[exim.git] / src / src / auths / dovecot.c

/* $Cambridge: exim/src/src/auths/dovecot.c,v 1.2 2006/10/16 13:43:22 ph10 Exp $ */

/*
 * Copyright (c) 2004 Andrey Panin <pazke@donpac.ru>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published
 * by the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 */

#include "../exim.h"
#include "dovecot.h"

#define VERSION_MAJOR  1
#define VERSION_MINOR  0

/* Options specific to the authentication mechanism. */
optionlist auth_dovecot_options[] = {
       {
               "server_socket",
               opt_stringptr,
               (void *)(offsetof(auth_dovecot_options_block, server_socket))
       },
};

/* Size of the options list. An extern variable has to be used so that its
address can appear in the tables drtables.c. */
int auth_dovecot_options_count =
       sizeof(auth_dovecot_options) / sizeof(optionlist);

/* Default private options block for the authentication method. */
auth_dovecot_options_block auth_dovecot_option_defaults = {
       NULL,                           /* server_socket */
};

/*************************************************
 *          Initialization entry point           *
 *************************************************/

/* Called for each instance, after its options have been read, to
enable consistency checks to be done, or anything else that needs
to be set up. */
void auth_dovecot_init(auth_instance *ablock)
{
       auth_dovecot_options_block *ob =
               (auth_dovecot_options_block *)(ablock->options_block);

       if (ablock->public_name == NULL)
               ablock->public_name = ablock->name;
       if (ob->server_socket != NULL)
               ablock->server = TRUE;
       ablock->client = FALSE;
}

static int strcut(char *str, char **ptrs, int nptrs)
{
       char *tmp = str;
       int n;

       for (n = 0; n < nptrs; n++)
               ptrs[n] = NULL;
       n = 1;

       while (*str) {
               if (*str == '\t') {
                       if (n <= nptrs) {
                               *ptrs++ = tmp;
                               tmp = str + 1;
                               *str = 0;
                       }
                       n++;
               }
               str++;
       }

       if (n < nptrs)
               *ptrs = tmp;

       return n;
}

#define CHECK_COMMAND(str, arg_min, arg_max) do { \
       if (strcasecmp((str), args[0]) != 0) \
               goto out; \
       if (nargs - 1 < (arg_min)) \
               goto out; \
       if (nargs - 1 > (arg_max)) \
               goto out; \
} while (0)

#define OUT(msg) do { \
       auth_defer_msg = (US msg); \
       goto out; \
} while(0)


/*************************************************
 *             Server entry point                *
 *************************************************/

int auth_dovecot_server(auth_instance *ablock, uschar *data)
{
       auth_dovecot_options_block *ob =
               (auth_dovecot_options_block *)(ablock->options_block);
       struct sockaddr_un sa;
       char buffer[4096];
       char *args[8];
       uschar *auth_command;
       uschar *auth_extra_data = US"";
       int nargs, tmp;
       int cuid = 0, cont = 1, found = 0, fd, ret = DEFER;
       FILE *f;

       HDEBUG(D_auth) debug_printf("dovecot authentication\n");

       memset(&sa, 0, sizeof(sa));
       sa.sun_family = AF_UNIX;

       /* This was the original code here: it is nonsense because strncpy()
       does not return an integer. I have converted this to use the function
       that formats and checks length. PH */

       /*
       if (strncpy(sa.sun_path, ob->server_socket, sizeof(sa.sun_path)) < 0) {
       */

       if (!string_format(US sa.sun_path, sizeof(sa.sun_path), "%s",
                          ob->server_socket)) {
               auth_defer_msg = US"authentication socket path too long";
               return DEFER;
       }

       auth_defer_msg = US"authentication socket connection error";

       fd = socket(PF_UNIX, SOCK_STREAM, 0);
       if (fd < 0)
               return DEFER;

       if (connect(fd, (struct sockaddr *) &sa, sizeof(sa)) < 0)
               goto out;

       f = fdopen(fd, "a+");
       if (f == NULL)
               goto out;

       auth_defer_msg = US"authentication socket protocol error";

