src/src/auths/plaintext.c

   1 /*************************************************
   2 *     Exim - an Internet mail transport agent    *
   3 *************************************************/
   4
   5 /* Copyright (c) University of Cambridge 1995 - 2015 */
   6 /* See the file NOTICE for conditions of use and distribution. */
   7
   8 #include "../exim.h"
   9 #include "plaintext.h"
  10
  11
  12 /* Options specific to the plaintext authentication mechanism. */
  13
  14 optionlist auth_plaintext_options[] = {
  15   { "client_ignore_invalid_base64", opt_bool,
  16       (void *)(offsetof(auth_plaintext_options_block, client_ignore_invalid_base64)) },
  17   { "client_send",        opt_stringptr,
  18       (void *)(offsetof(auth_plaintext_options_block, client_send)) },
  19   { "server_prompts",     opt_stringptr,
  20       (void *)(offsetof(auth_plaintext_options_block, server_prompts)) }
  21 };
  22
  23 /* Size of the options list. An extern variable has to be used so that its
  24 address can appear in the tables drtables.c. */
  25
  26 int auth_plaintext_options_count =
  27   sizeof(auth_plaintext_options)/sizeof(optionlist);
  28
  29 /* Default private options block for the plaintext authentication method. */
  30
  31 auth_plaintext_options_block auth_plaintext_option_defaults = {
  32   NULL,              /* server_prompts */
  33   NULL,              /* client_send */
  34   FALSE              /* client_ignore_invalid_base64 */
  35 };
  36
  37
  38 #ifdef MACRO_PREDEF
  39
  40 /* Dummy values */
  41 void auth_plaintext_init(auth_instance *ablock) {}
  42 int auth_plaintext_server(auth_instance *ablock, uschar *data) {return 0;}
  43 int auth_plaintext_client(auth_instance *ablock, smtp_inblock *inblock,
  44   smtp_outblock *outblock, int timeout, uschar *buffer, int buffsize) {return 0;}
  45
  46 #else   /*!MACRO_PREDEF*/
  47
  48
  49
  50 /*************************************************
  51 *          Initialization entry point            *
  52 *************************************************/
  53
  54 /* Called for each instance, after its options have been read, to
  55 enable consistency checks to be done, or anything else that needs
  56 to be set up. */
  57
  58 void
  59 auth_plaintext_init(auth_instance *ablock)
  60 {
  61 auth_plaintext_options_block *ob =
  62   (auth_plaintext_options_block *)(ablock->options_block);
  63 if (ablock->public_name == NULL) ablock->public_name = ablock->name;
  64 if (ablock->server_condition != NULL) ablock->server = TRUE;
  65 if (ob->client_send != NULL) ablock->client = TRUE;
  66 }
  67
  68
  69
  70 /*************************************************
  71 *             Server entry point                 *
  72 *************************************************/
  73
  74 /* For interface, see auths/README */
  75
  76 int
  77 auth_plaintext_server(auth_instance *ablock, uschar *data)
  78 {
  79 auth_plaintext_options_block *ob =
  80   (auth_plaintext_options_block *)(ablock->options_block);
  81 const uschar *prompts = ob->server_prompts;
  82 uschar *clear, *end, *s;
  83 int number = 1;
  84 int len, rc;
  85 int sep = 0;
  86
  87 /* Expand a non-empty list of prompt strings */
  88
  89 if (prompts != NULL)
  90   {
  91   prompts = expand_cstring(prompts);
  92   if (prompts == NULL)
  93     {
  94     auth_defer_msg = expand_string_message;
  95     return DEFER;
  96     }
  97   }
  98
  99 /* If data was supplied on the AUTH command, decode it, and split it up into
 100 multiple items at binary zeros. The strings are put into $auth1, $auth2, etc,
 101 up to a maximum. To retain backwards compatibility, they are also put int $1,
 102 $2, etc. If the data consists of the string "=" it indicates a single, empty
 103 string. */
 104
 105 if (*data != 0)
 106   {
 107   if (Ustrcmp(data, "=") == 0)
