+++ /dev/null
-/*
-** Copyright 1998 - 2001 Double Precision, Inc. See COPYING for
-** distribution information.
-*/
-
-#if HAVE_CONFIG_H
-#include "courier_auth_config.h"
-#endif
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <pwd.h>
-#if HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#include "auth.h"
-#include "courierauthdebug.h"
-#include <vpopmail.h>
-#include <vauth.h>
-#include "vpopmail_config.h"
-
-/* make use of pw_flags only if available */
-#ifndef VQPASSWD_HAS_PW_FLAGS
-#define pw_flags pw_gid
-#endif
-
-extern FILE *authvchkpw_file(const char *, const char *);
-
-static const char rcsid[]="$Id: preauthvchkpw.c,v 1.26 2007/04/22 18:53:30 mrsam Exp $";
-
-/* This function is called by the auth_vchkpw() function
- *
- * This function does the following :
- * - extract the username and domain from the supplied userid
- * - lookup the passwd entry for that user from the auth backend
- * - populate *and return) a courier authinfo structure with the values
- * from the vpopmail passwd entry
- *
- * Return -1 on perm failure
- * Return 0 on success
- * Return 1 on temp failure
- *
- */
-
-int auth_vchkpw_pre(
- const char *userid,
- const char *service,
- int (*callback)(struct authinfo *, void *),
- void *arg)
-{
-struct vqpasswd *vpw;
-static uid_t uid;
-gid_t gid;
-struct authinfo auth;
-static char User[256];
-static char Domain[256];
-static char options[80];
-
- /* Make sure the auth struct is empty */
- memset(&auth, 0, sizeof(auth));
-
- /* Take the supplied userid, and split it out into the user and domain
- * parts. (If a domain was not supplied, then set the domain to be
- * the default domain)
- */
- if ( parse_email(userid, User, Domain, 256) != 0) {
- /* Failed to successfully extract user and domain.
- * So now exit with a permanent failure code
- */
- DPRINTF("vchkpw: unable to split into user and domain");
- return(-1);
- }
-
- /* Check to see if the domain exists.
- * If so, on return vget_assign will :
- * Rewrite Domain to be the real domain if it was sent as an alias domain
- * Retrieve the domain's uid and gid
- */
- if ( vget_assign(Domain,NULL,0,&uid, &gid) == NULL ) {
- /* Domain does not exist
- * So now exit with a permanent failure code */
- DPRINTF("vchkpw: domain does not exist");
- return (-1);
- }
-
- /* Try and retrieve the user's passwd entry from the auth backend */
- if ( (vpw=vauth_getpw(User, Domain)) == NULL) {
- /* User does not exist
- * So now exit with a permanent failure code
- */
- DPRINTF("vchkpw: user does not exist");
- return (-1);
- }
-
- /* Check to see if the user has been allocated a dir yet.
- * Some of the vpopmail backends (eg mysql) allow users to
- * be manually inserted into the auth backend but without
- * allocating a dir. A dir will be created when the user
- * first trys to auth (or when they 1st receive mail)
- */
- if (vpw->pw_dir == NULL || strlen(vpw->pw_dir) == 0 ) {
- /* user does not have a dir allocated yet */
- if ( make_user_dir(User, Domain, uid, gid) == NULL) {
- /* Could not allocate a user dir at this time
- * so exit with a temp error code
- */
- DPRINTF("vchkpw: make_user_dir failed");
- return(1);
- }
- /* We have allocated the user a dir now.
- * Go and grab the updated passwd entry
- */
- if ( (vpw=vauth_getpw(User, Domain)) == NULL ) {
- /* Could not get the passwd entry
- * So exit with a permanent failure code
- */
- DPRINTF("vchkpw: could not get the password entry");
- return(-1);
- }
- }
-
- snprintf(options, sizeof(options),
- "disablewebmail=%d,disablepop3=%d,disableimap=%d",
- vpw->pw_flags & NO_WEBMAIL ? 1 : 0,
- vpw->pw_flags & NO_POP ? 1 : 0,
- vpw->pw_flags & NO_IMAP ? 1 : 0);
-
-#ifdef HAVE_VSET_LASTAUTH
- /* if we are keeping track of their last auth time,
- * then store this value now. Note that this isnt
- * consistent with the authentication via vchkpw
- * because it only stores the lastauth attempt
- * after the password has been verified. Here we are
- * logging it after the user has been found to exist,
- * but before the password has been verified. We could
- * do the logging inside authvchkpw.c, but that would
- * be a lot harder because we would have to go and
- * parse_email() again there before calling vset_lastauth()
- */
- vset_lastauth(User, Domain, service);
-#endif
-
- /* save the user's passwd fields into the appropriate
- * courier structure
- */
- /*auth.sysusername = userid;*/
- auth.sysuserid = &uid;
- auth.sysgroupid = gid;
- auth.homedir = vpw->pw_dir;
- auth.address = userid;
- auth.fullname = vpw->pw_gecos;
- auth.passwd = vpw->pw_passwd;
- auth.clearpasswd = vpw->pw_clear_passwd;
- auth.options = options;
- courier_authdebug_authinfo("DEBUG: authvchkpw: ", &auth, 0, vpw->pw_passwd);
-
- return ((*callback)(&auth, arg));
-}