       while (cont) {
               if (fgets(buffer, sizeof(buffer), f) == NULL)
                       OUT("authentication socket read error or premature eof");

               buffer[strlen(buffer) - 1] = 0;
               HDEBUG(D_auth) debug_printf("received: %s\n", buffer);
               nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0]));

               switch (toupper(*args[0])) {
               case 'C':
                       CHECK_COMMAND("CUID", 1, 1);
                       cuid = atoi(args[1]);
                       break;

               case 'D':
                       CHECK_COMMAND("DONE", 0, 0);
                       cont = 0;
                       break;

               case 'M':
                       CHECK_COMMAND("MECH", 1, INT_MAX);
                       if (strcmpic(US args[1], ablock->public_name) == 0)
                               found = 1;
                       break;

               case 'S':
                       CHECK_COMMAND("SPID", 1, 1);
                       break;

               case 'V':
                       CHECK_COMMAND("VERSION", 2, 2);
                       if (atoi(args[1]) != VERSION_MAJOR)
                               OUT("authentication socket protocol version mismatch");
                       break;

               default:
                       goto out;
               }
       }

       if (!found)
               goto out;

       /* Added by PH: data must not contain tab (as it is
       b64 it shouldn't, but check for safety). */

       if (Ustrchr(data, '\t') != NULL) {
               ret = FAIL;
               goto out;
       }

       /* Added by PH: extra fields when TLS is in use or if the TCP/IP
       connection is local. */

       if (tls_cipher != NULL)
               auth_extra_data = string_sprintf("secured\t%s%s",
                   tls_certificate_verified? "valid-client-cert" : "",
                   tls_certificate_verified? "\t" : "");
       else if (Ustrcmp(sender_host_address, interface_address) == 0)
               auth_extra_data = US"secured\t";


/****************************************************************************
   The code below was the original code here. It didn't work. A reading of the
   file auth-protocol.txt.gz that came with Dovecot 1.0_beta8 indicated that
   this was not right. Maybe something changed. I changed it to move the
   service indication into the AUTH command, and it seems to be better. PH

       fprintf(f, "VERSION\t%d\t%d\r\nSERVICE\tSMTP\r\nCPID\t%d\r\n"
               "AUTH\t%d\t%s\trip=%s\tlip=%s\tresp=%s\r\n",
               VERSION_MAJOR, VERSION_MINOR, getpid(), cuid,
               ablock->public_name, sender_host_address, interface_address,
               data ? (char *) data : "");

   Subsequently, the command was modified to add "secured" and "valid-client-
   cert" when relevant.
****************************************************************************/

       auth_command = string_sprintf("VERSION\t%d\t%d\nCPID\t%d\n"
               "AUTH\t%d\t%s\tservice=smtp\t%srip=%s\tlip=%s\tresp=%s\n",
               VERSION_MAJOR, VERSION_MINOR, getpid(), cuid,
               ablock->public_name, auth_extra_data, sender_host_address,
               interface_address, data ? (char *) data : "");

       fprintf(f, "%s", auth_command);
       HDEBUG(D_auth) debug_printf("sent: %s", auth_command);

       while (1) {
               if (fgets(buffer, sizeof(buffer), f) == NULL) {
                       auth_defer_msg = US"authentication socket read error or premature eof";
                       goto out;
               }

               buffer[strlen(buffer) - 1] = 0;
               HDEBUG(D_auth) debug_printf("received: %s\n", buffer);
               nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0]));

               if (atoi(args[1]) != cuid)
                       OUT("authentication socket connection id mismatch");

               switch (toupper(*args[0])) {
               case 'C':
                       CHECK_COMMAND("CONT", 1, 2);

                       tmp = auth_get_no64_data(&data, US args[2]);
                       if (tmp != OK) {
                               ret = tmp;
                               goto out;
                       }

                       /* Added by PH: data must not contain tab (as it is
                       b64 it shouldn't, but check for safety). */

                       if (Ustrchr(data, '\t') != NULL) {
                               ret = FAIL;
                               goto out;
                       }

                       if (fprintf(f, "CONT\t%d\t%s\r\n", cuid, data) < 0)
                               OUT("authentication socket write error");

                       break;

               case 'F':
                       CHECK_COMMAND("FAIL", 1, 2);

