[hcoop/debian/exim4.git] / src / auths / call_pwcheck.c

/*************************************************
*     Exim - an Internet mail transport agent    *
*************************************************/

/* Copyright (c) University of Cambridge 1995 - 2015 */
/* See the file NOTICE for conditions of use and distribution. */

/* This module contains interface functions to the two Cyrus authentication
daemons. The original one was "pwcheck", which gives its name to the source
file. This is now deprecated in favour of "saslauthd". */


#include "../exim.h"
#include "pwcheck.h"


/*************************************************
*      External entry point for pwcheck          *
*************************************************/

/* This function calls the now-deprecated "pwcheck" Cyrus-SASL authentication
daemon, passing over a colon-separated user name and password. As this is
called from the string expander, the string will always be in dynamic store and
can be overwritten.

Arguments:
  s        a colon-separated username:password string
  errptr   where to point an error message

Returns:   OK if authentication succeeded
           FAIL if authentication failed
           ERROR some other error condition
*/

int
auth_call_pwcheck(uschar *s, uschar **errptr)
{
uschar *reply = NULL;
uschar *pw = Ustrrchr(s, ':');

if (pw == NULL)
  {
  *errptr = US"pwcheck: malformed input - missing colon";
  return ERROR;
  }

*pw++ = 0;   /* Separate user and password */

DEBUG(D_auth)
  debug_printf("Running pwcheck authentication for user \"%s\"\n", s);

switch (pwcheck_verify_password(CS s, CS pw, (const char **)(&reply)))
  {
  case PWCHECK_OK:
  DEBUG(D_auth) debug_printf("pwcheck: success (%s)\n", reply);
  return OK;

  case PWCHECK_NO:
  DEBUG(D_auth) debug_printf("pwcheck: access denied (%s)\n", reply);
  return FAIL;

  default:
  DEBUG(D_auth) debug_printf("pwcheck: query failed (%s)\n", reply);
  *errptr = reply;
  return ERROR;
  }
}


/*************************************************
*       External entry point for pwauthd         *
*************************************************/

/* This function calls the "saslauthd" Cyrus-SASL authentication daemon,
saslauthd, As this is called from the string expander, all the strings will
always be in dynamic store and can be overwritten.

Arguments:
  username        username
  password        password
  service         optional service
  realm           optional realm
  errptr          where to point an error message

Returns:   OK if authentication succeeded
           FAIL if authentication failed
           ERROR some other error condition
*/

int
auth_call_saslauthd(const uschar *username, const uschar *password,
  const uschar *service, const uschar *realm, uschar **errptr)
{
uschar *reply = NULL;

if (service == NULL) service = US"";
if (realm == NULL) realm = US"";

DEBUG(D_auth)
  debug_printf("Running saslauthd authentication for user \"%s\" \n", username);

switch (saslauthd_verify_password(username, password, service,
        realm, (const uschar **)(&reply)))
  {
  case PWCHECK_OK:
  DEBUG(D_auth) debug_printf("saslauthd: success (%s)\n", reply);
  return OK;

  case PWCHECK_NO:
  DEBUG(D_auth) debug_printf("saslauthd: access denied (%s)\n", reply);
  return FAIL;

  default:
  DEBUG(D_auth) debug_printf("saslauthd: query failed (%s)\n", reply);
  *errptr = reply;
  return ERROR;
  }
}

/* End of call_pwcheck.c */
Commit	Line	Data
420a0d19 CE	1	/*************************************************
	2	* Exim - an Internet mail transport agent *
	3	*************************************************/
	4
2813c06e	5	/* Copyright (c) University of Cambridge 1995 - 2015 */
420a0d19 CE	6	/* See the file NOTICE for conditions of use and distribution. */
	7
	8	/* This module contains interface functions to the two Cyrus authentication
	9	daemons. The original one was "pwcheck", which gives its name to the source
	10	file. This is now deprecated in favour of "saslauthd". */
	11
	12
	13	#include "../exim.h"
	14	#include "pwcheck.h"
	15
	16
	17	/*************************************************
	18	* External entry point for pwcheck *
	19	*************************************************/
	20
	21	/* This function calls the now-deprecated "pwcheck" Cyrus-SASL authentication
	22	daemon, passing over a colon-separated user name and password. As this is
	23	called from the string expander, the string will always be in dynamic store and
	24	can be overwritten.
	25
	26	Arguments:
	27	s a colon-separated username:password string
	28	errptr where to point an error message
	29
	30	Returns: OK if authentication succeeded
	31	FAIL if authentication failed
	32	ERROR some other error condition
	33	*/
	34
	35	int
	36	auth_call_pwcheck(uschar s, uschar *errptr)
	37	{
	38	uschar *reply = NULL;
	39	uschar *pw = Ustrrchr(s, ':');
	40
	41	if (pw == NULL)
	42	{
	43	*errptr = US"pwcheck: malformed input - missing colon";
	44	return ERROR;
	45	}
	46
	47	pw++ = 0; / Separate user and password */
	48
	49	DEBUG(D_auth)
	50	debug_printf("Running pwcheck authentication for user \"%s\"\n", s);
	51
	52	switch (pwcheck_verify_password(CS s, CS pw, (const char **)(&reply)))
	53	{
	54	case PWCHECK_OK:
	55	DEBUG(D_auth) debug_printf("pwcheck: success (%s)\n", reply);
	56	return OK;
	57
	58	case PWCHECK_NO:
	59	DEBUG(D_auth) debug_printf("pwcheck: access denied (%s)\n", reply);
	60	return FAIL;
	61
	62	default:
	63	DEBUG(D_auth) debug_printf("pwcheck: query failed (%s)\n", reply);
	64	*errptr = reply;
	65	return ERROR;
	66	}
	67	}
	68
	69
70	/*************************************************
71	* External entry point for pwauthd *
72	*************************************************/
73
74	/* This function calls the "saslauthd" Cyrus-SASL authentication daemon,
75	saslauthd, As this is called from the string expander, all the strings will
76	always be in dynamic store and can be overwritten.
77
78	Arguments:
79	username username
80	password password
81	service optional service
82	realm optional realm
83	errptr where to point an error message
84
85	Returns: OK if authentication succeeded
86	FAIL if authentication failed
87	ERROR some other error condition
88	*/
89
90	int
2813c06e CE	91	auth_call_saslauthd(const uschar username, const uschar password,
2813c06e CE	92	const uschar service, const uschar realm, uschar **errptr)
420a0d19 CE	93	{
	94	uschar *reply = NULL;
	95
	96	if (service == NULL) service = US"";
	97	if (realm == NULL) realm = US"";
	98
	99	DEBUG(D_auth)
	100	debug_printf("Running saslauthd authentication for user \"%s\" \n", username);
	101
	102	switch (saslauthd_verify_password(username, password, service,
	103	realm, (const uschar **)(&reply)))
	104	{
	105	case PWCHECK_OK:
	106	DEBUG(D_auth) debug_printf("saslauthd: success (%s)\n", reply);
	107	return OK;
	108
	109	case PWCHECK_NO:
	110	DEBUG(D_auth) debug_printf("saslauthd: access denied (%s)\n", reply);
	111	return FAIL;
	112
	113	default:
	114	DEBUG(D_auth) debug_printf("saslauthd: query failed (%s)\n", reply);
	115	*errptr = reply;
	116	return ERROR;
	117	}
	118	}
	119
	120	/* End of call_pwcheck.c */