Mercurial > hgrepos > hgweb.cgi > imapext
comparison src/osdep/unix/env_unix.c @ 4:d741b3ecc917 draft
imapext-2007f
| author | HIROSE Yuuji <yuuji@gentei.org> |
|---|---|
| date | Thu, 30 Oct 2014 00:03:05 +0900 |
| parents | 2366b362676d |
| children |
comparison
equal
deleted
inserted
replaced
| 3:2366b362676d | 4:d741b3ecc917 |
|---|---|
| 420 ret = (void *) (hideDotFiles ? VOIDT : NIL); | 420 ret = (void *) (hideDotFiles ? VOIDT : NIL); |
| 421 break; | 421 break; |
| 422 case SET_DISABLEPLAINTEXT: | 422 case SET_DISABLEPLAINTEXT: |
| 423 disablePlaintext = (long) value; | 423 disablePlaintext = (long) value; |
| 424 case GET_DISABLEPLAINTEXT: | 424 case GET_DISABLEPLAINTEXT: |
| 425 #ifdef RESTRICT_POP | |
| 426 if (getenv("INTRANET") == NIL) disablePlaintext = 1; | |
| 427 else disablePlaintext = NIL; | |
| 428 #endif | |
| 425 ret = (void *) disablePlaintext; | 429 ret = (void *) disablePlaintext; |
| 426 break; | 430 break; |
| 427 case SET_CHROOTSERVER: | 431 case SET_CHROOTSERVER: |
| 428 closedBox = value ? T : NIL; | 432 closedBox = value ? T : NIL; |
| 429 case GET_CHROOTSERVER: | 433 case GET_CHROOTSERVER: |
| 663 static struct passwd *valpwd (char *user,char *pwd,int argc,char *argv[]) | 667 static struct passwd *valpwd (char *user,char *pwd,int argc,char *argv[]) |
| 664 { | 668 { |
| 665 char *s; | 669 char *s; |
| 666 struct passwd *pw; | 670 struct passwd *pw; |
| 667 struct passwd *ret = NIL; | 671 struct passwd *ret = NIL; |
| 672 #ifndef QMAIL /* imapext md5 checker run previously. no need to do here */ | |
| 668 if (auth_md5.server) { /* using CRAM-MD5 authentication? */ | 673 if (auth_md5.server) { /* using CRAM-MD5 authentication? */ |
| 669 if (s = auth_md5_pwd (user)) { | 674 if (s = auth_md5_pwd (user)) { |
| 670 if (!strcmp (s,pwd) || ((*pwd == ' ') && pwd[1] && !strcmp (s,pwd+1))) | 675 if (!strcmp (s,pwd) || ((*pwd == ' ') && pwd[1] && !strcmp (s,pwd+1))) |
| 671 ret = pwuser (user); /* validated, get passwd entry for user */ | 676 ret = pwuser (user); /* validated, get passwd entry for user */ |
| 672 memset (s,0,strlen (s)); /* erase sensitive information */ | 677 memset (s,0,strlen (s)); /* erase sensitive information */ |
| 673 fs_give ((void **) &s); | 678 fs_give ((void **) &s); |
| 674 } | 679 } |
| 675 } | 680 } |
| 676 else if (pw = pwuser (user)) {/* can get user? */ | 681 else |
| 682 #endif | |
| 683 if (pw = pwuser (user)) {/* can get user? */ | |
| 677 s = cpystr (pw->pw_name); /* copy returned name in case we need it */ | 684 s = cpystr (pw->pw_name); /* copy returned name in case we need it */ |
| 678 if (*pwd && !(ret = checkpw (pw,pwd,argc,argv)) && | 685 if (*pwd && !(ret = checkpw (pw,pwd,argc,argv)) && |
| 679 (*pwd == ' ') && pwd[1] && (ret = pwuser (s))) | 686 (*pwd == ' ') && pwd[1] && (ret = pwuser (s))) |
| 680 ret = checkpw (pw,pwd+1,argc,argv); | 687 ret = checkpw (pw,pwd+1,argc,argv); |
| 681 fs_give ((void **) &s); /* don't need copy of name any more */ | 688 fs_give ((void **) &s); /* don't need copy of name any more */ |
| 695 long server_login (char *user,char *pwd,char *authuser,int argc,char *argv[]) | 702 long server_login (char *user,char *pwd,char *authuser,int argc,char *argv[]) |
| 696 { | 703 { |
| 697 struct passwd *pw = NIL; | 704 struct passwd *pw = NIL; |
| 698 int level = LOG_NOTICE; | 705 int level = LOG_NOTICE; |
| 699 char *err = "failed"; | 706 char *err = "failed"; |
| 707 #ifdef QMAIL | |
| 708 char usr[MAILTMPLEN], *apoppswd; | |
| 709 strncpy(usr, user, MAILTMPLEN-1); | |
| 710 #endif | |
| 700 /* cretins still haven't given up */ | 711 /* cretins still haven't given up */ |
| 701 if ((strlen (user) >= NETMAXUSER) || | 712 if ((strlen (user) >= NETMAXUSER) || |
| 702 (authuser && (strlen (authuser) >= NETMAXUSER))) { | 713 (authuser && (strlen (authuser) >= NETMAXUSER))) { |
| 703 level = LOG_ALERT; /* escalate this alert */ | 714 level = LOG_ALERT; /* escalate this alert */ |
| 704 err = "SYSTEM BREAK-IN ATTEMPT"; | 715 err = "SYSTEM BREAK-IN ATTEMPT"; |
