src/lib-imap-urlauth/imap-urlauth-backend.c

	imap-urlauth-backend.c revision 7b9197b917d6f546bfea70ba8a443e61de90242a
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen/* Copyright (c) 2013 Dovecot authors, see the included COPYING file */
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen#include "lib.h"
767431e5084a037c4dbefdf30ebfa03c84b1f449Timo Sirainen#include "buffer.h"
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen#include "hex-binary.h"
1c633f71ec2060e5bfa500a97f34cd881a958ecdTimo Sirainen#include "randgen.h"
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen#include "mail-user.h"
a8fe899601735459641edae975c0fa08be8482e2Timo Sirainen#include "mail-storage.h"
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen#include "mailbox-list-iter.h"
5fb3f13537dffd15a31e997da133a721c0728af8Timo Sirainen#include "imap-urlauth-private.h"
97437f768d1a3e6134fed1971202803fd250eef2Timo Sirainen#include "imap-urlauth-backend.h"
bb25bed75eefd011138ebf1b8e033fc8ef55ca74Timo Sirainen
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen#define IMAP_URLAUTH_KEY MAILBOX_ATTRIBUTE_PREFIX_DOVECOT"imap-urlauth"
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen
cf63dc8723b971cc80638fccbf494d961cbafc7fTimo Sirainenint imap_urlauth_backend_get_mailbox_key(struct mailbox *box, bool create,
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen                     unsigned char mailbox_key_r[IMAP_URLAUTH_KEY_LEN],
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen                     const char **error_r,
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen                     enum mail_error *error_code_r)
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen{
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen    struct mail_user *user = mail_storage_get_user(mailbox_get_storage(box));
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen    struct mail_attribute_value urlauth_key;
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen    const char *mailbox_key_hex = NULL;
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen    buffer_t key_buf;
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen    int ret;
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen    *error_r = "Internal server error";
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen    *error_code_r = MAIL_ERROR_TEMP;
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen    ret = mailbox_attribute_get(box, MAIL_ATTRIBUTE_TYPE_PRIVATE,
23878bd03d1de531e3261a25598beec621351910Timo Sirainen                    IMAP_URLAUTH_KEY, &urlauth_key);
23878bd03d1de531e3261a25598beec621351910Timo Sirainen    if (ret < 0)
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen        return -1;
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen    if (user->mail_debug) {
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen        i_debug("imap-urlauth: %skey found for mailbox %s",
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen            (ret > 0 ? "" : "no "), mailbox_get_vname(box));
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen    }
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen    if (ret == 0) {
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen        if (!create)
62d0db14d2c5008758983c28d242ec158baabf9eTimo Sirainen            return 0;
62d0db14d2c5008758983c28d242ec158baabf9eTimo Sirainen
62d0db14d2c5008758983c28d242ec158baabf9eTimo Sirainen        /* create new key */
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen        random_fill(mailbox_key_r, IMAP_URLAUTH_KEY_LEN);
42681892b206d13cb87a5f526d2bf4ff3f2f4af7Timo Sirainen        mailbox_key_hex = binary_to_hex(mailbox_key_r,
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen                        IMAP_URLAUTH_KEY_LEN);
5fbccc935e3f7b916aa7c6e302a212821072e83aTimo Sirainen        ret = mailbox_attribute_set(box, MAIL_ATTRIBUTE_TYPE_PRIVATE,
98e8f95ffee4eacca72b1bcf082f2c735592301bTimo Sirainen                        IMAP_URLAUTH_KEY, mailbox_key_hex);
98e8f95ffee4eacca72b1bcf082f2c735592301bTimo Sirainen        if (ret < 0)
cf63dc8723b971cc80638fccbf494d961cbafc7fTimo Sirainen            return -1;
cf63dc8723b971cc80638fccbf494d961cbafc7fTimo Sirainen        if (user->mail_debug) {
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen            i_debug("imap-urlauth: created key for mailbox %s",
