Mercurial > hgrepos > hgweb.cgi > imapext
comparison src/c-client/auth_md5.c @ 3:2366b362676d draft
imap-2007f
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Thu, 30 Oct 2014 00:00:57 +0900 |
parents | 28a55bc1110c |
children | d741b3ecc917 |
comparison
equal
deleted
inserted
replaced
2:fc6002700ecd | 3:2366b362676d |
---|---|
73 * Returns: T, always | 73 * Returns: T, always |
74 */ | 74 */ |
75 | 75 |
76 long auth_md5_valid (void) | 76 long auth_md5_valid (void) |
77 { | 77 { |
78 #ifndef QMAIL /* qmail extension can always handle MD5 */ | |
79 struct stat sbuf; | 78 struct stat sbuf; |
80 /* server forbids MD5 if no MD5 enable file */ | 79 /* server forbids MD5 if no MD5 enable file */ |
81 if (stat (MD5ENABLE,&sbuf)) auth_md5.server = NIL; | 80 if (stat (MD5ENABLE,&sbuf)) auth_md5.server = NIL; |
82 #endif | |
83 return T; /* MD5 is otherwise valid */ | 81 return T; /* MD5 is otherwise valid */ |
84 } | 82 } |
85 | 83 |
86 | 84 |
87 /* Client authenticator | 85 /* Client authenticator |
186 */ | 184 */ |
187 | 185 |
188 char *auth_md5_pwd (char *user) | 186 char *auth_md5_pwd (char *user) |
189 { | 187 { |
190 struct stat sbuf; | 188 struct stat sbuf; |
191 #ifndef QMAIL | |
192 int fd = open (MD5ENABLE,O_RDONLY,NIL); | 189 int fd = open (MD5ENABLE,O_RDONLY,NIL); |
193 unsigned char *s,*t,*buf,*lusr,*lret; | 190 unsigned char *s,*t,*buf,*lusr,*lret; |
194 char *r; | 191 char *r; |
195 char *ret = NIL; | 192 char *ret = NIL; |
196 if (fd >= 0) { /* found the file? */ | 193 if (fd >= 0) { /* found the file? */ |
215 /* erase sensitive information from buffer */ | 212 /* erase sensitive information from buffer */ |
216 memset (buf,0,sbuf.st_size + 1); | 213 memset (buf,0,sbuf.st_size + 1); |
217 fs_give ((void **) &buf); /* flush the buffer */ | 214 fs_give ((void **) &buf); /* flush the buffer */ |
218 close (fd); /* don't need file any longer */ | 215 close (fd); /* don't need file any longer */ |
219 } | 216 } |
220 #else | |
221 # ifndef USERAPOPFILE | |
222 # define USERAPOPFILE ".apop" | |
223 # endif | |
224 # ifndef XADDR_DELIM | |
225 # ifdef POSTFIX /* Same if-condition is in maildir.c.. sorry */ | |
226 # define XADDR_DELIM "+" | |
227 # else | |
228 # define XADDR_DELIM "-" | |
229 # endif | |
230 # endif | |
231 extern char *myMailSuffix; | |
232 char mycrypt[BUFSIZ+1]; | |
233 char *ret = NIL, *tmp=NIL; | |
234 FILE *apopfile = NIL; | |
235 struct passwd *pw = getpwnam(user); | |
236 if (!pw) pw = getpwnam(lcase(tmp=cpystr(user))); | |
237 if (!pw && strstr(user, XADDR_DELIM)) { /* Check qmail alias */ | |
238 char tmp[BUFSIZ]; | |
239 char *s = user; | |
240 memset(tmp, 0, BUFSIZ); | |
241 while (*s && s && !pw) { | |
242 s = strstr(s, XADDR_DELIM); | |
243 if (!s) break; | |
244 strncpy(tmp, user, s-user); | |
245 s++; | |
246 pw = getpwnam(tmp); | |
247 } | |
248 if (pw) { | |
249 myMailSuffix = lcase(cpystr(s-1)); | |
250 user[strlen(tmp)] = '\0'; /* zap suffix */ | |
251 } | |
252 } | |
253 if (pw) { | |
254 snprintf(mycrypt, BUFSIZ, "%s/%s", pw->pw_dir, USERAPOPFILE); | |
255 if (NIL != myMailSuffix) strcat(mycrypt, myMailSuffix); | |