 108     {
 109     auth_vars[0] = expand_nstring[++expand_nmax] = US"";
 110     expand_nlength[expand_nmax] = 0;
 111     }
 112   else
 113     {
 114     if ((len = b64decode(data, &clear)) < 0) return BAD64;
 115     end = clear + len;
 116     while (clear < end && expand_nmax < EXPAND_MAXN)
 117       {
 118       if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;
 119       expand_nstring[++expand_nmax] = clear;
 120       while (*clear != 0) clear++;
 121       expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
 122       }
 123     }
 124   }
 125
 126 /* Now go through the list of prompt strings. Skip over any whose data has
 127 already been provided as part of the AUTH command. For the rest, send them
 128 out as prompts, and get a data item back. If the data item is "*", abandon the
 129 authentication attempt. Otherwise, split it into items as above. */
 130
 131 while ((s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
 132         != NULL && expand_nmax < EXPAND_MAXN)
 133   {
 134   if (number++ <= expand_nmax) continue;
 135   if ((rc = auth_get_data(&data, s, Ustrlen(s))) != OK) return rc;
 136   if ((len = b64decode(data, &clear)) < 0) return BAD64;
 137   end = clear + len;
 138
 139   /* This loop must run at least once, in case the length is zero */
 140   do
 141     {
 142     if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;
 143     expand_nstring[++expand_nmax] = clear;
 144     while (*clear != 0) clear++;
 145     expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
 146     }
 147   while (clear < end && expand_nmax < EXPAND_MAXN);
 148   }
 149
 150 /* We now have a number of items of data in $auth1, $auth2, etc (and also, for
 151 compatibility, in $1, $2, etc). Authentication and authorization are handled
 152 together for this authenticator by expanding the server_condition option. Note
 153 that ablock->server_condition is always non-NULL because that's what configures
 154 this authenticator as a server. */
 155
 156 return auth_check_serv_cond(ablock);
 157 }
 158
 159
 160
 161 /*************************************************
 162 *              Client entry point                *
 163 *************************************************/
 164
 165 /* For interface, see auths/README */
 166
 167 int
 168 auth_plaintext_client(
 169   auth_instance *ablock,                 /* authenticator block */
 170   smtp_inblock *inblock,                 /* connection inblock */
 171   smtp_outblock *outblock,               /* connection outblock */
 172   int timeout,                           /* command timeout */
 173   uschar *buffer,                        /* buffer for reading response */
 174   int buffsize)                          /* size of buffer */
 175 {
 176 auth_plaintext_options_block *ob =
 177   (auth_plaintext_options_block *)(ablock->options_block);
 178 const uschar *text = ob->client_send;
 179 uschar *s;
 180 BOOL first = TRUE;
 181 int sep = 0;
 182 int auth_var_idx = 0;
 183
 184 /* The text is broken up into a number of different data items, which are
 185 sent one by one. The first one is sent with the AUTH command; the remainder are
 186 sent in response to subsequent prompts. Each is expanded before being sent. */
 187
 188 while ((s = string_nextinlist(&text, &sep, big_buffer, big_buffer_size)))
 189   {
 190   int i, len, clear_len;
 191   uschar *ss = expand_string(s);
 192   uschar *clear;
 193
 194   /* Forced expansion failure is not an error; authentication is abandoned. On
 195   all but the first string, we have to abandon the authentication attempt by
 196   sending a line containing "*". Save the failed expansion string, because it
 197   is in big_buffer, and that gets used by the sending function. */
 198
 199   if (!ss)
 200     {
 201     uschar *ssave = string_copy(s);
