Commit | Line | Data |
---|---|---|
0756eb3c PH |
1 | /************************************************* |
2 | * Exim - an Internet mail transport agent * | |
3 | *************************************************/ | |
4 | ||
3386088d | 5 | /* Copyright (c) University of Cambridge 1995 - 2015 */ |
0756eb3c PH |
6 | /* See the file NOTICE for conditions of use and distribution. */ |
7 | ||
8 | /* This module contains interface functions to the two Cyrus authentication | |
9 | daemons. The original one was "pwcheck", which gives its name to the source | |
10 | file. This is now deprecated in favour of "saslauthd". */ | |
11 | ||
12 | ||
13 | #include "../exim.h" | |
14 | #include "pwcheck.h" | |
15 | ||
16 | ||
17 | /************************************************* | |
18 | * External entry point for pwcheck * | |
19 | *************************************************/ | |
20 | ||
21 | /* This function calls the now-deprecated "pwcheck" Cyrus-SASL authentication | |
22 | daemon, passing over a colon-separated user name and password. As this is | |
23 | called from the string expander, the string will always be in dynamic store and | |
24 | can be overwritten. | |
25 | ||
26 | Arguments: | |
27 | s a colon-separated username:password string | |
28 | errptr where to point an error message | |
29 | ||
30 | Returns: OK if authentication succeeded | |
31 | FAIL if authentication failed | |
32 | ERROR some other error condition | |
33 | */ | |
34 | ||
35 | int | |
36 | auth_call_pwcheck(uschar *s, uschar **errptr) | |
37 | { | |
38 | uschar *reply = NULL; | |
39 | uschar *pw = Ustrrchr(s, ':'); | |
40 | ||
41 | if (pw == NULL) | |
42 | { | |
43 | *errptr = US"pwcheck: malformed input - missing colon"; | |
44 | return ERROR; | |
45 | } | |
46 | ||
47 | *pw++ = 0; /* Separate user and password */ | |
48 | ||
49 | DEBUG(D_auth) | |
50 | debug_printf("Running pwcheck authentication for user \"%s\"\n", s); | |
51 | ||
52 | switch (pwcheck_verify_password(CS s, CS pw, (const char **)(&reply))) | |
53 | { | |
54 | case PWCHECK_OK: | |
55 | DEBUG(D_auth) debug_printf("pwcheck: success (%s)\n", reply); | |
56 | return OK; | |
57 | ||
58 | case PWCHECK_NO: | |
59 | DEBUG(D_auth) debug_printf("pwcheck: access denied (%s)\n", reply); | |
60 | return FAIL; | |
61 | ||
62 | default: | |
63 | DEBUG(D_auth) debug_printf("pwcheck: query failed (%s)\n", reply); | |
64 | *errptr = reply; | |
65 | return ERROR; | |
66 | } | |
67 | } | |
68 | ||
69 | ||
70 | /************************************************* | |
71 | * External entry point for pwauthd * | |
72 | *************************************************/ | |
73 | ||
74 | /* This function calls the "saslauthd" Cyrus-SASL authentication daemon, | |
75 | saslauthd, As this is called from the string expander, all the strings will | |
76 | always be in dynamic store and can be overwritten. | |
77 | ||
78 | Arguments: | |
79 | username username | |
80 | password password | |
81 | service optional service | |
82 | realm optional realm | |
83 | errptr where to point an error message | |
84 | ||
85 | Returns: OK if authentication succeeded | |
86 | FAIL if authentication failed | |
87 | ERROR some other error condition | |
88 | */ | |
89 | ||
90 | int | |
93a6fce2 JH |
91 | auth_call_saslauthd(const uschar *username, const uschar *password, |
92 | const uschar *service, const uschar *realm, uschar **errptr) | |
0756eb3c PH |
93 | { |
94 | uschar *reply = NULL; | |
95 | ||
96 | if (service == NULL) service = US""; | |
97 | if (realm == NULL) realm = US""; | |
98 | ||
99 | DEBUG(D_auth) | |
100 | debug_printf("Running saslauthd authentication for user \"%s\" \n", username); | |
101 | ||
102 | switch (saslauthd_verify_password(username, password, service, | |
103 | realm, (const uschar **)(&reply))) | |
104 | { | |
105 | case PWCHECK_OK: | |
106 | DEBUG(D_auth) debug_printf("saslauthd: success (%s)\n", reply); | |
107 | return OK; | |
108 | ||
109 | case PWCHECK_NO: | |
110 | DEBUG(D_auth) debug_printf("saslauthd: access denied (%s)\n", reply); | |
111 | return FAIL; | |
112 | ||
113 | default: | |
114 | DEBUG(D_auth) debug_printf("saslauthd: query failed (%s)\n", reply); | |
115 | *errptr = reply; | |
116 | return ERROR; | |
117 | } | |
118 | } | |
119 | ||
120 | /* End of call_pwcheck.c */ |