| 1 | /* |
| 2 | ** Copyright 1998 - 2000 Double Precision, Inc. See COPYING for |
| 3 | ** distribution information. |
| 4 | */ |
| 5 | |
| 6 | #if HAVE_CONFIG_H |
| 7 | #include "courier_auth_config.h" |
| 8 | #endif |
| 9 | #include <stdio.h> |
| 10 | #include <stdlib.h> |
| 11 | #include <string.h> |
| 12 | #include <errno.h> |
| 13 | #include <pwd.h> |
| 14 | #if HAVE_UNISTD_H |
| 15 | #include <unistd.h> |
| 16 | #endif |
| 17 | |
| 18 | #include "auth.h" |
| 19 | #include "authcustom.h" |
| 20 | #include "courierauthdebug.h" |
| 21 | |
| 22 | static const char rcsid[]="$Id: preauthcustom.c,v 1.6 2005/02/20 04:41:20 mrsam Exp $"; |
| 23 | |
| 24 | int auth_custom_pre(const char *userid, const char *service, |
| 25 | int (*callback)(struct authinfo *, void *), |
| 26 | void *arg) |
| 27 | { |
| 28 | return (authcustomcommon(userid, 0, callback, arg)); |
| 29 | } |
| 30 | |
| 31 | static int do_auth_custom(const char *, struct authinfo *); |
| 32 | |
| 33 | int authcustomcommon(const char *user, const char *pass, |
| 34 | int (*callback)(struct authinfo *, void *), |
| 35 | void *arg) |
| 36 | { |
| 37 | struct authinfo auth; |
| 38 | int rc; |
| 39 | |
| 40 | memset(&auth, 0, sizeof(auth)); |
| 41 | |
| 42 | rc=do_auth_custom(user, &auth); |
| 43 | |
| 44 | if (rc) |
| 45 | return (rc); |
| 46 | |
| 47 | if (pass == 0) |
| 48 | return (0); /* Just get the authentication info */ |
| 49 | |
| 50 | if (auth.clearpasswd) |
| 51 | { |
| 52 | if (strcmp(pass, auth.clearpasswd)) |
| 53 | return (-1); |
| 54 | } |
| 55 | else |
| 56 | { |
| 57 | const char *p=auth.passwd; |
| 58 | |
| 59 | if (!p || authcheckpassword(pass, p)) |
| 60 | return (-1); |
| 61 | } |
| 62 | |
| 63 | auth.clearpasswd=pass; |
| 64 | return ((*callback)(&auth, arg)); |
| 65 | } |
| 66 | |
| 67 | static int do_auth_custom(const char *userid, struct authinfo *authinfo) |
| 68 | { |
| 69 | /* |
| 70 | ** Insert custom authentication code here. This code must obtain |
| 71 | ** authentication information for account 'userid'. |
| 72 | ** |
| 73 | ** If you need to link with specific external libraries (-lnsl_s, |
| 74 | ** et al), you'll just have to bite the bullet, install automake |
| 75 | ** and autoconf, then set authcustom.libsdep and authcustom_LDADD |
| 76 | ** in Makefile.am |
| 77 | */ |
| 78 | |
| 79 | /* |
| 80 | ** If userid does not exist, return (-1). |
| 81 | */ |
| 82 | |
| 83 | DPRINTF("authcustom: nothing implemented in do_auth_custom()"); |
| 84 | return (-1); |
| 85 | |
| 86 | /* |
| 87 | ** If there is some kind of a system problem, that is you are |
| 88 | ** unable to check whether userid is valid (the back end database |
| 89 | ** is down, or something) return (1). |
| 90 | */ |
| 91 | |
| 92 | /* |
| 93 | ** Otherwise, initialize the authinfo structure, and return (0). |
| 94 | ** |
| 95 | ** NOTES: this function can be called repeated within a single |
| 96 | ** process, in certain contexts. Do not simply dynamically |
| 97 | ** allocate memory for all the character strings, each time, because |
| 98 | ** the caller WILL NOT free the memory of any dynamically allocated |
| 99 | ** strings. If you keep dynamically allocating memory, each time, |
| 100 | ** you're going to get a memory leak, somewhere, and YOU'LL FUCK |
| 101 | ** YOURSELF. What you should do is either use a static buffer, |
| 102 | ** or dynamically allocate some memory, and free that memory on |
| 103 | ** the next function call. |
| 104 | ** |
| 105 | ** Additionally: |
| 106 | ** |
| 107 | ** If you open any files, you MUST set FD_CLOEXEC bit on any |
| 108 | ** file descriptor you create (open files, sockets, whatnot). |
| 109 | ** |
| 110 | ** Someone else might do a fork and an exec, so you need to make |
| 111 | ** sure things get cleaned up, in that event. |
| 112 | ** |
| 113 | ** Fields in the auth structure: |
| 114 | ** |
| 115 | ** sysusername - REQUIRED - user name, should simply be userid, |
| 116 | ** unless you know what you're doing. |
| 117 | ** sysuserid - REQUIRED - pointer to the user's uid_t (yes, it's |
| 118 | ** a pointer). |
| 119 | ** sysgroupid - REQUIRED - gid_t, the group ID of the user. |
| 120 | ** |
| 121 | ** homedir - REQUIRED - home directory. |
| 122 | ** |
| 123 | ** address - REQUIRED - the 'identity' of the authenticated user, |
| 124 | ** the e-mail address. It is acceptable to set |
| 125 | ** this field also to userid, if you can't think |
| 126 | ** of anything better to do. |
| 127 | ** |
| 128 | ** fullname - OPTIONAL - user's full name. |
| 129 | ** |
| 130 | ** maildir - OPTIONAL - user's primary maildir ($HOME/Maildir default) |
| 131 | ** |
| 132 | ** quota - OPTIONAL - user's maildir quota (see a README somewhere) |
| 133 | ** |
| 134 | ** passwd, clearpasswd - one of these fields must be initialized, |
| 135 | ** either one is ok. Initialize clearpasswd |
| 136 | ** if you store cleartext passwords. If you |
| 137 | ** store crypted passwords, initialize passwd. |
| 138 | */ |
| 139 | } |
| 140 | |
| 141 | void authcustomclose() |
| 142 | { |
| 143 | /* |
| 144 | ** Place any cleanup here. |
| 145 | */ |
| 146 | } |