Mercurial > hgrepos > hgweb.cgi > imapext
comparison src/osdep/unix/env_unix.c @ 3:2366b362676d draft
imap-2007f
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Thu, 30 Oct 2014 00:00:57 +0900 |
parents | 28a55bc1110c |
children | d741b3ecc917 |
comparison
equal
deleted
inserted
replaced
2:fc6002700ecd | 3:2366b362676d |
---|---|
19 * University of Washington | 19 * University of Washington |
20 * Seattle, WA 98195 | 20 * Seattle, WA 98195 |
21 * Internet: MRC@Washington.EDU | 21 * Internet: MRC@Washington.EDU |
22 * | 22 * |
23 * Date: 1 August 1988 | 23 * Date: 1 August 1988 |
24 * Last Edited: 15 May 2008 | 24 * Last Edited: 23 February 2009 |
25 */ | 25 */ |
26 | 26 |
27 #include <grp.h> | 27 #include <grp.h> |
28 #include <signal.h> | 28 #include <signal.h> |
29 #include <sys/wait.h> | 29 #include <sys/wait.h> |
420 ret = (void *) (hideDotFiles ? VOIDT : NIL); | 420 ret = (void *) (hideDotFiles ? VOIDT : NIL); |
421 break; | 421 break; |
422 case SET_DISABLEPLAINTEXT: | 422 case SET_DISABLEPLAINTEXT: |
423 disablePlaintext = (long) value; | 423 disablePlaintext = (long) value; |
424 case GET_DISABLEPLAINTEXT: | 424 case GET_DISABLEPLAINTEXT: |
425 #ifdef RESTRICT_POP | |
426 if (getenv("INTRANET") == NIL) disablePlaintext = 1; | |
427 else disablePlaintext = NIL; | |
428 #endif | |
429 ret = (void *) disablePlaintext; | 425 ret = (void *) disablePlaintext; |
430 break; | 426 break; |
431 case SET_CHROOTSERVER: | 427 case SET_CHROOTSERVER: |
432 closedBox = value ? T : NIL; | 428 closedBox = value ? T : NIL; |
433 case GET_CHROOTSERVER: | 429 case GET_CHROOTSERVER: |
667 static struct passwd *valpwd (char *user,char *pwd,int argc,char *argv[]) | 663 static struct passwd *valpwd (char *user,char *pwd,int argc,char *argv[]) |
668 { | 664 { |
669 char *s; | 665 char *s; |
670 struct passwd *pw; | 666 struct passwd *pw; |
671 struct passwd *ret = NIL; | 667 struct passwd *ret = NIL; |
672 #ifndef QMAIL /* imapext md5 checker run previously. no need to do here */ | |
673 if (auth_md5.server) { /* using CRAM-MD5 authentication? */ | 668 if (auth_md5.server) { /* using CRAM-MD5 authentication? */ |
674 if (s = auth_md5_pwd (user)) { | 669 if (s = auth_md5_pwd (user)) { |
675 if (!strcmp (s,pwd) || ((*pwd == ' ') && pwd[1] && !strcmp (s,pwd+1))) | 670 if (!strcmp (s,pwd) || ((*pwd == ' ') && pwd[1] && !strcmp (s,pwd+1))) |
676 ret = pwuser (user); /* validated, get passwd entry for user */ | 671 ret = pwuser (user); /* validated, get passwd entry for user */ |
677 memset (s,0,strlen (s)); /* erase sensitive information */ | 672 memset (s,0,strlen (s)); /* erase sensitive information */ |
678 fs_give ((void **) &s); | 673 fs_give ((void **) &s); |
679 } | 674 } |
680 } | 675 } |
681 else | 676 else if (pw = pwuser (user)) {/* can get user? */ |
682 #endif | |
683 if (pw = pwuser (user)) {/* can get user? */ | |
684 s = cpystr (pw->pw_name); /* copy returned name in case we need it */ | 677 s = cpystr (pw->pw_name); /* copy returned name in case we need it */ |