                       /* FIXME: add proper response handling */
                       if (args[2]) {
                               uschar *p = US strchr(args[2], '=');
                               if (p) {
                                       ++p;
                                       expand_nstring[1] = auth_vars[0] = p;
                                       expand_nlength[1] = Ustrlen(p);
                                       expand_nmax = 1;
                               }
                       }

                       ret = FAIL;
                       goto out;

               case 'O':
                       CHECK_COMMAND("OK", 2, 2);
                       {
                               /* FIXME: add proper response handling */
                               uschar *p = US strchr(args[2], '=');
                               if (!p)
                                       OUT("authentication socket protocol error, username missing");

                               p++;
                               expand_nstring[1] = auth_vars[0] = p;
                               expand_nlength[1] = Ustrlen(p);
                               expand_nmax = 1;
                       }
                       ret = OK;
                       /* fallthrough */

               default:
                       goto out;
               }
       }

out:   close(fd);
       return ret;
}
Commit	Line	Data
7befa435	1	/* $Cambridge: exim/src/src/auths/dovecot.c,v 1.2 2006/10/16 13:43:22 ph10 Exp $ */
14aa5a05 PH	2
	3	/*
	4	* Copyright (c) 2004 Andrey Panin <pazke@donpac.ru>
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published
	8	* by the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
	10	*/
	11
	12	#include "../exim.h"
	13	#include "dovecot.h"
	14
	15	#define VERSION_MAJOR 1
	16	#define VERSION_MINOR 0
	17
	18	/* Options specific to the authentication mechanism. */
	19	optionlist auth_dovecot_options[] = {
	20	{
	21	"server_socket",
	22	opt_stringptr,
	23	(void *)(offsetof(auth_dovecot_options_block, server_socket))
	24	},
	25	};
	26
	27	/* Size of the options list. An extern variable has to be used so that its
	28	address can appear in the tables drtables.c. */
	29	int auth_dovecot_options_count =
	30	sizeof(auth_dovecot_options) / sizeof(optionlist);
	31
	32	/* Default private options block for the authentication method. */
	33	auth_dovecot_options_block auth_dovecot_option_defaults = {
	34	NULL, /* server_socket */
	35	};
	36
	37	/*************************************************
	38	* Initialization entry point *
	39	*************************************************/
	40
	41	/* Called for each instance, after its options have been read, to
	42	enable consistency checks to be done, or anything else that needs
	43	to be set up. */
	44	void auth_dovecot_init(auth_instance *ablock)
	45	{
	46	auth_dovecot_options_block *ob =
	47	(auth_dovecot_options_block *)(ablock->options_block);
	48
	49	if (ablock->public_name == NULL)
	50	ablock->public_name = ablock->name;
	51	if (ob->server_socket != NULL)
	52	ablock->server = TRUE;
	53	ablock->client = FALSE;
	54	}
	55
	56	static int strcut(char str, char *ptrs, int nptrs)
	57	{
	58	char *tmp = str;
	59	int n;
	60
	61	for (n = 0; n < nptrs; n++)
	62	ptrs[n] = NULL;
	63	n = 1;
	64
	65	while (*str) {
66	if (*str == '\t') {
67	if (n <= nptrs) {
68	*ptrs++ = tmp;
69	tmp = str + 1;
70	*str = 0;
71	}
72	n++;
