[exim.git] / src / src / auths / plaintext.c

/*************************************************
*     Exim - an Internet mail transport agent    *
*************************************************/

/* Copyright (c) University of Cambridge 1995 - 2018 */
/* See the file NOTICE for conditions of use and distribution. */

#include "../exim.h"
#include "plaintext.h"


/* Options specific to the plaintext authentication mechanism. */

optionlist auth_plaintext_options[] = {
  { "client_ignore_invalid_base64", opt_bool,
      (void *)(offsetof(auth_plaintext_options_block, client_ignore_invalid_base64)) },
  { "client_send",        opt_stringptr,
      (void *)(offsetof(auth_plaintext_options_block, client_send)) },
  { "server_prompts",     opt_stringptr,
      (void *)(offsetof(auth_plaintext_options_block, server_prompts)) }
};

/* Size of the options list. An extern variable has to be used so that its
address can appear in the tables drtables.c. */

int auth_plaintext_options_count =
  sizeof(auth_plaintext_options)/sizeof(optionlist);

/* Default private options block for the plaintext authentication method. */

auth_plaintext_options_block auth_plaintext_option_defaults = {
  NULL,              /* server_prompts */
  NULL,              /* client_send */
  FALSE              /* client_ignore_invalid_base64 */
};


#ifdef MACRO_PREDEF

/* Dummy values */
void auth_plaintext_init(auth_instance *ablock) {}
int auth_plaintext_server(auth_instance *ablock, uschar *data) {return 0;}
int auth_plaintext_client(auth_instance *ablock, void * sx, int timeout,
    uschar *buffer, int buffsize) {return 0;}

#else   /*!MACRO_PREDEF*/


/*************************************************
*          Initialization entry point            *
*************************************************/

/* Called for each instance, after its options have been read, to
enable consistency checks to be done, or anything else that needs
to be set up. */

void
auth_plaintext_init(auth_instance *ablock)
{
auth_plaintext_options_block *ob =
  (auth_plaintext_options_block *)(ablock->options_block);
if (ablock->public_name == NULL) ablock->public_name = ablock->name;
if (ablock->server_condition != NULL) ablock->server = TRUE;
if (ob->client_send != NULL) ablock->client = TRUE;
}


/*************************************************
*             Server entry point                 *
*************************************************/

/* For interface, see auths/README */

int
auth_plaintext_server(auth_instance * ablock, uschar * data)
{
auth_plaintext_options_block * ob =
  (auth_plaintext_options_block *)(ablock->options_block);
const uschar * prompts = ob->server_prompts;
uschar * s;
int number = 1;
int rc;
int sep = 0;

/* Expand a non-empty list of prompt strings */

if (prompts)
  if (!(prompts = expand_cstring(prompts)))
    {
    auth_defer_msg = expand_string_message;
    return DEFER;
    }

/* If data was supplied on the AUTH command, decode it, and split it up into
multiple items at binary zeros. The strings are put into $auth1, $auth2, etc,
up to a maximum. To retain backwards compatibility, they are also put int $1,
$2, etc. If the data consists of the string "=" it indicates a single, empty
string. */

if (*data)
  if ((rc = auth_read_input(data)) != OK)
    return rc;

/* Now go through the list of prompt strings. Skip over any whose data has
already been provided as part of the AUTH command. For the rest, send them
out as prompts, and get a data item back. If the data item is "*", abandon the
authentication attempt. Otherwise, split it into items as above. */

while (  (s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
      && expand_nmax < EXPAND_MAXN)
  if (number++ > expand_nmax)
    if ((rc = auth_prompt(CUS s)) != OK)
      return rc;

/* We now have a number of items of data in $auth1, $auth2, etc (and also, for
compatibility, in $1, $2, etc). Authentication and authorization are handled
together for this authenticator by expanding the server_condition option. Note
that ablock->server_condition is always non-NULL because that's what configures
this authenticator as a server. */

return auth_check_serv_cond(ablock);
}


/*************************************************
*              Client entry point                *
*************************************************/

/* For interface, see auths/README */

int
auth_plaintext_client(
  auth_instance *ablock,                 /* authenticator block */
  void * sx,				 /* smtp connextion */
  int timeout,                           /* command timeout */
  uschar *buffer,                        /* buffer for reading response */
  int buffsize)                          /* size of buffer */
{
auth_plaintext_options_block *ob =
  (auth_plaintext_options_block *)(ablock->options_block);
const uschar * text = ob->client_send;
const uschar * s;
int sep = 0;
int auth_var_idx = 0, rc;
int flags = AUTH_ITEM_FIRST;

if (ob->client_ignore_invalid_base64)
  flags |= AUTH_ITEM_IGN64;