685 if (*pwd && !(ret = checkpw (pw,pwd,argc,argv)) && | 678 if (*pwd && !(ret = checkpw (pw,pwd,argc,argv)) && |
686 (*pwd == ' ') && pwd[1] && (ret = pwuser (s))) | 679 (*pwd == ' ') && pwd[1] && (ret = pwuser (s))) |
687 ret = checkpw (pw,pwd+1,argc,argv); | 680 ret = checkpw (pw,pwd+1,argc,argv); |
688 fs_give ((void **) &s); /* don't need copy of name any more */ | 681 fs_give ((void **) &s); /* don't need copy of name any more */ |
702 long server_login (char *user,char *pwd,char *authuser,int argc,char *argv[]) | 695 long server_login (char *user,char *pwd,char *authuser,int argc,char *argv[]) |
703 { | 696 { |
704 struct passwd *pw = NIL; | 697 struct passwd *pw = NIL; |
705 int level = LOG_NOTICE; | 698 int level = LOG_NOTICE; |
706 char *err = "failed"; | 699 char *err = "failed"; |
707 #ifdef QMAIL | |
708 char usr[MAILTMPLEN], *apoppswd; | |
709 strncpy(usr, user, MAILTMPLEN-1); | |
710 #endif | |
711 /* cretins still haven't given up */ | 700 /* cretins still haven't given up */ |
712 if ((strlen (user) >= NETMAXUSER) || | 701 if ((strlen (user) >= NETMAXUSER) || |
713 (authuser && (strlen (authuser) >= NETMAXUSER))) { | 702 (authuser && (strlen (authuser) >= NETMAXUSER))) { |
714 level = LOG_ALERT; /* escalate this alert */ | 703 level = LOG_ALERT; /* escalate this alert */ |
715 err = "SYSTEM BREAK-IN ATTEMPT"; | 704 err = "SYSTEM BREAK-IN ATTEMPT"; |
716 logtry = 0; /* render this session useless */ | 705 logtry = 0; /* render this session useless */ |
717 } | 706 } |
718 else if (logtry-- <= 0) err = "excessive login failures"; | 707 else if (logtry-- <= 0) err = "excessive login failures"; |
719 else if (disablePlaintext) err = "disabled"; | 708 else if (disablePlaintext) err = "disabled"; |
720 #ifdef QMAIL | |
721 else if ((logtry > 0) && | |
722 (apoppswd = auth_md5_pwd(usr)) | |
723 && !strcmp(apoppswd, pwd) | |
724 && (pw = getpwnam(usr))) { | |
725 memset(apoppswd, 0, strlen(apoppswd)); | |
726 fs_give((void**) &apoppswd); | |
727 return pw_login(pw, usr, pw->pw_name, pw->pw_dir, argc, argv); | |
728 } | |
729 #endif | |
730 else if (!(authuser && *authuser)) pw = valpwd (user,pwd,argc,argv); | 709 else if (!(authuser && *authuser)) pw = valpwd (user,pwd,argc,argv); |
731 else if (valpwd (authuser,pwd,argc,argv)) pw = pwuser (user); | 710 else if (valpwd (authuser,pwd,argc,argv)) pw = pwuser (user); |
732 if (pw && pw_login (pw,authuser,pw->pw_name,NIL,argc,argv)) return T; | 711 if (pw && pw_login (pw,authuser,pw->pw_name,NIL,argc,argv)) return T; |
733 syslog (level|LOG_AUTH,"Login %s user=%.64s auth=%.64s host=%.80s",err, | 712 syslog (level|LOG_AUTH,"Login %s user=%.64s auth=%.64s host=%.80s",err, |
734 user,(authuser && *authuser) ? authuser : user,tcp_clienthost ()); | 713 user,(authuser && *authuser) ? authuser : user,tcp_clienthost ()); |
746 | 725 |
747 long authserver_login (char *user,char *authuser,int argc,char *argv[]) | 726 long authserver_login (char *user,char *authuser,int argc,char *argv[]) |
748 { | 727 { |
749 return pw_login (pwuser (user),authuser,user,NIL,argc,argv); | 728 return pw_login (pwuser (user),authuser,user,NIL,argc,argv); |
