src/auth/mech-external.c

	mech-external.c revision 1b81b28b2e7856748cffd7d01052a944b6c80b23
76b43e4417bab52e913da39b5f5bc2a130d3f149Timo Sirainen/* Copyright (c) 2009-2014 Dovecot authors, see the included COPYING file */
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen#include "auth-common.h"
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen#include "passdb.h"
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen#include "mech.h"
3343a61404603b21c246783a7963b77833095f31Timo Sirainen#include "mech-plain-common.h"
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainenstatic void
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainenmech_external_auth_continue(struct auth_request *request,
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen                const unsigned char *data, size_t data_size)
0a601ada15c7fe82f0db895fc2068b71b3a5243cTimo Sirainen{
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    const char *authzid, *error;
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    authzid = t_strndup(data, data_size);
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    if (request->user == NULL) {
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen        auth_request_log_info(request, AUTH_SUBSYS_MECH,
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen                      "username not known");
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen        auth_request_fail(request);
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen        return;
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen    }
04ab375449dd97eed50ada88dd0df2abab01cfeeTimo Sirainen
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen    /* this call is done simply to put the username through translation
04ab375449dd97eed50ada88dd0df2abab01cfeeTimo Sirainen       settings */
04ab375449dd97eed50ada88dd0df2abab01cfeeTimo Sirainen    if (!auth_request_set_username(request, "", &error)) {
04ab375449dd97eed50ada88dd0df2abab01cfeeTimo Sirainen        auth_request_log_info(request, AUTH_SUBSYS_MECH,
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen                      "Invalid username");
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen        auth_request_fail(request);
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen        return;
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen    }
3f190f4cbb9233a3a6830956cb5c7ae56a577b79Timo Sirainen
3f190f4cbb9233a3a6830956cb5c7ae56a577b79Timo Sirainen    if (*authzid != '\0' &&
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen        !auth_request_set_login_username(request, authzid, &error)) {
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen        /* invalid login username */
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen        auth_request_log_info(request, AUTH_SUBSYS_MECH,
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen                      "login user: %s", error);
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen        auth_request_fail(request);
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    } else {
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen                auth_request_verify_plain(request, "",
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen                                          plain_verify_callback);
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    }
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen}
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainenstatic struct auth_request *mech_external_auth_new(void)
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen{
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen        struct auth_request *request;
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen    pool_t pool;
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    pool = pool_alloconly_create(MEMPOOL_GROWING"external_auth_request", 2048);
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    request = p_new(pool, struct auth_request, 1);
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen    request->pool = pool;
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    return request;
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen}
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainenconst struct mech_module mech_external = {
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen    "EXTERNAL",
0d16525a729011f4fced989a3da74d755ea49e6dTimo Sirainen
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen    .flags = 0,
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    .passdb_need = MECH_PASSDB_NEED_VERIFY_PLAIN,
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    mech_external_auth_new,
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen    mech_generic_auth_initial,
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen    mech_external_auth_continue,
b5e6f6f27c1461f0f9f202615eeb738a645188c3Timo Sirainen    mech_generic_auth_free
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen};
8fcff4c5b52f24d9c681805fdf06b486f1d0fcbeTimo Sirainen