Mercurial > hgrepos > hgweb.cgi > imapext
comparison src/osdep/unix/env_unix.c @ 1:28a55bc1110c imapext-2007-1
[mq]: imapext
author | yuuji@gentei.org |
---|---|
date | Mon, 14 Sep 2009 19:23:11 +0900 |
parents | ada5e610ab86 |
children | 2366b362676d 20c025a380ab |
comparison
equal
deleted
inserted
replaced
0:ada5e610ab86 | 1:28a55bc1110c |
---|---|
420 ret = (void *) (hideDotFiles ? VOIDT : NIL); | 420 ret = (void *) (hideDotFiles ? VOIDT : NIL); |
421 break; | 421 break; |
422 case SET_DISABLEPLAINTEXT: | 422 case SET_DISABLEPLAINTEXT: |
423 disablePlaintext = (long) value; | 423 disablePlaintext = (long) value; |
424 case GET_DISABLEPLAINTEXT: | 424 case GET_DISABLEPLAINTEXT: |
425 #ifdef RESTRICT_POP | |
426 if (getenv("INTRANET") == NIL) disablePlaintext = 1; | |
427 else disablePlaintext = NIL; | |
428 #endif | |
425 ret = (void *) disablePlaintext; | 429 ret = (void *) disablePlaintext; |
426 break; | 430 break; |
427 case SET_CHROOTSERVER: | 431 case SET_CHROOTSERVER: |
428 closedBox = value ? T : NIL; | 432 closedBox = value ? T : NIL; |
429 case GET_CHROOTSERVER: | 433 case GET_CHROOTSERVER: |
663 static struct passwd *valpwd (char *user,char *pwd,int argc,char *argv[]) | 667 static struct passwd *valpwd (char *user,char *pwd,int argc,char *argv[]) |
664 { | 668 { |
665 char *s; | 669 char *s; |
666 struct passwd *pw; | 670 struct passwd *pw; |
667 struct passwd *ret = NIL; | 671 struct passwd *ret = NIL; |
672 #ifndef QMAIL /* imapext md5 checker run previously. no need to do here */ | |
668 if (auth_md5.server) { /* using CRAM-MD5 authentication? */ | 673 if (auth_md5.server) { /* using CRAM-MD5 authentication? */ |
669 if (s = auth_md5_pwd (user)) { | 674 if (s = auth_md5_pwd (user)) { |
670 if (!strcmp (s,pwd) || ((*pwd == ' ') && pwd[1] && !strcmp (s,pwd+1))) | 675 if (!strcmp (s,pwd) || ((*pwd == ' ') && pwd[1] && !strcmp (s,pwd+1))) |
671 ret = pwuser (user); /* validated, get passwd entry for user */ | 676 ret = pwuser (user); /* validated, get passwd entry for user */ |
672 memset (s,0,strlen (s)); /* erase sensitive information */ | 677 memset (s,0,strlen (s)); /* erase sensitive information */ |
673 fs_give ((void **) &s); | 678 fs_give ((void **) &s); |
674 } | 679 } |
675 } | 680 } |
676 else if (pw = pwuser (user)) {/* can get user? */ | 681 else |
682 #endif | |
683 if (pw = pwuser (user)) {/* can get user? */ | |
677 s = cpystr (pw->pw_name); /* copy returned name in case we need it */ | 684 s = cpystr (pw->pw_name); /* copy returned name in case we need it */ |
678 if (*pwd && !(ret = checkpw (pw,pwd,argc,argv)) && | 685 if (*pwd && !(ret = checkpw (pw,pwd,argc,argv)) && |
679 (*pwd == ' ') && pwd[1] && (ret = pwuser (s))) | 686 (*pwd == ' ') && pwd[1] && (ret = pwuser (s))) |
680 ret = checkpw (pw,pwd+1,argc,argv); | 687 ret = checkpw (pw,pwd+1,argc,argv); |
681 fs_give ((void **) &s); /* don't need copy of name any more */ | 688 fs_give ((void **) &s); /* don't need copy of name any more */ |
695 long server_login (char *user,char *pwd,char *authuser,int argc,char *argv[]) | 702 long server_login (char *user,char *pwd,char *authuser,int argc,char *argv[]) |
696 { | 703 { |
697 struct passwd *pw = NIL; | 704 struct passwd *pw = NIL; |
698 int level = LOG_NOTICE; | 705 int level = LOG_NOTICE; |
699 char *err = "failed"; | 706 char *err = "failed"; |
707 #ifdef QMAIL | |
708 char usr[MAILTMPLEN], *apoppswd; | |
709 strncpy(usr, user, MAILTMPLEN-1); | |
710 #endif | |
700 /* cretins still haven't given up */ | 711 /* cretins still haven't given up */ |
701 if ((strlen (user) >= NETMAXUSER) || | 712 if ((strlen (user) >= NETMAXUSER) || |
702 (authuser && (strlen (authuser) >= NETMAXUSER))) { | 713 (authuser && (strlen (authuser) >= NETMAXUSER))) { |
703 level = LOG_ALERT; /* escalate this alert */ | 714 level = LOG_ALERT; /* escalate this alert */ |
704 err = "SYSTEM BREAK-IN ATTEMPT"; | 715 err = "SYSTEM BREAK-IN ATTEMPT"; |
