = t_strdup_noconst(cleartext ? vpw->pw_clear_passwd :
+ vpw->pw_passwd);
+ *result_r = password != NULL ? PASSDB_RESULT_OK :
+ PASSDB_RESULT_SCHEME_NOT_AVAILABLE;
+ }
+
+ safe_memset(vpw->pw_passwd, 0, strlen(vpw->pw_passwd));
+ if (vpw->pw_clear_passwd != NULL) {
+ safe_memset(vpw->pw_clear_passwd, 0,
+ strlen(vpw->pw_clear_passwd));
+ }
+
+ return password;
+}
+
+static void vpopmail_lookup_credentials(struct auth_request *request,
+ lookup_credentials_callback_t *callback)
+{
+ enum passdb_result result;
+ char *password;
+
+ password = vpopmail_password_lookup(request, TRUE, &result);
+ if (password == NULL) {
+ callback(result, "", request);
+ return;
+ }
+
+ passdb_handle_credentials(PASSDB_RESULT_OK, password, "CLEARTEXT",
+ callback, request);
+ safe_memset(password, 0, strlen(password));
+}
+
+static void
+vpopmail_verify_plain(struct auth_request *request, const char *password,
+ verify_plain_callback_t *callback)
+{
+ enum passdb_result result;
+ const char *scheme, *tmp_pass;
+ char *crypted_pass;
+ int ret;
+
+ crypted_pass = vpopmail_password_lookup(request, FALSE, &result);
+ if (crypted_pass == NULL) {
+ callback(result, request);
return;
}
auth_request_log_debug(request, "vpopmail",
- "crypted password=%s", vpw->pw_passwd);
+ "crypted password=%s", password);
- crypted_pass = vpw->pw_passwd;
- scheme = password_get_scheme(&crypted_pass);
+ tmp_pass = crypted_pass;
+ scheme = password_get_scheme(&tmp_pass);
if (scheme == NULL)
scheme = request->passdb->passdb->default_pass_scheme;
- ret = auth_request_password_verify(request, password, crypted_pass,
- scheme, "vpopmail");
-
- safe_memset(vpw->pw_passwd, 0, strlen(vpw->pw_passwd));
- if (vpw->pw_clear_passwd != NULL) {
- safe_memset(vpw->pw_clear_passwd, 0,
- strlen(vpw->pw_clear_passwd));
- }
+ ret = auth_request_password_verify(request, password,
+ tmp_pass, scheme, "vpopmail");
+ safe_memset(crypted_pass, 0, strlen(crypted_pass));
if (ret <= 0) {
callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);
@@ -114,7 +153,7 @@
vpopmail_deinit,
vpopmail_verify_plain,
- NULL
+ vpopmail_lookup_credentials
};
#endif
More information about the dovecot-cvs
mailing list