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen                mailbox_get_vname(box));
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen        }
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen    } else {
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen        /* read existing key */
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen        buffer_create_from_data(&key_buf, mailbox_key_r,
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen                    IMAP_URLAUTH_KEY_LEN);
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen        mailbox_key_hex = urlauth_key.value;
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen        if (strlen(mailbox_key_hex) != 2*IMAP_URLAUTH_KEY_LEN ||
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen            hex_to_binary(mailbox_key_hex, &key_buf) < 0 ||
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen            key_buf.used != IMAP_URLAUTH_KEY_LEN) {
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen            i_error("imap-urlauth: key found for mailbox %s is invalid",
71df09024cea5f2faa93da3bb9513ee96ba6bf22Timo Sirainen                mailbox_get_vname(box));
71df09024cea5f2faa93da3bb9513ee96ba6bf22Timo Sirainen            return -1;
10b8040903b1d1591f1d44552ff466c8789b8814Timo Sirainen        }
10b8040903b1d1591f1d44552ff466c8789b8814Timo Sirainen        memcpy(mailbox_key_r, key_buf.data, IMAP_URLAUTH_KEY_LEN);
0a9cb42cbb135e3200cbfbb657820304cca8ecb8Timo Sirainen    }
0a9cb42cbb135e3200cbfbb657820304cca8ecb8Timo Sirainen    return 1;
71df09024cea5f2faa93da3bb9513ee96ba6bf22Timo Sirainen}
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen
72bc08129fb0aaec8144cc183a998ccc426fef9eTimo Sirainenint imap_urlauth_backend_reset_mailbox_key(struct mailbox *box)
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen{
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen    return mailbox_attribute_unset(box, MAIL_ATTRIBUTE_TYPE_PRIVATE,
cdfdb67422891a44fc7d9ace6bc1a00185fd3528Timo Sirainen                       IMAP_URLAUTH_KEY) < 0 ? -1 : 1;
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen}
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen
f7141101e27d766b695ef27726f755117332a58eTimo Sirainenint imap_urlauth_backend_reset_all_keys(struct mail_user *user)
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen{
1d082a46e1676e7ec13928d588c4a25e062713ccTimo Sirainen    const char *const patterns[] = { "*", NULL };
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen    struct mailbox_list_iterate_context *iter;
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen    const struct mailbox_info *info;
7358272563d8ef77366447708ab0e58c0cff4151Timo Sirainen    struct mailbox *box;
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen    int ret = 0;
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen
32c779d5d0b3dabc697408e6b5d9d2e652180b33Timo Sirainen    iter = mailbox_list_iter_init_namespaces(user->namespaces, patterns,
32c779d5d0b3dabc697408e6b5d9d2e652180b33Timo Sirainen                         MAIL_NAMESPACE_TYPE_MASK_ALL,
32c779d5d0b3dabc697408e6b5d9d2e652180b33Timo Sirainen                         MAILBOX_LIST_ITER_NO_AUTO_BOXES |
4ee00532a265bdfb38539d811fcd12d51210ac35Timo Sirainen                         MAILBOX_LIST_ITER_SKIP_ALIASES |
7358272563d8ef77366447708ab0e58c0cff4151Timo Sirainen                         MAILBOX_LIST_ITER_RETURN_NO_FLAGS);
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen    while ((info = mailbox_list_iter_next(iter)) != NULL) {
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen        box = mailbox_alloc(info->ns->list, info->vname, 0);
885a3c2287ae3e5827aa580ea06b231de38abb47Timo Sirainen        if (mailbox_attribute_unset(box, MAIL_ATTRIBUTE_TYPE_PRIVATE,
a8281b7c770f4a9a842b19303083fc7f6859e756Timo Sirainen                        IMAP_URLAUTH_KEY) < 0)
a8281b7c770f4a9a842b19303083fc7f6859e756Timo Sirainen            ret = -1;
29f138b4b9bc037b21dfaa6b8e458943a99d5db2Timo Sirainen        mailbox_free(&box);
29f138b4b9bc037b21dfaa6b8e458943a99d5db2Timo Sirainen    }
29f138b4b9bc037b21dfaa6b8e458943a99d5db2Timo Sirainen    if (mailbox_list_iter_deinit(&iter) < 0)
7358272563d8ef77366447708ab0e58c0cff4151Timo Sirainen        ret = -1;
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen    return ret;
1db62753d9e3b5d71018889c8ef0a3722a307455Timo Sirainen}
a6ab8f00351265e35b79f3a22b1f5a4978ae5c35Timo Sirainen