705 logtry = 0; /* render this session useless */ | 716 logtry = 0; /* render this session useless */ |
706 } | 717 } |
707 else if (logtry-- <= 0) err = "excessive login failures"; | 718 else if (logtry-- <= 0) err = "excessive login failures"; |
708 else if (disablePlaintext) err = "disabled"; | 719 else if (disablePlaintext) err = "disabled"; |
720 #ifdef QMAIL | |
721 else if ((logtry > 0) && | |
722 (apoppswd = auth_md5_pwd(usr)) | |
723 && !strcmp(apoppswd, pwd) | |
724 && (pw = getpwnam(usr))) { | |
725 memset(apoppswd, 0, strlen(apoppswd)); | |
726 fs_give((void**) &apoppswd); | |
727 return pw_login(pw, usr, pw->pw_name, pw->pw_dir, argc, argv); | |
728 } | |
729 #endif | |
709 else if (!(authuser && *authuser)) pw = valpwd (user,pwd,argc,argv); | 730 else if (!(authuser && *authuser)) pw = valpwd (user,pwd,argc,argv); |
710 else if (valpwd (authuser,pwd,argc,argv)) pw = pwuser (user); | 731 else if (valpwd (authuser,pwd,argc,argv)) pw = pwuser (user); |
711 if (pw && pw_login (pw,authuser,pw->pw_name,NIL,argc,argv)) return T; | 732 if (pw && pw_login (pw,authuser,pw->pw_name,NIL,argc,argv)) return T; |
712 syslog (level|LOG_AUTH,"Login %s user=%.64s auth=%.64s host=%.80s",err, | 733 syslog (level|LOG_AUTH,"Login %s user=%.64s auth=%.64s host=%.80s",err, |
713 user,(authuser && *authuser) ? authuser : user,tcp_clienthost ()); | 734 user,(authuser && *authuser) ? authuser : user,tcp_clienthost ()); |
725 | 746 |
726 long authserver_login (char *user,char *authuser,int argc,char *argv[]) | 747 long authserver_login (char *user,char *authuser,int argc,char *argv[]) |
727 { | 748 { |
728 return pw_login (pwuser (user),authuser,user,NIL,argc,argv); | 749 return pw_login (pwuser (user),authuser,user,NIL,argc,argv); |
729 } | 750 } |
751 | |
752 void permitsmtp() /* to update tcp permission */ | |
753 { | |
754 #ifdef POPBEFORESMTP | |
755 #include <sys/types.h> | |
756 #include <sys/wait.h> | |
757 #ifndef POP3RECORDER | |
758 # define POP3RECORDER "/usr/local/etc/pop3-record" | |
759 #endif | |
760 int child; | |
761 int wstat; | |
762 char *permsmtp = POP3RECORDER; | |
763 | |
764 switch(child = fork()) | |
765 { | |
766 case -1: | |
767 syslog (LOG_INFO,"Cannot exec %s", permsmtp); | |
768 _exit(111); | |
769 break; | |
770 case 0: | |
771 execl(permsmtp, permsmtp, 0); | |
772 syslog (LOG_INFO,"Cannot exec %s", permsmtp); | |
773 _exit(111); break; | |
774 } | |
775 waitpid(child, &wstat, 0); | |
776 #endif | |
777 } | |
778 | |
730 | 779 |
731 | 780 |
732 /* Log in as anonymous daemon | 781 /* Log in as anonymous daemon |
733 * Accepts: argument count | 782 * Accepts: argument count |
734 * argument vector | 783 * argument vector |
779 pw->pw_name,home,tcp_clienthost ()); | 828 pw->pw_name,home,tcp_clienthost ()); |
780 else if (loginpw (pw,argc,argv)) ret = env_init (user,NIL); | 829 else if (loginpw (pw,argc,argv)) ret = env_init (user,NIL); |
781 else fatal ("Login failed after chroot"); | 830 else fatal ("Login failed after chroot"); |
782 } | 831 } |
783 /* normal login */ | 832 /* normal login */ |
833 #ifdef QMAIL | |
834 else if (((pw->pw_uid == geteuid ()) || (permitsmtp(), loginpw (pw,argc,argv | |
835 ))) && | |
836 (ret = env_init (user,home))) chdir (myhomedir ()); | |
837 #else | |
784 else if (((pw->pw_uid == geteuid ()) || loginpw (pw,argc,argv)) && | 838 else if (((pw->pw_uid == geteuid ()) || loginpw (pw,argc,argv)) && |
785 (ret = env_init (user,home))) chdir (myhomedir ()); | 839 (ret = env_init (user,home))) chdir (myhomedir ()); |
840 #endif | |
786 fs_give ((void **) &home); /* clean up */ | 841 fs_give ((void **) &home); /* clean up */ |
787 if (user) fs_give ((void **) &user); | 842 if (user) fs_give ((void **) &user); |
788 } | 843 } |
789 endpwent (); /* in case shadow passwords in pw data */ | 844 endpwent (); /* in case shadow passwords in pw data */ |
790 return ret; /* return status */ | 845 return ret; /* return status */ |