src/auth/mech-plain.c

	mech-plain.c revision 89a126810703c666309310d0f3189e9834d70b5b
bcb4e51a409d94ae670de96afb8483a4f7855294Stephan Bosch/* Copyright (c) 2002-2007 Dovecot authors, see the included COPYING file */
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen#include "common.h"
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen#include "safe-memset.h"
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen#include "mech.h"
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen#include "passdb.h"
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen#include "plain-common.h"
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainenstatic void
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainenmech_plain_auth_continue(struct auth_request *request,
12f0c4396d2d9c02b7d5e070aaf64fed5853e9bfAki Tuomi             const unsigned char *data, size_t data_size)
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen{
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    const char *authid, *authenid, *error;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    char *pass;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    size_t i, len;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    int count;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    /* authorization ID \0 authentication ID \0 pass.
efe78d3ba24fc866af1c79b9223dc0809ba26cadStephan Bosch       we'll ignore authorization ID for now. */
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    authid = (const char *) data;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    authenid = NULL; pass = NULL;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    count = 0;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    for (i = 0; i < data_size; i++) {
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        if (data[i] == '\0') {
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen            if (++count == 1)
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                authenid = (const char *) data + i+1;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen            else {
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                i++;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                len = data_size - i;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                pass = p_strndup(unsafe_data_stack_pool,
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                         data+i, len);
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                break;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen            }
45b0d8d0b97be14d10e3a3c12c169e4b352b2aacTimo Sirainen        }
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    }
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    if (authenid != NULL && strcmp(authid, authenid) == 0) {
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        /* the login username isn't different */
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        authid = "";
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    }
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    if (count != 2) {
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        /* invalid input */
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        auth_request_log_info(request, "plain", "invalid input");
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        auth_request_fail(request);
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    } else if (!auth_request_set_username(request, authenid, &error)) {
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                /* invalid username */
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                auth_request_log_info(request, "plain", "%s", error);
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                auth_request_fail(request);
12f0c4396d2d9c02b7d5e070aaf64fed5853e9bfAki Tuomi        } else if (*authid != '\0' &&
12f0c4396d2d9c02b7d5e070aaf64fed5853e9bfAki Tuomi                   !auth_request_set_login_username(request, authid, &error)) {
12f0c4396d2d9c02b7d5e070aaf64fed5853e9bfAki Tuomi                /* invalid login username */
12f0c4396d2d9c02b7d5e070aaf64fed5853e9bfAki Tuomi                auth_request_log_info(request, "plain",
12f0c4396d2d9c02b7d5e070aaf64fed5853e9bfAki Tuomi                                      "login user: %s", error);
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                auth_request_fail(request);
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        } else {
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                auth_request_verify_plain(request, pass,
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen                                          plain_verify_callback);
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    }
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        /* make sure it's cleared */
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    if (pass != NULL)
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        safe_memset(pass, 0, strlen(pass));
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen}
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainenstatic struct auth_request *mech_plain_auth_new(void)
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen{
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen        struct auth_request *request;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    pool_t pool;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    pool = pool_alloconly_create("plain_auth_request", 1024);
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    request = p_new(pool, struct auth_request, 1);
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    request->pool = pool;
45b0d8d0b97be14d10e3a3c12c169e4b352b2aacTimo Sirainen    return request;
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen}
45b0d8d0b97be14d10e3a3c12c169e4b352b2aacTimo Sirainen
45b0d8d0b97be14d10e3a3c12c169e4b352b2aacTimo Sirainenconst struct mech_module mech_plain = {
9644b7914445f0fb1098038218bfcb7d135a8698Timo Sirainen    "PLAIN",
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    MEMBER(flags) MECH_SEC_PLAINTEXT,
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    MEMBER(passdb_need_plain) TRUE,
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    MEMBER(passdb_need_credentials) FALSE,
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    MEMBER(passdb_need_set_credentials) FALSE,
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    mech_plain_auth_new,
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    mech_generic_auth_initial,
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    mech_plain_auth_continue,
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen    mech_generic_auth_free
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen};
7a896d960824c93e2f04ac21e8eae0f892bf8d20Timo Sirainen