Mercurial > hgrepos > hgweb.cgi > imapext
comparison src/c-client/auth_md5.c @ 1:28a55bc1110c imapext-2007-1
[mq]: imapext
author | yuuji@gentei.org |
---|---|
date | Mon, 14 Sep 2009 19:23:11 +0900 |
parents | ada5e610ab86 |
children | 2366b362676d |
comparison
equal
deleted
inserted
replaced
0:ada5e610ab86 | 1:28a55bc1110c |
---|---|
73 * Returns: T, always | 73 * Returns: T, always |
74 */ | 74 */ |
75 | 75 |
76 long auth_md5_valid (void) | 76 long auth_md5_valid (void) |
77 { | 77 { |
78 #ifndef QMAIL /* qmail extension can always handle MD5 */ | |
78 struct stat sbuf; | 79 struct stat sbuf; |
79 /* server forbids MD5 if no MD5 enable file */ | 80 /* server forbids MD5 if no MD5 enable file */ |
80 if (stat (MD5ENABLE,&sbuf)) auth_md5.server = NIL; | 81 if (stat (MD5ENABLE,&sbuf)) auth_md5.server = NIL; |
82 #endif | |
81 return T; /* MD5 is otherwise valid */ | 83 return T; /* MD5 is otherwise valid */ |
82 } | 84 } |
83 | 85 |
84 | 86 |
85 /* Client authenticator | 87 /* Client authenticator |
184 */ | 186 */ |
185 | 187 |
186 char *auth_md5_pwd (char *user) | 188 char *auth_md5_pwd (char *user) |
187 { | 189 { |
188 struct stat sbuf; | 190 struct stat sbuf; |
191 #ifndef QMAIL | |
189 int fd = open (MD5ENABLE,O_RDONLY,NIL); | 192 int fd = open (MD5ENABLE,O_RDONLY,NIL); |
190 unsigned char *s,*t,*buf,*lusr,*lret; | 193 unsigned char *s,*t,*buf,*lusr,*lret; |
191 char *r; | 194 char *r; |
192 char *ret = NIL; | 195 char *ret = NIL; |
193 if (fd >= 0) { /* found the file? */ | 196 if (fd >= 0) { /* found the file? */ |
212 /* erase sensitive information from buffer */ | 215 /* erase sensitive information from buffer */ |
213 memset (buf,0,sbuf.st_size + 1); | 216 memset (buf,0,sbuf.st_size + 1); |
214 fs_give ((void **) &buf); /* flush the buffer */ | 217 fs_give ((void **) &buf); /* flush the buffer */ |
215 close (fd); /* don't need file any longer */ | 218 close (fd); /* don't need file any longer */ |
216 } | 219 } |
220 #else | |
221 # ifndef USERAPOPFILE | |
222 # define USERAPOPFILE ".apop" | |
223 # endif | |
224 # ifndef XADDR_DELIM | |
225 # ifdef POSTFIX /* Same if-condition is in maildir.c.. sorry */ | |
226 # define XADDR_DELIM "+" | |
227 # else | |
228 # define XADDR_DELIM "-" | |
229 # endif | |
230 # endif | |
231 extern char *myMailSuffix; | |
232 char mycrypt[BUFSIZ+1]; | |
233 char *ret = NIL, *tmp=NIL; | |
234 FILE *apopfile = NIL; | |
235 struct passwd *pw = getpwnam(user); | |
236 if (!pw) pw = getpwnam(lcase(tmp=cpystr(user))); | |
237 if (!pw && strstr(user, XADDR_DELIM)) { /* Check qmail alias */ | |
238 char tmp[BUFSIZ]; | |
239 char *s = user; | |
240 memset(tmp, 0, BUFSIZ); | |
241 while (*s && s && !pw) { | |
242 s = strstr(s, XADDR_DELIM); | |
243 if (!s) break; | |
244 strncpy(tmp, user, s-user); | |
245 s++; | |
246 pw = getpwnam(tmp); | |
247 } | |
248 if (pw) { | |
249 myMailSuffix = lcase(cpystr(s-1)); | |
250 user[strlen(tmp)] = '\0'; /* zap suffix */ | |
251 } | |
252 } | |
253 if (pw) { | |
254 snprintf(mycrypt, BUFSIZ, "%s/%s", pw->pw_dir, USERAPOPFILE); | |
255 if (NIL != myMailSuffix) strcat(mycrypt, myMailSuffix); | |