 202     if (!first)
 203       {
 204       if (smtp_write_command(outblock, SCMD_FLUSH, "*\r\n") >= 0)
 205         (void) smtp_read_response(inblock, US buffer, buffsize, '2', timeout);
 206       }
 207     if (expand_string_forcedfail)
 208       {
 209       *buffer = 0;       /* No message */
 210       return CANCELLED;
 211       }
 212     string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
 213       "authenticator: %s", ssave, ablock->name, expand_string_message);
 214     return ERROR;
 215     }
 216
 217   len = Ustrlen(ss);
 218
 219   /* The character ^ is used as an escape for a binary zero character, which is
 220   needed for the PLAIN mechanism. It must be doubled if really needed. */
 221
 222   for (i = 0; i < len; i++)
 223     if (ss[i] == '^')
 224       if (ss[i+1] != '^')
 225         ss[i] = 0;
 226       else
 227         {
 228         i++;
 229         len--;
 230         memmove(ss + i, ss + i + 1, len - i);
 231         }
 232
 233   /* The first string is attached to the AUTH command; others are sent
 234   unembellished. */
 235
 236   if (first)
 237     {
 238     first = FALSE;
 239     if (smtp_write_command(outblock, SCMD_FLUSH, "AUTH %s%s%s\r\n",
 240          ablock->public_name, (len == 0)? "" : " ",
 241          b64encode(ss, len)) < 0)
 242       return FAIL_SEND;
 243     }
 244   else
 245     {
 246     if (smtp_write_command(outblock, SCMD_FLUSH, "%s\r\n",
 247           b64encode(ss, len)) < 0)
 248       return FAIL_SEND;
 249     }
 250
 251   /* If we receive a success response from the server, authentication
 252   has succeeded. There may be more data to send, but is there any point
 253   in provoking an error here? */
 254
 255   if (smtp_read_response(inblock, US buffer, buffsize, '2', timeout)) return OK;
 256
 257   /* Not a success response. If errno != 0 there is some kind of transmission
 258   error. Otherwise, check the response code in the buffer. If it starts with
 259   '3', more data is expected. */
 260
 261   if (errno != 0 || buffer[0] != '3') return FAIL;
 262
 263   /* If there is no more data to send, we have to cancel the authentication
 264   exchange and return ERROR. */
 265
 266   if (text == NULL)
 267     {
 268     if (smtp_write_command(outblock, SCMD_FLUSH, "*\r\n") >= 0)
 269       (void)smtp_read_response(inblock, US buffer, buffsize, '2', timeout);
 270     string_format(buffer, buffsize, "Too few items in client_send in %s "
 271       "authenticator", ablock->name);
 272     return ERROR;
 273     }
 274
 275   /* Now that we know we'll continue, we put the received data into $auth<n>,
 276   if possible. First, decode it: buffer+4 skips over the SMTP status code. */
 277
 278   clear_len = b64decode(buffer+4, &clear);
 279
 280   /* If decoding failed, the default is to terminate the authentication, and
 281   return FAIL, with the SMTP response still in the buffer. However, if client_
 282   ignore_invalid_base64 is set, we ignore the error, and put an empty string
 283   into $auth<n>. */
 284
 285   if (clear_len < 0)
 286     {
 287     uschar *save_bad = string_copy(buffer);
 288     if (!ob->client_ignore_invalid_base64)
 289       {
 290       if (smtp_write_command(outblock, SCMD_FLUSH, "*\r\n") >= 0)
 291         (void)smtp_read_response(inblock, US buffer, buffsize, '2', timeout);
 292       string_format(buffer, buffsize, "Invalid base64 string in server "
 293         "response \"%s\"", save_bad);
 294       return CANCELLED;
 295       }
 296     clear = US"";
 297     clear_len = 0;
 298     }
 299
 300   if (auth_var_idx < AUTH_VARS)
 301     auth_vars[auth_var_idx++] = string_copy(clear);
 302   }
 303
 304 /* Control should never actually get here. */
 305
 306 return FAIL;
 307 }
 308
 309 #endif   /*!MACRO_PREDEF*/
 310 /* End of plaintext.c */