| 705 logtry = 0; /* render this session useless */ | 716 logtry = 0; /* render this session useless */ |
| 706 } | 717 } |
| 707 else if (logtry-- <= 0) err = "excessive login failures"; | 718 else if (logtry-- <= 0) err = "excessive login failures"; |
| 708 else if (disablePlaintext) err = "disabled"; | 719 else if (disablePlaintext) err = "disabled"; |
| 720 #ifdef QMAIL | |
| 721 else if ((logtry > 0) && | |
| 722 (apoppswd = auth_md5_pwd(usr)) | |
| 723 && !strcmp(apoppswd, pwd) | |
| 724 && (pw = getpwnam(usr))) { | |
| 725 memset(apoppswd, 0, strlen(apoppswd)); | |
| 726 fs_give((void**) &apoppswd); | |
| 727 return pw_login(pw, usr, pw->pw_name, pw->pw_dir, argc, argv); | |
| 728 } | |
| 729 #endif | |
| 709 else if (!(authuser && *authuser)) pw = valpwd (user,pwd,argc,argv); | 730 else if (!(authuser && *authuser)) pw = valpwd (user,pwd,argc,argv); |
| 710 else if (valpwd (authuser,pwd,argc,argv)) pw = pwuser (user); | 731 else if (valpwd (authuser,pwd,argc,argv)) pw = pwuser (user); |
| 711 if (pw && pw_login (pw,authuser,pw->pw_name,NIL,argc,argv)) return T; | 732 if (pw && pw_login (pw,authuser,pw->pw_name,NIL,argc,argv)) return T; |
| 712 syslog (level|LOG_AUTH,"Login %s user=%.64s auth=%.64s host=%.80s",err, | 733 syslog (level|LOG_AUTH,"Login %s user=%.64s auth=%.64s host=%.80s",err, |
| 713 user,(authuser && *authuser) ? authuser : user,tcp_clienthost ()); | 734 user,(authuser && *authuser) ? authuser : user,tcp_clienthost ()); |
| 725 | 746 |
| 726 long authserver_login (char *user,char *authuser,int argc,char *argv[]) | 747 long authserver_login (char *user,char *authuser,int argc,char *argv[]) |
| 727 { | 748 { |
| 728 return pw_login (pwuser (user),authuser,user,NIL,argc,argv); | 749 return pw_login (pwuser (user),authuser,user,NIL,argc,argv); |
| 729 } | 750 } |
| 751 | |
| 752 void permitsmtp() /* to update tcp permission */ | |
| 753 { | |
| 754 #ifdef POPBEFORESMTP | |
| 755 #include <sys/types.h> | |
| 756 #include <sys/wait.h> | |
| 757 #ifndef POP3RECORDER | |
| 758 # define POP3RECORDER "/usr/local/etc/pop3-record" | |
| 759 #endif | |
| 760 int child; | |
| 761 int wstat; | |
| 762 char *permsmtp = POP3RECORDER; | |
| 763 | |
| 764 switch(child = fork()) | |
| 765 { | |
| 766 case -1: | |
| 767 syslog (LOG_INFO,"Cannot exec %s", permsmtp); | |
| 768 _exit(111); | |
| 769 break; | |
| 770 case 0: | |
| 771 execl(permsmtp, permsmtp, 0); | |
| 772 syslog (LOG_INFO,"Cannot exec %s", permsmtp); | |
| 773 _exit(111); break; | |
| 774 } | |
| 775 waitpid(child, &wstat, 0); | |
| 776 #endif | |
| 777 } | |
| 778 | |
| 730 | 779 |
| 731 | 780 |
| 732 /* Log in as anonymous daemon | 781 /* Log in as anonymous daemon |
| 733 * Accepts: argument count | 782 * Accepts: argument count |
| 734 * argument vector | 783 * argument vector |
| 779 pw->pw_name,home,tcp_clienthost ()); | 828 pw->pw_name,home,tcp_clienthost ()); |
| 780 else if (loginpw (pw,argc,argv)) ret = env_init (user,NIL); | 829 else if (loginpw (pw,argc,argv)) ret = env_init (user,NIL); |
| 781 else fatal ("Login failed after chroot"); | 830 else fatal ("Login failed after chroot"); |
| 782 } | 831 } |
| 783 /* normal login */ | 832 /* normal login */ |
| 833 #ifdef QMAIL | |
| 834 else if (((pw->pw_uid == geteuid ()) || (permitsmtp(), loginpw (pw,argc,argv | |
| 835 ))) && | |
| 836 (ret = env_init (user,home))) chdir (myhomedir ()); | |
| 837 #else | |
| 784 else if (((pw->pw_uid == geteuid ()) || loginpw (pw,argc,argv)) && | 838 else if (((pw->pw_uid == geteuid ()) || loginpw (pw,argc,argv)) && |
| 785 (ret = env_init (user,home))) chdir (myhomedir ()); | 839 (ret = env_init (user,home))) chdir (myhomedir ()); |
| 840 #endif | |
| 786 fs_give ((void **) &home); /* clean up */ | 841 fs_give ((void **) &home); /* clean up */ |
| 787 if (user) fs_give ((void **) &user); | 842 if (user) fs_give ((void **) &user); |
| 788 } | 843 } |
| 789 endpwent (); /* in case shadow passwords in pw data */ | 844 endpwent (); /* in case shadow passwords in pw data */ |
| 790 return ret; /* return status */ | 845 return ret; /* return status */ |