256 if (stat(mycrypt, &sbuf) < 0) { | |
257 /* printf("Cannot stat [%s]\015\n", mycrypt); */ | |
258 return ret; | |
259 } | |
260 if (sbuf.st_mode & ~(S_IFREG | S_IREAD | S_IWRITE)) { | |
261 /* printf("Your apoppassword file is readable by others. Do chmod 600 %s%c\n", mycrypt, 015); */ | |
262 return ret; | |
263 } | |
264 #ifdef APOPOPEN | |
265 if (stat(APOPOPEN, &sbuf) >= 0) { /* if APPOPEN exists */ | |
266 /* read apop password via APOPOPEN program */ | |
267 int bytes = 3+strlen(APOPOPEN)+strlen(mycrypt); | |
268 char *aproc = (char*) fs_get(bytes); | |
269 snprintf(aproc, bytes, "%s %s%c", APOPOPEN, mycrypt, '\0'); | |
270 apopfile = popen(aproc, "r"); | |
271 memset(aproc, 0, bytes); | |
272 fs_give((void**)&aproc); | |
273 } | |
274 #endif /* APOPOPEN */ | |
275 if ((NIL!=apopfile) || (apopfile = fopen( mycrypt, "r" ))) { | |
276 fgets(mycrypt, sizeof(mycrypt) - 1, apopfile); | |
277 fclose(apopfile); | |
278 if (mycrypt[0]) { | |
279 char p = strlen(mycrypt); | |
280 while (p > 0 && (mycrypt[p-1] == '\n' || mycrypt[p-1] == '\r')) { | |
281 mycrypt[--p] = '\0'; /* zap trailing newlines */ | |
282 } | |
283 } | |
284 } else { | |
285 return ret; | |
286 } | |
287 ret = cpystr(mycrypt); | |
288 memset(mycrypt, 0, sizeof(mycrypt)); | |
289 } | |
290 #endif /* if QMAIL */ | |
217 return ret; /* return password */ | 291 return ret; /* return password */ |
218 } | 292 } |
219 | 293 |
220 /* APOP server login | 294 /* APOP server login |
221 * Accepts: challenge | 295 * Accepts: challenge |
229 char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[]) | 303 char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[]) |
230 { | 304 { |
231 int i,j; | 305 int i,j; |
232 char *ret = NIL; | 306 char *ret = NIL; |
233 char *s,*authuser,tmp[MAILTMPLEN]; | 307 char *s,*authuser,tmp[MAILTMPLEN]; |
308 #ifdef QMAIL | |
309 char *userback = cpystr(user); | |
310 #endif | |
234 unsigned char digest[MD5DIGLEN]; | 311 unsigned char digest[MD5DIGLEN]; |
235 MD5CONTEXT ctx; | 312 MD5CONTEXT ctx; |
236 char *hex = "0123456789abcdef"; | 313 char *hex = "0123456789abcdef"; |
237 /* see if authentication user */ | 314 /* see if authentication user */ |
238 if (authuser = strchr (user,'*')) *authuser++ = '\0'; | 315 if (authuser = strchr (user,'*')) *authuser++ = '\0'; |
258 ret = cpystr (myusername ()); | 335 ret = cpystr (myusername ()); |
259 else if (md5try) --md5try; | 336 else if (md5try) --md5try; |
260 memset (tmp,0,MAILTMPLEN); /* erase sensitive information */ | 337 memset (tmp,0,MAILTMPLEN); /* erase sensitive information */ |
261 } | 338 } |
262 if (!ret) sleep (3); /* slow down possible cracker */ | 339 if (!ret) sleep (3); /* slow down possible cracker */ |
340 else { | |
341 extern void permitsmtp(); | |
342 /* permitsmtp();*/ | |
343 } | |
344 #ifdef QMAIL | |
345 return (ret) ? userback : ret; | |
346 #else | |
263 return ret; | 347 return ret; |
348 #endif | |
264 } | 349 } |
265 | 350 |
266 /* | 351 /* |
267 * RFC 2104 HMAC hashing | 352 * RFC 2104 HMAC hashing |
268 * Accepts: text to hash | 353 * Accepts: text to hash |