750 } | 729 } |
751 | |
752 void permitsmtp() /* to update tcp permission */ | |
753 { | |
754 #ifdef POPBEFORESMTP | |
755 #include <sys/types.h> | |
756 #include <sys/wait.h> | |
757 #ifndef POP3RECORDER | |
758 # define POP3RECORDER "/usr/local/etc/pop3-record" | |
759 #endif | |
760 int child; | |
761 int wstat; | |
762 char *permsmtp = POP3RECORDER; | |
763 | |
764 switch(child = fork()) | |
765 { | |
766 case -1: | |
767 syslog (LOG_INFO,"Cannot exec %s", permsmtp); | |
768 _exit(111); | |
769 break; | |
770 case 0: | |
771 execl(permsmtp, permsmtp, 0); | |
772 syslog (LOG_INFO,"Cannot exec %s", permsmtp); | |
773 _exit(111); break; | |
774 } | |
775 waitpid(child, &wstat, 0); | |
776 #endif | |
777 } | |
778 | |
779 | 730 |
780 | 731 |
781 /* Log in as anonymous daemon | 732 /* Log in as anonymous daemon |
782 * Accepts: argument count | 733 * Accepts: argument count |
783 * argument vector | 734 * argument vector |
828 pw->pw_name,home,tcp_clienthost ()); | 779 pw->pw_name,home,tcp_clienthost ()); |
829 else if (loginpw (pw,argc,argv)) ret = env_init (user,NIL); | 780 else if (loginpw (pw,argc,argv)) ret = env_init (user,NIL); |
830 else fatal ("Login failed after chroot"); | 781 else fatal ("Login failed after chroot"); |
831 } | 782 } |
832 /* normal login */ | 783 /* normal login */ |
833 #ifdef QMAIL | |
834 else if (((pw->pw_uid == geteuid ()) || (permitsmtp(), loginpw (pw,argc,argv | |
835 ))) && | |
836 (ret = env_init (user,home))) chdir (myhomedir ()); | |
837 #else | |
838 else if (((pw->pw_uid == geteuid ()) || loginpw (pw,argc,argv)) && | 784 else if (((pw->pw_uid == geteuid ()) || loginpw (pw,argc,argv)) && |
839 (ret = env_init (user,home))) chdir (myhomedir ()); | 785 (ret = env_init (user,home))) chdir (myhomedir ()); |
840 #endif | |
841 fs_give ((void **) &home); /* clean up */ | 786 fs_give ((void **) &home); /* clean up */ |
842 if (user) fs_give ((void **) &user); | 787 if (user) fs_give ((void **) &user); |
843 } | 788 } |
844 endpwent (); /* in case shadow passwords in pw data */ | 789 endpwent (); /* in case shadow passwords in pw data */ |
845 return ret; /* return status */ | 790 return ret; /* return status */ |
1866 long ret; | 1811 long ret; |
1867 short rsave = restrictBox; | 1812 short rsave = restrictBox; |
1868 restrictBox = NIL; /* can't restrict */ | 1813 restrictBox = NIL; /* can't restrict */ |
1869 if (blackBox) { /* if black box */ | 1814 if (blackBox) { /* if black box */ |
1870 /* toss out driver dependent names */ | 1815 /* toss out driver dependent names */ |
1871 printf (path,"%s/INBOX",mymailboxdir ()); | 1816 sprintf (path,"%s/INBOX",mymailboxdir ()); |
1872 blackBox = NIL; /* well that's evil - evil is going on */ | 1817 blackBox = NIL; /* well that's evil - evil is going on */ |
1873 ret = mail_create (stream,path); | 1818 ret = mail_create (stream,path); |
1874 blackBox = T; /* restore the box */ | 1819 blackBox = T; /* restore the box */ |
1875 } | 1820 } |
1876 /* easy thing otherwise */ | 1821 /* easy thing otherwise */ |