Add server_condition to all authenticators, to allow for additional
[exim.git] / src / src / auths / plaintext.c
1 /* $Cambridge: exim/src/src/auths/plaintext.c,v 1.6 2006/10/16 15:44:36 ph10 Exp $ */
2
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
6
7 /* Copyright (c) University of Cambridge 1995 - 2006 */
8 /* See the file NOTICE for conditions of use and distribution. */
9
10 #include "../exim.h"
11 #include "plaintext.h"
12
13
14 /* Options specific to the plaintext authentication mechanism. */
15
16 optionlist auth_plaintext_options[] = {
17 { "client_ignore_invalid_base64", opt_bool,
18 (void *)(offsetof(auth_plaintext_options_block, client_ignore_invalid_base64)) },
19 { "client_send", opt_stringptr,
20 (void *)(offsetof(auth_plaintext_options_block, client_send)) },
21 { "server_prompts", opt_stringptr,
22 (void *)(offsetof(auth_plaintext_options_block, server_prompts)) }
23 };
24
25 /* Size of the options list. An extern variable has to be used so that its
26 address can appear in the tables drtables.c. */
27
28 int auth_plaintext_options_count =
29 sizeof(auth_plaintext_options)/sizeof(optionlist);
30
31 /* Default private options block for the plaintext authentication method. */
32
33 auth_plaintext_options_block auth_plaintext_option_defaults = {
34 NULL, /* server_prompts */
35 NULL, /* client_send */
36 FALSE /* client_ignore_invalid_base64 */
37 };
38
39
40 /*************************************************
41 * Initialization entry point *
42 *************************************************/
43
44 /* Called for each instance, after its options have been read, to
45 enable consistency checks to be done, or anything else that needs
46 to be set up. */
47
48 void
49 auth_plaintext_init(auth_instance *ablock)
50 {
51 auth_plaintext_options_block *ob =
52 (auth_plaintext_options_block *)(ablock->options_block);
53 if (ablock->public_name == NULL) ablock->public_name = ablock->name;
54 if (ablock->server_condition != NULL) ablock->server = TRUE;
55 if (ob->client_send != NULL) ablock->client = TRUE;
56 }
57
58
59
60 /*************************************************
61 * Server entry point *
62 *************************************************/
63
64 /* For interface, see auths/README */
65
66 int
67 auth_plaintext_server(auth_instance *ablock, uschar *data)
68 {
69 auth_plaintext_options_block *ob =
70 (auth_plaintext_options_block *)(ablock->options_block);
71 uschar *prompts = ob->server_prompts;
72 uschar *clear, *end, *s;
73 int number = 1;
74 int len, rc;
75 int sep = 0;
76
77 /* Expand a non-empty list of prompt strings */
78
79 if (prompts != NULL)
80 {
81 prompts = expand_string(prompts);
82 if (prompts == NULL)
83 {
84 auth_defer_msg = expand_string_message;
85 return DEFER;
86 }
87 }
88
89 /* If data was supplied on the AUTH command, decode it, and split it up into
90 multiple items at binary zeros. The strings are put into $auth1, $auth2, etc,
91 up to a maximum. To retain backwards compatibility, they are also put int $1,
92 $2, etc. If the data consists of the string "=" it indicates a single, empty
93 string. */
94
95 if (*data != 0)
96 {
97 if (Ustrcmp(data, "=") == 0)
98 {
99 auth_vars[0] = expand_nstring[++expand_nmax] = US"";
100 expand_nlength[expand_nmax] = 0;
101 }
102 else
103 {
104 if ((len = auth_b64decode(data, &clear)) < 0) return BAD64;
105 end = clear + len;
106 while (clear < end && expand_nmax < EXPAND_MAXN)
107 {
108 if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;
109 expand_nstring[++expand_nmax] = clear;
110 while (*clear != 0) clear++;
111 expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
112 }
113 }
114 }
115
116 /* Now go through the list of prompt strings. Skip over any whose data has
117 already been provided as part of the AUTH command. For the rest, send them
118 out as prompts, and get a data item back. If the data item is "*", abandon the
119 authentication attempt. Otherwise, split it into items as above. */
120
121 while ((s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
122 != NULL && expand_nmax < EXPAND_MAXN)
123 {
124 if (number++ <= expand_nmax) continue;
125 if ((rc = auth_get_data(&data, s, Ustrlen(s))) != OK) return rc;
126 if ((len = auth_b64decode(data, &clear)) < 0) return BAD64;
127 end = clear + len;
128
129 /* This loop must run at least once, in case the length is zero */
130 do
131 {
132 if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;
133 expand_nstring[++expand_nmax] = clear;
134 while (*clear != 0) clear++;
135 expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
136 }
137 while (clear < end && expand_nmax < EXPAND_MAXN);
138 }
139
140 /* We now have a number of items of data in $auth1, $auth2, etc (and also, for
141 compatibility, in $1, $2, etc). Authentication and authorization are handled
142 together for this authenticator by expanding the server_condition option. Note
143 that ablock->server_condition is always non-NULL because that's what configures
