[exim.git] / src / src / auths / call_pwcheck.c

/*************************************************
*     Exim - an Internet mail transport agent    *
*************************************************/

/* Copyright (c) University of Cambridge 1995 - 2015 */
/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */

/* This module contains interface functions to the two Cyrus authentication
daemons. The original one was "pwcheck", which gives its name to the source
file. This is now deprecated in favour of "saslauthd". */


#include "../exim.h"
#include "pwcheck.h"


/*************************************************
*      External entry point for pwcheck          *
*************************************************/

/* This function calls the now-deprecated "pwcheck" Cyrus-SASL authentication
daemon, passing over a colon-separated user name and password. As this is
called from the string expander, the string will always be in dynamic store and
can be overwritten.

Arguments:
  s        a colon-separated username:password string
  errptr   where to point an error message

Returns:   OK if authentication succeeded
           FAIL if authentication failed
           ERROR some other error condition
*/

int
auth_call_pwcheck(uschar *s, uschar **errptr)
{
uschar *reply = NULL;
uschar *pw = Ustrrchr(s, ':');

if (pw == NULL)
  {
  *errptr = US"pwcheck: malformed input - missing colon";
  return ERROR;
  }

*pw++ = 0;   /* Separate user and password */

DEBUG(D_auth)
  debug_printf("Running pwcheck authentication for user \"%s\"\n", s);

switch (pwcheck_verify_password(CS s, CS pw, CCSS &reply))
  {
  case PWCHECK_OK:
  DEBUG(D_auth) debug_printf("pwcheck: success (%s)\n", reply);
  return OK;

  case PWCHECK_NO:
  DEBUG(D_auth) debug_printf("pwcheck: access denied (%s)\n", reply);
  return FAIL;

  default:
  DEBUG(D_auth) debug_printf("pwcheck: query failed (%s)\n", reply);
  *errptr = reply;
  return ERROR;
  }
}


/*************************************************
*       External entry point for pwauthd         *
*************************************************/

/* This function calls the "saslauthd" Cyrus-SASL authentication daemon,
saslauthd, As this is called from the string expander, all the strings will
always be in dynamic store and can be overwritten.

Arguments:
  username        username
  password        password
  service         optional service
  realm           optional realm
  errptr          where to point an error message

Returns:   OK if authentication succeeded
           FAIL if authentication failed
           ERROR some other error condition
*/

int
auth_call_saslauthd(const uschar *username, const uschar *password,
  const uschar *service, const uschar *realm, uschar **errptr)
{
uschar *reply = NULL;

if (service == NULL) service = US"";
if (realm == NULL) realm = US"";

DEBUG(D_auth)
  debug_printf("Running saslauthd authentication for user \"%s\" \n", username);

switch (saslauthd_verify_password(username, password, service,
        realm, (const uschar **)(&reply)))
  {
  case PWCHECK_OK:
  DEBUG(D_auth) debug_printf("saslauthd: success (%s)\n", reply);
  return OK;

  case PWCHECK_NO:
  DEBUG(D_auth) debug_printf("saslauthd: access denied (%s)\n", reply);
  return FAIL;

  default:
  DEBUG(D_auth) debug_printf("saslauthd: query failed (%s)\n", reply);
  *errptr = reply;
  return ERROR;
  }
}

/* End of call_pwcheck.c */
Commit	Line	Data
	1	/*************************************************
	2	* Exim - an Internet mail transport agent *
	3	*************************************************/
	4
	5	/* Copyright (c) University of Cambridge 1995 - 2015 */
	6	/* Copyright (c) The Exim Maintainers 2020 */
	7	/* See the file NOTICE for conditions of use and distribution. */
	8
	9	/* This module contains interface functions to the two Cyrus authentication
	10	daemons. The original one was "pwcheck", which gives its name to the source
	11	file. This is now deprecated in favour of "saslauthd". */
	12
	13
	14	#include "../exim.h"
	15	#include "pwcheck.h"
	16
	17
	18	/*************************************************
	19	* External entry point for pwcheck *
	20	*************************************************/
	21
	22	/* This function calls the now-deprecated "pwcheck" Cyrus-SASL authentication
	23	daemon, passing over a colon-separated user name and password. As this is
	24	called from the string expander, the string will always be in dynamic store and
	25	can be overwritten.
	26
	27	Arguments:
	28	s a colon-separated username:password string
	29	errptr where to point an error message
	30
	31	Returns: OK if authentication succeeded
	32	FAIL if authentication failed
	33	ERROR some other error condition
	34	*/
	35
	36	int
	37	auth_call_pwcheck(uschar s, uschar *errptr)
	38	{
	39	uschar *reply = NULL;
	40	uschar *pw = Ustrrchr(s, ':');
	41
	42	if (pw == NULL)
	43	{
	44	*errptr = US"pwcheck: malformed input - missing colon";
	45	return ERROR;
	46	}
	47
	48	pw++ = 0; / Separate user and password */
	49
	50	DEBUG(D_auth)
	51	debug_printf("Running pwcheck authentication for user \"%s\"\n", s);
	52
	53	switch (pwcheck_verify_password(CS s, CS pw, CCSS &reply))
	54	{
	55	case PWCHECK_OK:
	56	DEBUG(D_auth) debug_printf("pwcheck: success (%s)\n", reply);
	57	return OK;
	58
	59	case PWCHECK_NO:
	60	DEBUG(D_auth) debug_printf("pwcheck: access denied (%s)\n", reply);
	61	return FAIL;
	62
	63	default:
	64	DEBUG(D_auth) debug_printf("pwcheck: query failed (%s)\n", reply);
	65	*errptr = reply;
	66	return ERROR;
	67	}
	68	}
	69
	70
	71	/*************************************************
	72	* External entry point for pwauthd *
	73	*************************************************/
	74
	75	/* This function calls the "saslauthd" Cyrus-SASL authentication daemon,
	76	saslauthd, As this is called from the string expander, all the strings will
	77	always be in dynamic store and can be overwritten.
	78
	79	Arguments:
	80	username username
	81	password password
	82	service optional service
	83	realm optional realm
	84	errptr where to point an error message
	85
	86	Returns: OK if authentication succeeded
	87	FAIL if authentication failed
	88	ERROR some other error condition
	89	*/
	90
	91	int
	92	auth_call_saslauthd(const uschar username, const uschar password,
	93	const uschar service, const uschar realm, uschar **errptr)
	94	{
	95	uschar *reply = NULL;
	96
	97	if (service == NULL) service = US"";
	98	if (realm == NULL) realm = US"";
	99
	100	DEBUG(D_auth)
	101	debug_printf("Running saslauthd authentication for user \"%s\" \n", username);
	102
	103	switch (saslauthd_verify_password(username, password, service,
	104	realm, (const uschar **)(&reply)))
	105	{
	106	case PWCHECK_OK:
	107	DEBUG(D_auth) debug_printf("saslauthd: success (%s)\n", reply);
	108	return OK;
	109
	110	case PWCHECK_NO:
	111	DEBUG(D_auth) debug_printf("saslauthd: access denied (%s)\n", reply);
	112	return FAIL;
	113
	114	default:
	115	DEBUG(D_auth) debug_printf("saslauthd: query failed (%s)\n", reply);
	116	*errptr = reply;
	117	return ERROR;
	118	}
	119	}
	120
	121	/* End of call_pwcheck.c */