73	}
74	str++;
75	}
76
77	if (n < nptrs)
78	*ptrs = tmp;
79
80	return n;
81	}
82
83	#define CHECK_COMMAND(str, arg_min, arg_max) do { \
84	if (strcasecmp((str), args[0]) != 0) \
85	goto out; \
86	if (nargs - 1 < (arg_min)) \
87	goto out; \
88	if (nargs - 1 > (arg_max)) \
89	goto out; \
90	} while (0)
91
92	#define OUT(msg) do { \
93	auth_defer_msg = (US msg); \
94	goto out; \
95	} while(0)
96
7befa435 PH	97
7befa435 PH	98
14aa5a05 PH	99	/*************************************************
	100	* Server entry point *
	101	*************************************************/
	102
	103	int auth_dovecot_server(auth_instance ablock, uschar data)
	104	{
	105	auth_dovecot_options_block *ob =
	106	(auth_dovecot_options_block *)(ablock->options_block);
	107	struct sockaddr_un sa;
	108	char buffer[4096];
	109	char *args[8];
7befa435 PH	110	uschar *auth_command;
7befa435 PH	111	uschar *auth_extra_data = US"";
14aa5a05 PH	112	int nargs, tmp;
	113	int cuid = 0, cont = 1, found = 0, fd, ret = DEFER;
	114	FILE *f;
	115
	116	HDEBUG(D_auth) debug_printf("dovecot authentication\n");
	117
	118	memset(&sa, 0, sizeof(sa));
	119	sa.sun_family = AF_UNIX;
	120
	121	/* This was the original code here: it is nonsense because strncpy()
	122	does not return an integer. I have converted this to use the function
	123	that formats and checks length. PH */
	124
	125	/*
	126	if (strncpy(sa.sun_path, ob->server_socket, sizeof(sa.sun_path)) < 0) {
	127	*/
	128
	129	if (!string_format(US sa.sun_path, sizeof(sa.sun_path), "%s",
	130	ob->server_socket)) {
	131	auth_defer_msg = US"authentication socket path too long";
	132	return DEFER;
	133	}
	134
	135	auth_defer_msg = US"authentication socket connection error";
	136
	137	fd = socket(PF_UNIX, SOCK_STREAM, 0);
	138	if (fd < 0)
	139	return DEFER;
	140
	141	if (connect(fd, (struct sockaddr *) &sa, sizeof(sa)) < 0)
	142	goto out;
	143
	144	f = fdopen(fd, "a+");
	145	if (f == NULL)
	146	goto out;
	147
	148	auth_defer_msg = US"authentication socket protocol error";
	149
	150	while (cont) {
	151	if (fgets(buffer, sizeof(buffer), f) == NULL)
	152	OUT("authentication socket read error or premature eof");
	153
	154	buffer[strlen(buffer) - 1] = 0;
	155	HDEBUG(D_auth) debug_printf("received: %s\n", buffer);
	156	nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0]));
	157
	158	switch (toupper(*args[0])) {
	159	case 'C':
	160	CHECK_COMMAND("CUID", 1, 1);
	161	cuid = atoi(args[1]);
	162	break;
	163
	164	case 'D':
	165	CHECK_COMMAND("DONE", 0, 0);
	166	cont = 0;
	167	break;
	168
	169	case 'M':
	170	CHECK_COMMAND("MECH", 1, INT_MAX);
	171	if (strcmpic(US args[1], ablock->public_name) == 0)
	172	found = 1;
	173	break;
	174
	175	case 'S':
176	CHECK_COMMAND("SPID", 1, 1);
177	break;
178
179	case 'V':
180	CHECK_COMMAND("VERSION", 2, 2);
181	if (atoi(args[1]) != VERSION_MAJOR)
182	OUT("authentication socket protocol version mismatch");
183	break;
184
185	default:
186	goto out;
187	}
188	}
189
190	if (!found)
191	goto out;
192
7befa435 PH	193	/* Added by PH: data must not contain tab (as it is
	194	b64 it shouldn't, but check for safety). */
	195
	196	if (Ustrchr(data, '\t') != NULL) {
	197	ret = FAIL;
	198	goto out;
	199	}
	200
	201	/* Added by PH: extra fields when TLS is in use or if the TCP/IP
	202	connection is local. */
	203
	204	if (tls_cipher != NULL)
	205	auth_extra_data = string_sprintf("secured\t%s%s",
	206	tls_certificate_verified? "valid-client-cert" : "",