/* The text is broken up into a number of different data items, which are
sent one by one. The first one is sent with the AUTH command; the remainder are
sent in response to subsequent prompts. Each is expanded before being sent. */

while ((s = string_nextinlist(&text, &sep, NULL, 0)))
  {
  if (!text)
    flags |= AUTH_ITEM_LAST;

  if ((rc = auth_client_item(sx, ablock, &s, flags, timeout, buffer, buffsize))
       != DEFER)
    return rc;

  flags &= ~AUTH_ITEM_FIRST;

  if (auth_var_idx < AUTH_VARS)
    auth_vars[auth_var_idx++] = string_copy(s);
  }

/* Control should never actually get here. */

return FAIL;
}

#endif   /*!MACRO_PREDEF*/
/* End of plaintext.c */
Commit	Line	Data
0756eb3c PH	1	/*************************************************
	2	* Exim - an Internet mail transport agent *
	3	*************************************************/
	4
f9ba5e22	5	/* Copyright (c) University of Cambridge 1995 - 2018 */
0756eb3c PH	6	/* See the file NOTICE for conditions of use and distribution. */
	7
	8	#include "../exim.h"
	9	#include "plaintext.h"
	10
	11
	12	/* Options specific to the plaintext authentication mechanism. */
	13
	14	optionlist auth_plaintext_options[] = {
4730f942 PH	15	{ "client_ignore_invalid_base64", opt_bool,
4730f942 PH	16	(void *)(offsetof(auth_plaintext_options_block, client_ignore_invalid_base64)) },
0756eb3c PH	17	{ "client_send", opt_stringptr,
0756eb3c PH	18	(void *)(offsetof(auth_plaintext_options_block, client_send)) },
0756eb3c PH	19	{ "server_prompts", opt_stringptr,
	20	(void *)(offsetof(auth_plaintext_options_block, server_prompts)) }
	21	};
	22
	23	/* Size of the options list. An extern variable has to be used so that its
	24	address can appear in the tables drtables.c. */
	25
	26	int auth_plaintext_options_count =
	27	sizeof(auth_plaintext_options)/sizeof(optionlist);
	28
	29	/* Default private options block for the plaintext authentication method. */
	30
	31	auth_plaintext_options_block auth_plaintext_option_defaults = {
0756eb3c	32	NULL, /* server_prompts */
4730f942 PH	33	NULL, /* client_send */
4730f942 PH	34	FALSE /* client_ignore_invalid_base64 */
0756eb3c PH	35	};
	36
	37
d185889f JH	38	#ifdef MACRO_PREDEF
	39
	40	/* Dummy values */
	41	void auth_plaintext_init(auth_instance *ablock) {}
	42	int auth_plaintext_server(auth_instance ablock, uschar data) {return 0;}
251b9eb4 JH	43	int auth_plaintext_client(auth_instance ablock, void sx, int timeout,
251b9eb4 JH	44	uschar *buffer, int buffsize) {return 0;}
d185889f JH	45
	46	#else /!MACRO_PREDEF/
	47
	48
	49
0756eb3c PH	50	/*************************************************
	51	* Initialization entry point *
	52	*************************************************/
	53
	54	/* Called for each instance, after its options have been read, to
	55	enable consistency checks to be done, or anything else that needs
	56	to be set up. */
	57
	58	void
	59	auth_plaintext_init(auth_instance *ablock)
	60	{
	61	auth_plaintext_options_block *ob =
	62	(auth_plaintext_options_block *)(ablock->options_block);
	63	if (ablock->public_name == NULL) ablock->public_name = ablock->name;
16ff981e	64	if (ablock->server_condition != NULL) ablock->server = TRUE;
0756eb3c PH	65	if (ob->client_send != NULL) ablock->client = TRUE;
	66	}
	67
	68
	69
	70	/*************************************************
	71	* Server entry point *
	72	*************************************************/
	73
	74	/* For interface, see auths/README */
	75
	76	int
dca6d121	77	auth_plaintext_server(auth_instance * ablock, uschar * data)
0756eb3c	78	{
dca6d121	79	auth_plaintext_options_block * ob =
0756eb3c	80	(auth_plaintext_options_block *)(ablock->options_block);
