src/auth/mech-external.c

bcb4e51a409d94ae670de96afb8483a4f7855294Stephan Bosch/* Copyright (c) 2009-2018 Dovecot authors, see the included COPYING file */
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen#include "auth-common.h"
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen#include "passdb.h"
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen#include "mech.h"
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen#include "mech-plain-common.h"
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainenstatic void
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainenmech_external_auth_continue(struct auth_request *request,
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen                const unsigned char *data, size_t data_size)
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen{
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    const char *authzid, *error;
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    authzid = t_strndup(data, data_size);
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    if (request->user == NULL) {
6135260095e1704ed6edff9d00bdfc043c11429cTimo Sirainen        auth_request_log_info(request, AUTH_SUBSYS_MECH,
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen                      "username not known");
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen        auth_request_fail(request);
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen        return;
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen    }
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen    /* this call is done simply to put the username through translation
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen       settings */
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen    if (!auth_request_set_username(request, "", &error)) {
6135260095e1704ed6edff9d00bdfc043c11429cTimo Sirainen        auth_request_log_info(request, AUTH_SUBSYS_MECH,
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen                      "Invalid username");
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen        auth_request_fail(request);
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen        return;
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen    }
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen    if (*authzid != '\0' &&
35856ec46695df8f741f2df4105d407d4c0ceab4Timo Sirainen        !auth_request_set_login_username(request, authzid, &error)) {
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen        /* invalid login username */
6135260095e1704ed6edff9d00bdfc043c11429cTimo Sirainen        auth_request_log_info(request, AUTH_SUBSYS_MECH,
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen                      "login user: %s", error);
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen        auth_request_fail(request);
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    } else {
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen                auth_request_verify_plain(request, "",
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen                                          plain_verify_callback);
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    }
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen}
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainenstatic struct auth_request *mech_external_auth_new(void)
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen{
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen        struct auth_request *request;
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    pool_t pool;
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen
1b81b28b2e7856748cffd7d01052a944b6c80b23Timo Sirainen    pool = pool_alloconly_create(MEMPOOL_GROWING"external_auth_request", 2048);
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    request = p_new(pool, struct auth_request, 1);
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    request->pool = pool;
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    return request;
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen}
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainenconst struct mech_module mech_external = {
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    "EXTERNAL",
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen
7bafda1813454621e03615e83d55bccfa7cc56bdTimo Sirainen    .flags = 0,
7bafda1813454621e03615e83d55bccfa7cc56bdTimo Sirainen    .passdb_need = MECH_PASSDB_NEED_VERIFY_PLAIN,
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    mech_external_auth_new,
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    mech_generic_auth_initial,
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    mech_external_auth_continue,
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen    mech_generic_auth_free
7dae0cd6779c407c2d5548f7ac286c0a07465282Timo Sirainen};