-/*
-** Copyright 2000-2008 Double Precision, Inc. See COPYING for
-** distribution information.
-*/
-#if HAVE_CONFIG_H
-#include "courier_auth_config.h"
-#endif
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <pwd.h>
-#if HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include "auth.h"
-#include "authsqlite.h"
-#include "courierauthstaticlist.h"
-#include "courierauthdebug.h"
-#include "libhmac/hmac.h"
-#include "cramlib.h"
-
-
-extern void auth_sqlite_enumerate( void(*cb_func)(const char *name,
- uid_t uid,
- gid_t gid,
- const char *homedir,
- const char *maildir,
- const char *options,
- void *void_arg),
- void *void_arg);
-
-static int auth_sqlite_login(const char *service, char *authdata,
- int (*callback_func)(struct authinfo *, void *),
- void *callback_arg)
-{
- char *user, *pass;
- struct authsqliteuserinfo *authinfo;
- struct authinfo aa;
-
-
- if ((user=strtok(authdata, "\n")) == 0 ||
- (pass=strtok(0, "\n")) == 0)
- {
- errno=EPERM;
- return (-1);
- }
-
- authinfo=auth_sqlite_getuserinfo(user, service);
-
- if (!authinfo) /* Fatal error - such as Sqlite being down */
- {
- errno=EACCES;
- return (1);
- }
-
- if (authinfo->cryptpw)
- {
- if (authcheckpassword(pass,authinfo->cryptpw))
- {
- errno=EPERM;
- return (-1); /* User/Password not found. */
- }
- }
- else if (authinfo->clearpw)
- {
- if (strcmp(pass, authinfo->clearpw))
- {
- if (courier_authdebug_login_level >= 2)
- {
- DPRINTF("supplied password '%s' does not match clearpasswd '%s'",
- pass, authinfo->clearpw);
- }
- else
- {
- DPRINTF("supplied password does not match clearpasswd");
- }
- errno=EPERM;
- return (-1);
- }
- }
- else
- {
- DPRINTF("no password available to compare");
- errno=EPERM;
- return (-1); /* Username not found */
- }
-
- memset(&aa, 0, sizeof(aa));
-
- aa.sysuserid= &authinfo->uid;
- aa.sysgroupid= authinfo->gid;
- aa.homedir=authinfo->home;
- aa.maildir=authinfo->maildir && authinfo->maildir[0] ?
- authinfo->maildir:0;
- aa.address=authinfo->username;
- aa.quota=authinfo->quota && authinfo->quota[0] ?
- authinfo->quota:0;
- aa.fullname=authinfo->fullname;
- aa.options=authinfo->options;
- aa.clearpasswd=pass;
- aa.passwd=authinfo->cryptpw;
- courier_authdebug_authinfo("DEBUG: authsqlite: ", &aa,
- authinfo->clearpw, authinfo->cryptpw);
-
- return (*callback_func)(&aa, callback_arg);
-}
-
-static int auth_sqlite_changepw(const char *service, const char *user,
- const char *pass,
- const char *newpass)
-{
- struct authsqliteuserinfo *authinfo;
-
- authinfo=auth_sqlite_getuserinfo(user, service);
-
- if (!authinfo)
- {
- errno=ENOENT;
- return (-1);
- }
-
- if (authinfo->cryptpw)
- {
- if (authcheckpassword(pass,authinfo->cryptpw))
- {
- errno=EPERM;
- return (-1); /* User/Password not found. */
- }
- }
- else if (authinfo->clearpw)
- {
- if (strcmp(pass, authinfo->clearpw))
- {
- errno=EPERM;
- return (-1);
- }
- }
- else
- {
- errno=EPERM;
- return (-1);
- }
-
- if (auth_sqlite_setpass(user, newpass, authinfo->cryptpw))
- {
- errno=EPERM;
- return (-1);
- }
- return (0);
-}
-
-static int auth_sqlite_cram(const char *service,
- const char *authtype, char *authdata,
- int (*callback_func)(struct authinfo *, void *),
- void *callback_arg)
-{
- struct cram_callback_info cci;
-
- if (auth_get_cram(authtype, authdata, &cci))
- return (-1);
-
- cci.callback_func=callback_func;
- cci.callback_arg=callback_arg;
-
- return auth_sqlite_pre(cci.user, service, &auth_cram_callback, &cci);
-}
-
-int auth_sqlite(const char *service, const char *authtype, char *authdata,
- int (*callback_func)(struct authinfo *, void *),
- void *callback_arg)
-{
- if (strcmp(authtype, AUTHTYPE_LOGIN) == 0)
- return (auth_sqlite_login(service, authdata,
- callback_func, callback_arg));
-
- return (auth_sqlite_cram(service, authtype, authdata,
- callback_func, callback_arg));
-}
-
-extern int auth_sqlite_pre(const char *user, const char *service,
- int (*callback)(struct authinfo *, void *),
- void *arg);
-
-static struct authstaticinfo authsqlite_info={
- "authsqlite",
- auth_sqlite,
- auth_sqlite_pre,
- auth_sqlite_cleanup,
- auth_sqlite_changepw,
- auth_sqlite_cleanup,
- auth_sqlite_enumerate};
-
-
-struct authstaticinfo *courier_authsqlite_init()
-{
- return &authsqlite_info;
-}