X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Fsrc%2Fauths%2Fdovecot.c;h=a83fdfdedd6bef321944bd87d61bb5f3c3b869d7;hb=c71c454d483e6bfbecea437978beda69044e5498;hp=5bf7b9cc309d4766ba442fd75e51297c74c81511;hpb=4fab92fbc2b63bac2d89c1dae69fa1845cb640b7;p=exim.git diff --git a/src/src/auths/dovecot.c b/src/src/auths/dovecot.c index 5bf7b9cc3..a83fdfded 100644 --- a/src/src/auths/dovecot.c +++ b/src/src/auths/dovecot.c @@ -1,6 +1,6 @@ /* * Copyright (c) 2004 Andrey Panin - * Copyright (c) 2006-2016 The Exim Maintainers + * Copyright (c) 2006-2017 The Exim Maintainers * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published @@ -61,8 +61,7 @@ optionlist auth_dovecot_options[] = { /* Size of the options list. An extern variable has to be used so that its address can appear in the tables drtables.c. */ -int auth_dovecot_options_count = - sizeof(auth_dovecot_options) / sizeof(optionlist); +int auth_dovecot_options_count = nelem(auth_dovecot_options); /* Default private options block for the authentication method. */ @@ -71,6 +70,19 @@ auth_dovecot_options_block auth_dovecot_option_defaults = { }; + + +#ifdef MACRO_PREDEF + +/* Dummy values */ +void auth_dovecot_init(auth_instance *ablock) {} +int auth_dovecot_server(auth_instance *ablock, uschar *data) {return 0;} +int auth_dovecot_client(auth_instance *ablock, void * sx, + int timeout, uschar *buffer, int buffsize) {return 0;} + +#else /*!MACRO_PREDEF*/ + + /* Static variables for reading from the socket */ static uschar sbuffer[256]; @@ -88,14 +100,12 @@ to be set up. */ void auth_dovecot_init(auth_instance *ablock) { - auth_dovecot_options_block *ob = - (auth_dovecot_options_block *)(ablock->options_block); - - if (ablock->public_name == NULL) - ablock->public_name = ablock->name; - if (ob->server_socket != NULL) - ablock->server = TRUE; - ablock->client = FALSE; +auth_dovecot_options_block *ob = + (auth_dovecot_options_block *)(ablock->options_block); + +if (!ablock->public_name) ablock->public_name = ablock->name; +if (ob->server_socket) ablock->server = TRUE; +ablock->client = FALSE; } /************************************************* @@ -118,52 +128,51 @@ actual fields (so last valid offset into ptrs is one less). static int strcut(uschar *str, uschar **ptrs, int nptrs) { - uschar *last_sub_start = str; - int n; - - for (n = 0; n < nptrs; n++) - ptrs[n] = NULL; - n = 1; - - while (*str) { - if (*str == '\t') { - if (n <= nptrs) { - *ptrs++ = last_sub_start; - last_sub_start = str + 1; - *str = '\0'; - } - n++; - } - str++; - } - - /* It's acceptable for the string to end with a tab character. We see - this in AUTH PLAIN without an initial response from the client, which - causing us to send "334 " and get the data from the client. */ - if (n <= nptrs) { - *ptrs = last_sub_start; - } else { - HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs); - n = nptrs; - } - - return n <= nptrs ? n : nptrs; +uschar *last_sub_start = str; +int n; + +for (n = 0; n < nptrs; n++) + ptrs[n] = NULL; +n = 1; + +while (*str) + if (*str++ == '\t') + if (n++ <= nptrs) + { + *ptrs++ = last_sub_start; + last_sub_start = str; + str[-1] = '\0'; + } + +/* It's acceptable for the string to end with a tab character. We see +this in AUTH PLAIN without an initial response from the client, which +causing us to send "334 " and get the data from the client. */ +if (n <= nptrs) + *ptrs = last_sub_start; +else + { + HDEBUG(D_auth) + debug_printf("dovecot: warning: too many results from tab-splitting;" + " saw %d fields, room for %d\n", n, nptrs); + n = nptrs; + } + +return n <= nptrs ? n : nptrs; } static void debug_strcut(uschar **ptrs, int nlen, int alen) ARG_UNUSED; static void debug_strcut(uschar **ptrs, int nlen, int alen) { - int i; - debug_printf("%d read but unreturned bytes; strcut() gave %d results: ", - socket_buffer_left, nlen); - for (i = 0; i < nlen; i++) { - debug_printf(" {%s}", ptrs[i]); - } - if (nlen < alen) - debug_printf(" last is %s\n", ptrs[i] ? ptrs[i] : US""); - else - debug_printf(" (max for capacity)\n"); +int i; +debug_printf("%d read but unreturned bytes; strcut() gave %d results: ", + socket_buffer_left, nlen); +for (i = 0; i < nlen; i++) + debug_printf(" {%s}", ptrs[i]); +if (nlen < alen) + debug_printf(" last is %s\n", ptrs[i] ? ptrs[i] : US""); +else + debug_printf(" (max for capacity)\n"); } #define CHECK_COMMAND(str, arg_min, arg_max) do { \ @@ -199,8 +208,8 @@ for (;;) { if (socket_buffer_left == 0) { - socket_buffer_left = read(fd, sbuffer, sizeof(sbuffer)); - if (socket_buffer_left == 0) { if (count == 0) return NULL; else break; } + if ((socket_buffer_left = read(fd, sbuffer, sizeof(sbuffer))) <= 0) + if (count == 0) return NULL; else break; p = 0; } @@ -283,7 +292,7 @@ auth_defer_msg = US"authentication socket protocol error"; socket_buffer_left = 0; /* Global, used to read more than a line but return by line */ while (cont) { - if (dc_gets(buffer, sizeof(buffer), fd) == NULL) + if (!dc_gets(buffer, sizeof(buffer), fd)) OUT("authentication socket read error or premature eof"); p = buffer + Ustrlen(buffer) - 1; if (*p != '\n') @@ -292,9 +301,9 @@ while (cont) *p = '\0'; HDEBUG(D_auth) debug_printf("received: %s\n", buffer); - nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0])); + nargs = strcut(buffer, args, nelem(args)); - /* HDEBUG(D_auth) debug_strcut(args, nargs, sizeof(args) / sizeof(args[0])); */ + /* HDEBUG(D_auth) debug_strcut(args, nargs, nelem(args)); */ /* Code below rewritten by Kirill Miazine (km@krot.org). Only check commands that Exim will need. Original code also failed if Dovecot server sent unknown @@ -360,12 +369,12 @@ if (Ustrchr(data, '\t') != NULL) /* Added by PH: extra fields when TLS is in use or if the TCP/IP connection is local. */ -if (tls_in.cipher != NULL) +if (tls_in.cipher) auth_extra_data = string_sprintf("secured\t%s%s", - tls_in.certificate_verified? "valid-client-cert" : "", - tls_in.certificate_verified? "\t" : ""); + tls_in.certificate_verified ? "valid-client-cert" : "", + tls_in.certificate_verified ? "\t" : ""); -else if ( interface_address != NULL +else if ( interface_address && Ustrcmp(sender_host_address, interface_address) == 0) auth_extra_data = US"secured\t"; @@ -380,7 +389,7 @@ fprintf(f, "VERSION\t%d\t%d\r\nSERVICE\tSMTP\r\nCPID\t%d\r\n" "AUTH\t%d\t%s\trip=%s\tlip=%s\tresp=%s\r\n", VERSION_MAJOR, VERSION_MINOR, getpid(), cuid, ablock->public_name, sender_host_address, interface_address, - data ? (char *) data : ""); + data ? CS data : ""); Subsequently, the command was modified to add "secured" and "valid-client- cert" when relevant. @@ -402,9 +411,8 @@ while (1) { uschar *temp; uschar *auth_id_pre = NULL; - int i; - if (dc_gets(buffer, sizeof(buffer), fd) == NULL) + if (!dc_gets(buffer, sizeof(buffer), fd)) { auth_defer_msg = US"authentication socket read error or premature eof"; goto out; @@ -412,7 +420,7 @@ while (1) buffer[Ustrlen(buffer) - 1] = 0; HDEBUG(D_auth) debug_printf("received: %s\n", buffer); - nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0])); + nargs = strcut(buffer, args, nelem(args)); if (Uatoi(args[1]) != crequid) OUT("authentication socket connection id mismatch"); @@ -445,17 +453,14 @@ while (1) case 'F': CHECK_COMMAND("FAIL", 1, -1); - for (i=2; (i= 0) /* Expand server_condition as an authorization check */ return ret == OK ? auth_check_serv_cond(ablock) : ret; } + + +#endif /*!MACRO_PREDEF*/