imap-urlauth-login.c revision edfdc577ffe7408fd6463eb9dba11260d380ab53
2454dfa32c93c20a8522c6ed42fe057baaac9f9aStephan Bosch/* Copyright (c) 2013-2017 Dovecot authors, see the included COPYING file */
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch const struct imap_urlauth_login_settings *set;
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Boschimap_urlauth_client_auth_result(struct client *client,
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch const struct client_auth_reply *reply ATTR_UNUSED,
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch /* failed or otherwise invalid status */
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch client_destroy(client, "Disconnected: Authentication failed");
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch /* authentication succeeded */
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Boschstatic void imap_urlauth_client_handle_input(struct client *client)
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch const char *const *args;
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch if ((line = i_stream_next_line(client->input)) == NULL)
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch if (!version_string_verify(line, "imap-urlauth",
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch i_error("IMAP URLAUTH client not compatible with this server "
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch client_destroy(client, "Disconnected: Version mismatch");
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch if ((line = i_stream_next_line(client->input)) == NULL)
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch /* read authentication info from input;
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch "AUTH"\t<session-pid>\t<auth-username>\t<session_id>\t<token> */
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch if (str_array_length(args) < AUTH_ARG_COUNT ||
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch strcmp(args[0], "AUTH") != 0 || str_to_pid(args[1], &pid) < 0) {
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch i_error("IMAP URLAUTH client sent unexpected AUTH input: %s", line);
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch client_destroy(client, "Disconnected: Unexpected input");
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch /* verify session pid if possible */
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch if (net_getunixcred(client->fd, &cred) == 0 &&
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch i_error("IMAP URLAUTH client sent invalid session pid %ld in AUTH request: "
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch "it did not match peer credentials (pid=%ld, uid=%ld)",
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch client_destroy(client, "Disconnected: Invalid AUTH request");
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch unsigned int i;
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch (void)client_auth_begin(client, "DOVECOT-TOKEN",
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Boschstatic void imap_urlauth_client_input(struct client *client)
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch /* we're not currently connected to auth process -
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch don't allow any commands */
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Boschstatic struct client *imap_urlauth_client_alloc(pool_t pool)
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch uauth_client = p_new(pool, struct imap_urlauth_client, 1);
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch client->io = io_add(client->fd, IO_READ, client_input, client);
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch login_set_roots = imap_urlauth_login_setting_roots;
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Boschstatic struct client_vfuncs imap_urlauth_vfuncs = {
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Boschstatic const struct login_binary imap_urlauth_login_binary = {
f9511e684858bf5f6ac77ab12254b85b737beae8Stephan Bosch .default_login_socket = LOGIN_TOKEN_DEFAULT_SOCKET,