256 if (stat(mycrypt, &sbuf) < 0) { | |
257 /* printf("Cannot stat [%s]\015\n", mycrypt); */ | |
258 return ret; | |
259 } | |
260 if (sbuf.st_mode & ~(S_IFREG | S_IREAD | S_IWRITE)) { | |
261 /* printf("Your apoppassword file is readable by others. Do chmod 600 %s%c\n", mycrypt, 015); */ | |
262 return ret; | |
263 } | |
264 #ifdef APOPOPEN | |
265 if (stat(APOPOPEN, &sbuf) >= 0) { /* if APPOPEN exists */ | |
266 /* read apop password via APOPOPEN program */ | |
267 int bytes = 3+strlen(APOPOPEN)+strlen(mycrypt); | |
268 char *aproc = (char*) fs_get(bytes); | |
269 snprintf(aproc, bytes, "%s %s%c", APOPOPEN, mycrypt, '\0'); | |
270 apopfile = popen(aproc, "r"); | |
271 memset(aproc, 0, bytes); | |
272 fs_give((void**)&aproc); | |
273 } | |
274 #endif /* APOPOPEN */ | |
275 if ((NIL!=apopfile) || (apopfile = fopen( mycrypt, "r" ))) { | |
276 fgets(mycrypt, sizeof(mycrypt) - 1, apopfile); | |
277 fclose(apopfile); | |
278 if (mycrypt[0]) { | |
279 char p = strlen(mycrypt); | |
280 while (p > 0 && (mycrypt[p-1] == '\n' || mycrypt[p-1] == '\r')) { | |
281 mycrypt[--p] = '\0'; /* zap trailing newlines */ | |
282 } | |
283 } | |
284 } else { | |
285 return ret; | |
286 } | |
287 ret = cpystr(mycrypt); | |
288 memset(mycrypt, 0, sizeof(mycrypt)); | |
289 } | |
290 #endif /* if QMAIL */ | |
291 return ret; /* return password */ | 217 return ret; /* return password */ |
292 } | 218 } |
293 | 219 |
294 /* APOP server login | 220 /* APOP server login |
295 * Accepts: challenge | 221 * Accepts: challenge |
303 char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[]) | 229 char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[]) |
304 { | 230 { |
305 int i,j; | 231 int i,j; |
306 char *ret = NIL; | 232 char *ret = NIL; |
307 char *s,*authuser,tmp[MAILTMPLEN]; | 233 char *s,*authuser,tmp[MAILTMPLEN]; |
308 #ifdef QMAIL | |
309 char *userback = cpystr(user); | |
310 #endif | |
311 unsigned char digest[MD5DIGLEN]; | 234 unsigned char digest[MD5DIGLEN]; |
312 MD5CONTEXT ctx; | 235 MD5CONTEXT ctx; |
313 char *hex = "0123456789abcdef"; | 236 char *hex = "0123456789abcdef"; |
314 /* see if authentication user */ | 237 /* see if authentication user */ |
315 if (authuser = strchr (user,'*')) *authuser++ = '\0'; | 238 if (authuser = strchr (user,'*')) *authuser++ = '\0'; |
335 ret = cpystr (myusername ()); | 258 ret = cpystr (myusername ()); |
336 else if (md5try) --md5try; | 259 else if (md5try) --md5try; |
337 memset (tmp,0,MAILTMPLEN); /* erase sensitive information */ | 260 memset (tmp,0,MAILTMPLEN); /* erase sensitive information */ |
338 } | 261 } |
339 if (!ret) sleep (3); /* slow down possible cracker */ | 262 if (!ret) sleep (3); /* slow down possible cracker */ |
340 else { | |
341 extern void permitsmtp(); | |
342 /* permitsmtp();*/ | |
343 } | |
344 #ifdef QMAIL | |
345 return (ret) ? userback : ret; | |
346 #else | |
347 return ret; | 263 return ret; |
348 #endif | |
349 } | 264 } |
350 | 265 |
351 /* | 266 /* |
352 * RFC 2104 HMAC hashing | 267 * RFC 2104 HMAC hashing |
353 * Accepts: text to hash | 268 * Accepts: text to hash |