	207	tls_certificate_verified? "\t" : "");
	208	else if (Ustrcmp(sender_host_address, interface_address) == 0)
	209	auth_extra_data = US"secured\t";
	210
14aa5a05 PH	211
	212	/****************************************************************************
	213	The code below was the original code here. It didn't work. A reading of the
	214	file auth-protocol.txt.gz that came with Dovecot 1.0_beta8 indicated that
7befa435 PH	215	this was not right. Maybe something changed. I changed it to move the
7befa435 PH	216	service indication into the AUTH command, and it seems to be better. PH
14aa5a05 PH	217
	218	fprintf(f, "VERSION\t%d\t%d\r\nSERVICE\tSMTP\r\nCPID\t%d\r\n"
	219	"AUTH\t%d\t%s\trip=%s\tlip=%s\tresp=%s\r\n",
	220	VERSION_MAJOR, VERSION_MINOR, getpid(), cuid,
	221	ablock->public_name, sender_host_address, interface_address,
	222	data ? (char *) data : "");
7befa435 PH	223
	224	Subsequently, the command was modified to add "secured" and "valid-client-
	225	cert" when relevant.
14aa5a05 PH	226	****************************************************************************/
14aa5a05 PH	227
7befa435 PH	228	auth_command = string_sprintf("VERSION\t%d\t%d\nCPID\t%d\n"
7befa435 PH	229	"AUTH\t%d\t%s\tservice=smtp\t%srip=%s\tlip=%s\tresp=%s\n",
14aa5a05	230	VERSION_MAJOR, VERSION_MINOR, getpid(), cuid,
7befa435 PH	231	ablock->public_name, auth_extra_data, sender_host_address,
7befa435 PH	232	interface_address, data ? (char *) data : "");
14aa5a05	233
7befa435 PH	234	fprintf(f, "%s", auth_command);
7befa435 PH	235	HDEBUG(D_auth) debug_printf("sent: %s", auth_command);
14aa5a05 PH	236
	237	while (1) {
	238	if (fgets(buffer, sizeof(buffer), f) == NULL) {
	239	auth_defer_msg = US"authentication socket read error or premature eof";
	240	goto out;
	241	}
	242
	243	buffer[strlen(buffer) - 1] = 0;
	244	HDEBUG(D_auth) debug_printf("received: %s\n", buffer);
	245	nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0]));
	246
	247	if (atoi(args[1]) != cuid)
	248	OUT("authentication socket connection id mismatch");
	249
	250	switch (toupper(*args[0])) {
	251	case 'C':
	252	CHECK_COMMAND("CONT", 1, 2);
	253
	254	tmp = auth_get_no64_data(&data, US args[2]);
	255	if (tmp != OK) {
	256	ret = tmp;
	257	goto out;
	258	}
	259
7befa435 PH	260	/* Added by PH: data must not contain tab (as it is
	261	b64 it shouldn't, but check for safety). */
	262
	263	if (Ustrchr(data, '\t') != NULL) {
	264	ret = FAIL;
	265	goto out;
	266	}
	267
14aa5a05 PH	268	if (fprintf(f, "CONT\t%d\t%s\r\n", cuid, data) < 0)
	269	OUT("authentication socket write error");
	270
	271	break;
	272
	273	case 'F':
	274	CHECK_COMMAND("FAIL", 1, 2);
	275
	276	/* FIXME: add proper response handling */
	277	if (args[2]) {
	278	uschar *p = US strchr(args[2], '=');
	279	if (p) {
	280	++p;
	281	expand_nstring[1] = auth_vars[0] = p;
	282	expand_nlength[1] = Ustrlen(p);
	283	expand_nmax = 1;
	284	}
	285	}
	286
	287	ret = FAIL;
	288	goto out;
	289
	290	case 'O':
	291	CHECK_COMMAND("OK", 2, 2);
	292	{
	293	/* FIXME: add proper response handling */
	294	uschar *p = US strchr(args[2], '=');
	295	if (!p)
	296	OUT("authentication socket protocol error, username missing");
	297
	298	p++;
	299	expand_nstring[1] = auth_vars[0] = p;
	300	expand_nlength[1] = Ustrlen(p);
	301	expand_nmax = 1;
	302	}
	303	ret = OK;
	304	/* fallthrough */
	305
	306	default:
	307	goto out;
	308	}
	309	}
	310
	311	out: close(fd);
	312	return ret;
	313	}