#include "auth.h"
#include "authpgsql.h"
+#include "courierauth.h"
#include "courierauthstaticlist.h"
#include "courierauthdebug.h"
#include "libhmac/hmac.h"
-#include "cramlib.h"
-
extern void auth_pgsql_enumerate( void(*cb_func)(const char *name,
uid_t uid,
void *void_arg),
void *void_arg);
-static int auth_pgsql_login(const char *service, char *authdata,
- int (*callback_func)(struct authinfo *, void *),
- void *callback_arg)
-{
- char *user, *pass;
- struct authpgsqluserinfo *authinfo;
- struct authinfo aa;
-
- if ((user=strtok(authdata, "\n")) == 0 ||
- (pass=strtok(0, "\n")) == 0)
- {
- errno=EPERM;
- return (-1);
- }
-
- authinfo=auth_pgsql_getuserinfo(user, service);
-
- if (!authinfo) /* Fatal error - such as PgSQL being down */
- {
- errno=EACCES;
- return (-1);
- }
-
- if (authinfo->cryptpw)
- {
- if (authcheckpassword(pass,authinfo->cryptpw))
- {
- errno=EPERM;
- return (-1); /* User/Password not found. */
- }
- }
- else if (authinfo->clearpw)
- {
- if (strcmp(pass, authinfo->clearpw))
- {
- if (courier_authdebug_login_level >= 2)
- {
- DPRINTF("supplied password '%s' does not match clearpasswd '%s'",
- pass, authinfo->clearpw);
- }
- else
- {
- DPRINTF("supplied password does not match clearpasswd");
- }
- errno=EPERM;
- return (-1);
- }
- }
- else
- {
- DPRINTF("no password available to compare");
- errno=EPERM;
- return (-1); /* Username not found */
- }
-
-
- memset(&aa, 0, sizeof(aa));
-
- /*aa.sysusername=user;*/
- aa.sysuserid= &authinfo->uid;
- aa.sysgroupid= authinfo->gid;
- aa.homedir=authinfo->home;
- aa.maildir=authinfo->maildir && authinfo->maildir[0] ?
- authinfo->maildir:0;
- aa.address=authinfo->username;
- aa.quota=authinfo->quota && authinfo->quota[0] ?
- authinfo->quota:0;
- aa.fullname=authinfo->fullname;
- aa.options=authinfo->options;
- aa.passwd=authinfo->cryptpw;
- aa.clearpasswd=pass;
- courier_authdebug_authinfo("DEBUG: authpgsql: ", &aa,
- authinfo->clearpw, authinfo->cryptpw);
- return (*callback_func)(&aa, callback_arg);
-}
-
-static int auth_pgsql_changepw(const char *service, const char *user,
- const char *pass,
- const char *newpass)
-{
- struct authpgsqluserinfo *authinfo;
-
- authinfo=auth_pgsql_getuserinfo(user, service);
-
- if (!authinfo)
- {
- errno=ENOENT;
- return (-1);
- }
-
- if (authinfo->cryptpw)
- {
- if (authcheckpassword(pass,authinfo->cryptpw))
- {
- errno=EPERM;
- return (-1); /* User/Password not found. */
- }
- }
- else if (authinfo->clearpw)
- {
- if (strcmp(pass, authinfo->clearpw))
- {
- errno=EPERM;
- return (-1);
- }
- }
- else
- {
- errno=EPERM;
- return (-1);
- }
-
- if (auth_pgsql_setpass(user, newpass, authinfo->cryptpw))
- {
- errno=EPERM;
- return (-1);
- }
- return (0);
-}
-
static int auth_pgsql_cram(const char *service,
const char *authtype, char *authdata,
int (*callback_func)(struct authinfo *, void *),