HCoop / hcoop / debian / courier-authlib.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'debian'
[hcoop/debian/courier-authlib.git] / authsqlite.c
1 /*
2 ** Copyright 2000-2008 Double Precision, Inc. See COPYING for
3 ** distribution information.
4 */
5 #if HAVE_CONFIG_H
6 #include "courier_auth_config.h"
7 #endif
8 #include <stdio.h>
9 #include <stdlib.h>
10 #include <string.h>
11 #include <errno.h>
12 #include <pwd.h>
13 #if HAVE_UNISTD_H
14 #include <unistd.h>
15 #endif
16
17 #include "auth.h"
18 #include "authsqlite.h"
19 #include "courierauthstaticlist.h"
20 #include "courierauthdebug.h"
21 #include "libhmac/hmac.h"
22 #include "cramlib.h"
23
24
25 extern void auth_sqlite_enumerate( void(*cb_func)(const char *name,
26 uid_t uid,
27 gid_t gid,
28 const char *homedir,
29 const char *maildir,
30 const char *options,
31 void *void_arg),
32 void *void_arg);
33
34 static int auth_sqlite_login(const char *service, char *authdata,
35 int (*callback_func)(struct authinfo *, void *),
36 void *callback_arg)
37 {
38 char *user, *pass;
39 struct authsqliteuserinfo *authinfo;
40 struct authinfo aa;
41
42
43 if ((user=strtok(authdata, "\n")) == 0 ||
44 (pass=strtok(0, "\n")) == 0)
45 {
46 errno=EPERM;
47 return (-1);
48 }
49
50 authinfo=auth_sqlite_getuserinfo(user, service);
51
52 if (!authinfo) /* Fatal error - such as Sqlite being down */
53 {
54 errno=EACCES;
55 return (1);
56 }
57
58 if (authinfo->cryptpw)
59 {
60 if (authcheckpassword(pass,authinfo->cryptpw))
61 {
62 errno=EPERM;
63 return (-1); /* User/Password not found. */
64 }
65 }
66 else if (authinfo->clearpw)
67 {
68 if (strcmp(pass, authinfo->clearpw))
69 {
70 if (courier_authdebug_login_level >= 2)
71 {
72 DPRINTF("supplied password '%s' does not match clearpasswd '%s'",
73 pass, authinfo->clearpw);
74 }
75 else
76 {
77 DPRINTF("supplied password does not match clearpasswd");
78 }
79 errno=EPERM;
80 return (-1);
81 }
82 }
83 else
84 {
85 DPRINTF("no password available to compare");
86 errno=EPERM;
87 return (-1); /* Username not found */
88 }
89
90 memset(&aa, 0, sizeof(aa));
91
92 aa.sysuserid= &authinfo->uid;
93 aa.sysgroupid= authinfo->gid;
94 aa.homedir=authinfo->home;
95 aa.maildir=authinfo->maildir && authinfo->maildir[0] ?
96 authinfo->maildir:0;
97 aa.address=authinfo->username;
98 aa.quota=authinfo->quota && authinfo->quota[0] ?
99 authinfo->quota:0;
100 aa.fullname=authinfo->fullname;
101 aa.options=authinfo->options;
102 aa.clearpasswd=pass;
103 aa.passwd=authinfo->cryptpw;
104 courier_authdebug_authinfo("DEBUG: authsqlite: ", &aa,
105 authinfo->clearpw, authinfo->cryptpw);
106
107 return (*callback_func)(&aa, callback_arg);
108 }
109
110 static int auth_sqlite_changepw(const char *service, const char *user,
111 const char *pass,
112 const char *newpass)
113 {
114 struct authsqliteuserinfo *authinfo;
115
116 authinfo=auth_sqlite_getuserinfo(user, service);
117
118 if (!authinfo)
119 {
120 errno=ENOENT;
121 return (-1);
122 }
123
124 if (authinfo->cryptpw)
125 {
126 if (authcheckpassword(pass,authinfo->cryptpw))
127 {
128 errno=EPERM;
129 return (-1); /* User/Password not found. */
130 }
131 }
132 else if (authinfo->clearpw)
133 {
134 if (strcmp(pass, authinfo->clearpw))
135 {
136 errno=EPERM;
137 return (-1);
138 }
139 }
140 else
141 {
142 errno=EPERM;
143 return (-1);
144 }
145
146 if (auth_sqlite_setpass(user, newpass, authinfo->cryptpw))
147 {
148 errno=EPERM;
149 return (-1);
150 }
151 return (0);
152 }
153
154 static int auth_sqlite_cram(const char *service,
155 const char *authtype, char *authdata,
156 int (*callback_func)(struct authinfo *, void *),
157 void *callback_arg)
158 {
159 struct cram_callback_info cci;
160
161 if (auth_get_cram(authtype, authdata, &cci))
162 return (-1);
163
164 cci.callback_func=callback_func;
165 cci.callback_arg=callback_arg;
166
167 return auth_sqlite_pre(cci.user, service, &auth_cram_callback, &cci);
168 }
169
170 int auth_sqlite(const char *service, const char *authtype, char *authdata,
171 int (*callback_func)(struct authinfo *, void *),
172 void *callback_arg)
173 {
174 if (strcmp(authtype, AUTHTYPE_LOGIN) == 0)
175 return (auth_sqlite_login(service, authdata,
176 callback_func, callback_arg));
177
178 return (auth_sqlite_cram(service, authtype, authdata,
179 callback_func, callback_arg));
180 }
181
182 extern int auth_sqlite_pre(const char *user, const char *service,
183 int (*callback)(struct authinfo *, void *),
184 void *arg);
185
186 static struct authstaticinfo authsqlite_info={
187 "authsqlite",
188 auth_sqlite,
189 auth_sqlite_pre,
190 auth_sqlite_cleanup,
191 auth_sqlite_changepw,
192 auth_sqlite_cleanup,
193 auth_sqlite_enumerate};
194
195
196 struct authstaticinfo *courier_authsqlite_init()
197 {
198 return &authsqlite_info;
199 }
courier-authlib packaging