Timo Sirainen wrote:
On Wed, 2006-09-20 at 14:46 +1000, Simon L Jackson wrote:
  
I have recently written a (minimal) Tru64 Unix SIA password module for
Dovecot as part of testing a Dovecot installation.

Has anyone else written a Tru64 Unix SIA module?

Is anyone else interested in such a module?

If so, how might I/we go about getting this/such a module into the
main Dovecot source?
    

First show me the code, then I'll see how it looks like :) If it's small
you might as well post the patch here to the list, for larger either
mail me or give some URL.
  
I'll try just posting it.

There are some diffs and finally that new source.

---------------------------------------------------------------------------------
b02> diff /usr/src/dovecot-1.0.rc7/configure.in.orig /usr/src/dovecot-1.0.rc7/configure.in
101a102,110
> AC_ARG_WITH(sia,
> [  --with-sia              Build with SIA support (default)],
>       if test x$withval = xno; then
>               want_sia=no
>       else
>               want_sia=yes
>       fi,
>       want_sia=yes)
>
1352a1362,1372
>       ])
> fi
>
> if test $want_sia = yes; then
>       AC_CHECK_FUNC(sia_validate_user, [
>               AC_CHECK_HEADERS(sia.h siad.h sys/security.h)
>               need_crypt=yes
>               AC_DEFINE(PASSDB_SIA,, Build with SIA support)
>               passdb="$passdb sia"
>               AC_CHECK_LIB(security, sia_validate_user)
>               LIBS="$LIBS -depth_ring_search"
b02> diff /usr/src/dovecot-1.0.rc7/config.h.in.orig /usr/src/dovecot-1.0.rc7/config.h.in
407a408,410
> /* Build with sia support */
> #undef PASSDB_SIA
>
b02> diff /usr/src/dovecot-1.0.rc7/src/lib/mountpoint.c.orig /usr/src/dovecot-1.0.rc7/src/lib/mountpoint.c
53c53
<       point_r->type = p_strdup(pool, buf.f_fstypename);
---
>       point_r->type = p_strdup(pool, getvfsbynumber(buf.f_type));
b02> diff /usr/src/dovecot-1.0.rc7/src/auth/Makefile.in.orig /usr/src/dovecot-1.0.rc7/src/auth/Makefile.in
84,85c84,88
<       passdb-checkpassword.$(OBJEXT) passdb-shadow.$(OBJEXT) \
<       passdb-vpopmail.$(OBJEXT) passdb-sql.$(OBJEXT) \
---
>       passdb-checkpassword.$(OBJEXT) \
>       passdb-shadow.$(OBJEXT) \
>       passdb-sia.$(OBJEXT) \
>       passdb-vpopmail.$(OBJEXT) \
>       passdb-sql.$(OBJEXT) \
312a316
>       passdb-sia.c \
475a480
> @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/passdb-sia.Po@am__quote@
b02> diff /usr/src/dovecot-1.0.rc7/src/auth/passdb.c.orig /usr/src/dovecot-1.0.rc7/src/auth/passdb.c
13a14
> extern struct passdb_module_interface passdb_sia;
38a40,42
> #endif
> #ifdef PASSDB_SIA
>       &passdb_sia,
b02> cat /usr/src/dovecot-1.0.rc7/src/auth/passdb-sia.c
/* Copyright (C) 2006 Simon L Jackson */

#include "common.h"

#ifdef PASSDB_SIA

#include "safe-memset.h"
#include "passdb.h"
#include "mycrypt.h"

#include <pwd.h>
#include <sia.h>
#include <siad.h>
#include <sys/security.h>

/* #define SIA_CACHE_KEY "%u" */
#define SIA_PASS_SCHEME "CRYPT"

static int checkpw_collect (
  int timeout,
  int rendition,
  uchar_t *title,
  int nprompts,
  prompt_t *prompts )
{
  switch (rendition) {
    case SIAONELINER:
    case SIAINFO:
    case SIAWARNING:
      return SIACOLSUCCESS;
  }
  return SIACOLABORT;           /* another else is bogus */
}


static void
local_sia_verify_plain(struct auth_request *request, const char *password,
                    verify_plain_callback_t *callback)
{
        struct passwd *pw;
        bool result;

        pw = getpwnam(request->user);
        if (pw == NULL) {
                auth_request_log_info(request, "sia", "unknown user");
                callback(PASSDB_RESULT_USER_UNKNOWN, request);
                return;
        }

        /* check if the password is valid */
        if (password != NULL) {
                char *argutility = "dovecot";
                result = ( sia_validate_user (checkpw_collect,1,&argutility,NULL,
                        (char *) request->user,NULL,NULL,NULL,(char *) password) == SIASUCCESS );
        }

        if (!result) {
                auth_request_log_info(request, "sia", "password mismatch");
                callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);
                return;
        }

        /* make sure we're using the username exactly as it's in the database */
        auth_request_set_field(request, "user", pw->pw_name, NULL);

        callback(PASSDB_RESULT_OK, request);
}

static void local_sia_init(struct passdb_module *module,
                        const char *args __attr_unused__)
{
/*      module->cache_key = SIA_CACHE_KEY; */
        module->default_pass_scheme = SIA_PASS_SCHEME;
}

static void local_sia_deinit(struct passdb_module *module __attr_unused__)
{
}

struct passdb_module_interface passdb_sia = {
        "sia",

        NULL,
        local_sia_init,
        local_sia_deinit,

        local_sia_verify_plain,
        NULL
};

#endif

-----------------------------------------------------------------------------------------

Cheers

--
Simon L Jackson
Carringbush.Net

+-
Carringbush.Net
Hosting * Development * Advice

Web: www.carringbush.net
Email: simon.jackson@carringbush.net

Office: +61 3 9411 4400
Support: +61 3 9411 4444
Fax: +61 3 9411 4499

Level 1
15 Bedford Street
Collingwood VIC 3066
Australia

P.O. Box 1464
Collingwood VIC 3066
Australia
+-