dca6d121 JH	81	const uschar * prompts = ob->server_prompts;
dca6d121 JH	82	uschar * s;
0756eb3c	83	int number = 1;
dca6d121	84	int rc;
0756eb3c PH	85	int sep = 0;
	86
	87	/* Expand a non-empty list of prompt strings */
	88
37942ad8 JH	89	if (prompts)
37942ad8 JH	90	if (!(prompts = expand_cstring(prompts)))
0756eb3c PH	91	{
	92	auth_defer_msg = expand_string_message;
	93	return DEFER;
	94	}
0756eb3c PH	95
0756eb3c PH	96	/* If data was supplied on the AUTH command, decode it, and split it up into
f78eb7c6 PH	97	multiple items at binary zeros. The strings are put into $auth1, $auth2, etc,
	98	up to a maximum. To retain backwards compatibility, they are also put int $1,
	99	$2, etc. If the data consists of the string "=" it indicates a single, empty
	100	string. */
0756eb3c	101
37942ad8 JH	102	if (*data)
	103	if ((rc = auth_read_input(data)) != OK)
	104	return rc;
0756eb3c PH	105
	106	/* Now go through the list of prompt strings. Skip over any whose data has
	107	already been provided as part of the AUTH command. For the rest, send them
	108	out as prompts, and get a data item back. If the data item is "*", abandon the
	109	authentication attempt. Otherwise, split it into items as above. */
	110
37942ad8 JH	111	while ( (s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
	112	&& expand_nmax < EXPAND_MAXN)
	113	if (number++ > expand_nmax)
	114	if ((rc = auth_prompt(CUS s)) != OK)
	115	return rc;
0756eb3c	116
f78eb7c6	117	/* We now have a number of items of data in $auth1, $auth2, etc (and also, for
16ff981e PH	118	compatibility, in $1, $2, etc). Authentication and authorization are handled
	119	together for this authenticator by expanding the server_condition option. Note
	120	that ablock->server_condition is always non-NULL because that's what configures
	121	this authenticator as a server. */
0756eb3c	122
16ff981e	123	return auth_check_serv_cond(ablock);
0756eb3c PH	124	}
	125
	126
	127
	128	/*************************************************
	129	* Client entry point *
	130	*************************************************/
	131
	132	/* For interface, see auths/README */
	133
	134	int
	135	auth_plaintext_client(
	136	auth_instance ablock, / authenticator block */
251b9eb4	137	void * sx, /* smtp connextion */
0756eb3c PH	138	int timeout, /* command timeout */
	139	uschar buffer, / buffer for reading response */
	140	int buffsize) /* size of buffer */
	141	{
	142	auth_plaintext_options_block *ob =
	143	(auth_plaintext_options_block *)(ablock->options_block);
37942ad8 JH	144	const uschar * text = ob->client_send;
37942ad8 JH	145	const uschar * s;
0756eb3c	146	int sep = 0;
37942ad8 JH	147	int auth_var_idx = 0, rc;
	148	int flags = AUTH_ITEM_FIRST;
	149
	150	if (ob->client_ignore_invalid_base64)
	151	flags \|= AUTH_ITEM_IGN64;
0756eb3c PH	152
	153	/* The text is broken up into a number of different data items, which are
	154	sent one by one. The first one is sent with the AUTH command; the remainder are
	155	sent in response to subsequent prompts. Each is expanded before being sent. */
	156
37942ad8	157	while ((s = string_nextinlist(&text, &sep, NULL, 0)))
0756eb3c	158	{
251b9eb4	159	if (!text)
37942ad8	160	flags \|= AUTH_ITEM_LAST;
4730f942	161
37942ad8 JH	162	if ((rc = auth_client_item(sx, ablock, &s, flags, timeout, buffer, buffsize))
	163	!= DEFER)
	164	return rc;
4730f942	165
37942ad8	166	flags &= ~AUTH_ITEM_FIRST;
4730f942 PH	167
4730f942 PH	168	if (auth_var_idx < AUTH_VARS)
37942ad8	169	auth_vars[auth_var_idx++] = string_copy(s);
0756eb3c PH	170	}
	171
	172	/* Control should never actually get here. */
	173
	174	return FAIL;
	175	}
	176
d185889f	177	#endif /!MACRO_PREDEF/
0756eb3c	178	/* End of plaintext.c */