authsaslplain.c

   1
   2 /*
   3 ** Copyright 2000-2005 Double Precision, Inc.  See COPYING for
   4 ** distribution information.
   5 */
   6
   7 #include        "courier_auth_config.h"
   8 #include        "auth.h"
   9 #include        "random128/random128.h"
  10 #include        "courierauthsasl.h"
  11 #include        <stdlib.h>
  12 #include        <string.h>
  13 #if     HAVE_UNISTD_H
  14 #include        <unistd.h>
  15 #endif
  16 #include        <ctype.h>
  17 #include        <stdio.h>
  18 #include        <errno.h>
  19
  20 extern char *strdupdefdomain(const char *userid, const char *s1,
  21                              const char *s2, const char *s3);
  22
  23 int authsasl_plain(const char *method, const char *initresponse,
  24                    char *(*getresp)(const char *, void *),
  25                    void *callback_arg,
  26                    char **authtype,
  27                    char **authdata)
  28 {
  29 char    *uid;
  30 char    *pw;
  31 char    *p;
  32 int     n;
  33 int     i;
  34
  35         if (initresponse)
  36         {
  37                 p=malloc(strlen(initresponse)+1);
  38                 if (!p)
  39                 {
  40                         perror("malloc");
  41                         return (AUTHSASL_ERROR);
  42                 }
  43                 strcpy(p, initresponse);
  44         }
  45         else
  46         {
  47                 p=authsasl_tobase64("", -1);
  48                 if (!p)
  49                 {
  50                         perror("malloc");
  51                         return (AUTHSASL_ERROR);
  52                 }
  53                 uid=getresp(p, callback_arg);
  54                 free(p);
  55                 p=uid;
  56                 if (!p)
  57                 {
  58                         perror("malloc");
  59                         return (AUTHSASL_ERROR);
  60                 }
  61
  62                 if (*p == '*')
  63                 {
  64                         free(p);
  65                         return (AUTHSASL_ABORTED);
  66                 }
  67         }
  68
  69         if ((n=authsasl_frombase64(p)) < 0)
  70         {
  71                 free(p);
  72                 return (AUTHSASL_ABORTED);
  73         }
  74         p[n]=0;
  75
  76         uid=pw=0;
  77
  78         for (i=0; i<n; i++)
  79         {
  80                 if (p[i] == 0)
  81                 {
  82                         ++i;
  83                         for (uid=p+i; i<n; i++)
  84                                 if (p[i] == 0)
  85                                 {
  86                                         pw=p+i+1;
  87                                         break;
  88                                 }
  89                 }
  90         }
  91
  92         if (pw == 0)
  93         {
  94                 free(p);
  95                 return (AUTHSASL_ABORTED);      /* Bad message */
  96         }
  97
  98         if ( (*authtype=malloc(sizeof(AUTHTYPE_LOGIN))) == 0)
  99         {
 100                 free(p);
 101                 perror("malloc");
 102                 return (AUTHSASL_ERROR);
 103         }
 104
 105         strcpy( *authtype, AUTHTYPE_LOGIN);
 106
 107         if ( (*authdata=strdupdefdomain(uid, "\n", pw, "\n")) == 0)
 108         {
 109                 free( *authtype );
 110                 free(p);
 111                 perror("malloc");
 112                 return (AUTHSASL_ERROR);
 113         }
 114
 115         free(p);
 116         return (AUTHSASL_OK);
 117 }