144 this authenticator as a server. */
145
146 return auth_check_serv_cond(ablock);
147 }
148
149
150
151 /*************************************************
152 * Client entry point *
153 *************************************************/
154
155 /* For interface, see auths/README */
156
157 int
158 auth_plaintext_client(
159 auth_instance *ablock, /* authenticator block */
160 smtp_inblock *inblock, /* connection inblock */
161 smtp_outblock *outblock, /* connection outblock */
162 int timeout, /* command timeout */
163 uschar *buffer, /* buffer for reading response */
164 int buffsize) /* size of buffer */
165 {
166 auth_plaintext_options_block *ob =
167 (auth_plaintext_options_block *)(ablock->options_block);
168 uschar *text = ob->client_send;
169 uschar *s;
170 BOOL first = TRUE;
171 int sep = 0;
172 int auth_var_idx = 0;
173
174 /* The text is broken up into a number of different data items, which are
175 sent one by one. The first one is sent with the AUTH command; the remainder are
176 sent in response to subsequent prompts. Each is expanded before being sent. */
177
178 while ((s = string_nextinlist(&text, &sep, big_buffer, big_buffer_size)) != NULL)
179 {
180 int i, len, clear_len;
181 uschar *ss = expand_string(s);
182 uschar *clear;
183
184 /* Forced expansion failure is not an error; authentication is abandoned. On
185 all but the first string, we have to abandon the authentication attempt by
186 sending a line containing "*". Save the failed expansion string, because it
187 is in big_buffer, and that gets used by the sending function. */
188
189 if (ss == NULL)
190 {
191 uschar *ssave = string_copy(s);
192 if (!first)
193 {
194 if (smtp_write_command(outblock, FALSE, "*\r\n") >= 0)
195 (void) smtp_read_response(inblock, US buffer, buffsize, '2', timeout);
196 }
197 if (expand_string_forcedfail)
198 {
199 *buffer = 0; /* No message */
200 return CANCELLED;
201 }
202 string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
203 "authenticator: %s", ssave, ablock->name, expand_string_message);
204 return ERROR;
205 }
206
207 len = Ustrlen(ss);
208
209 /* The character ^ is used as an escape for a binary zero character, which is
210 needed for the PLAIN mechanism. It must be doubled if really needed. */
211
212 for (i = 0; i < len; i++)
213 {
214 if (ss[i] == '^')
215 {
216 if (ss[i+1] != '^') ss[i] = 0; else
217 {
218 i++;
219 len--;
220 memmove(ss + i, ss + i + 1, len - i);
221 }
222 }
223 }
224
225 /* The first string is attached to the AUTH command; others are sent
226 unembelished. */
227
228 if (first)
229 {
230 first = FALSE;
231 if (smtp_write_command(outblock, FALSE, "AUTH %s%s%s\r\n",
232 ablock->public_name, (len == 0)? "" : " ",
233 auth_b64encode(ss, len)) < 0)
234 return FAIL_SEND;
235 }
236 else
237 {
238 if (smtp_write_command(outblock, FALSE, "%s\r\n",
239 auth_b64encode(ss, len)) < 0)
240 return FAIL_SEND;
241 }
242
243 /* If we receive a success response from the server, authentication
244 has succeeded. There may be more data to send, but is there any point
245 in provoking an error here? */
246
247 if (smtp_read_response(inblock, US buffer, buffsize, '2', timeout)) return OK;
248
249 /* Not a success response. If errno != 0 there is some kind of transmission
250 error. Otherwise, check the response code in the buffer. If it starts with
251 '3', more data is expected. */
252
253 if (errno != 0 || buffer[0] != '3') return FAIL;
254
255 /* If there is no more data to send, we have to cancel the authentication
256 exchange and return ERROR. */
257
258 if (text == NULL)
259 {
260 if (smtp_write_command(outblock, FALSE, "*\r\n") >= 0)
261 (void)smtp_read_response(inblock, US buffer, buffsize, '2', timeout);
262 string_format(buffer, buffsize, "Too few items in client_send in %s "
263 "authenticator", ablock->name);
264 return ERROR;
265 }
266
267 /* Now that we know we'll continue, we put the received data into $auth<n>,
268 if possible. First, decode it: buffer+4 skips over the SMTP status code. */
269
270 clear_len = auth_b64decode(buffer+4, &clear);
271
272 /* If decoding failed, the default is to terminate the authentication, and
273 return FAIL, with the SMTP response still in the buffer. However, if client_
274 ignore_invalid_base64 is set, we ignore the error, and put an empty string
275 into $auth<n>. */
276
277 if (clear_len < 0)
278 {
279 uschar *save_bad = string_copy(buffer);
280 if (!ob->client_ignore_invalid_base64)
281 {
282 if (smtp_write_command(outblock, FALSE, "*\r\n") >= 0)
283 (void)smtp_read_response(inblock, US buffer, buffsize, '2', timeout);
284 string_format(buffer, buffsize, "Invalid base64 string in server "
285 "response \"%s\"", save_bad);
286 return CANCELLED;
287 }
288 clear = US"";
289 clear_len = 0;
290 }
291
292 if (auth_var_idx < AUTH_VARS)
293 auth_vars[auth_var_idx++] = string_copy(clear);
294 }
295
296 /* Control should never actually get here. */
297
298 return FAIL;
299 }
300
301 /* End of plaintext.c */