Mercurial > hgrepos > hgweb.cgi > imapext
diff src/c-client/auth_md5.c @ 1:28a55bc1110c imapext-2007-1
[mq]: imapext
author | yuuji@gentei.org |
---|---|
date | Mon, 14 Sep 2009 19:23:11 +0900 |
parents | ada5e610ab86 |
children | 2366b362676d |
line wrap: on
line diff
--- a/src/c-client/auth_md5.c Mon Sep 14 15:17:45 2009 +0900 +++ b/src/c-client/auth_md5.c Mon Sep 14 19:23:11 2009 +0900 @@ -75,9 +75,11 @@ long auth_md5_valid (void) { +#ifndef QMAIL /* qmail extension can always handle MD5 */ struct stat sbuf; /* server forbids MD5 if no MD5 enable file */ if (stat (MD5ENABLE,&sbuf)) auth_md5.server = NIL; +#endif return T; /* MD5 is otherwise valid */ } @@ -186,6 +188,7 @@ char *auth_md5_pwd (char *user) { struct stat sbuf; +#ifndef QMAIL int fd = open (MD5ENABLE,O_RDONLY,NIL); unsigned char *s,*t,*buf,*lusr,*lret; char *r; @@ -214,6 +217,77 @@ fs_give ((void **) &buf); /* flush the buffer */ close (fd); /* don't need file any longer */ } +#else +# ifndef USERAPOPFILE +# define USERAPOPFILE ".apop" +# endif +# ifndef XADDR_DELIM +# ifdef POSTFIX /* Same if-condition is in maildir.c.. sorry */ +# define XADDR_DELIM "+" +# else +# define XADDR_DELIM "-" +# endif +# endif + extern char *myMailSuffix; + char mycrypt[BUFSIZ+1]; + char *ret = NIL, *tmp=NIL; + FILE *apopfile = NIL; + struct passwd *pw = getpwnam(user); + if (!pw) pw = getpwnam(lcase(tmp=cpystr(user))); + if (!pw && strstr(user, XADDR_DELIM)) { /* Check qmail alias */ + char tmp[BUFSIZ]; + char *s = user; + memset(tmp, 0, BUFSIZ); + while (*s && s && !pw) { + s = strstr(s, XADDR_DELIM); + if (!s) break; + strncpy(tmp, user, s-user); + s++; + pw = getpwnam(tmp); + } + if (pw) { + myMailSuffix = lcase(cpystr(s-1)); + user[strlen(tmp)] = '\0'; /* zap suffix */ + } + } + if (pw) { + snprintf(mycrypt, BUFSIZ, "%s/%s", pw->pw_dir, USERAPOPFILE); + if (NIL != myMailSuffix) strcat(mycrypt, myMailSuffix); + if (stat(mycrypt, &sbuf) < 0) { + /* printf("Cannot stat [%s]\015\n", mycrypt); */ + return ret; + } + if (sbuf.st_mode & ~(S_IFREG | S_IREAD | S_IWRITE)) { + /* printf("Your apoppassword file is readable by others. Do chmod 600 %s%c\n", mycrypt, 015); */ + return ret; + } +#ifdef APOPOPEN + if (stat(APOPOPEN, &sbuf) >= 0) { /* if APPOPEN exists */ + /* read apop password via APOPOPEN program */ + int bytes = 3+strlen(APOPOPEN)+strlen(mycrypt); + char *aproc = (char*) fs_get(bytes); + snprintf(aproc, bytes, "%s %s%c", APOPOPEN, mycrypt, '\0'); + apopfile = popen(aproc, "r"); + memset(aproc, 0, bytes); + fs_give((void**)&aproc); + } +#endif /* APOPOPEN */ + if ((NIL!=apopfile) || (apopfile = fopen( mycrypt, "r" ))) { + fgets(mycrypt, sizeof(mycrypt) - 1, apopfile); + fclose(apopfile); + if (mycrypt[0]) { + char p = strlen(mycrypt); + while (p > 0 && (mycrypt[p-1] == '\n' || mycrypt[p-1] == '\r')) { + mycrypt[--p] = '\0'; /* zap trailing newlines */ + } + } + } else { + return ret; + } + ret = cpystr(mycrypt); + memset(mycrypt, 0, sizeof(mycrypt)); + } +#endif /* if QMAIL */ return ret; /* return password */ } @@ -231,6 +305,9 @@ int i,j; char *ret = NIL; char *s,*authuser,tmp[MAILTMPLEN]; +#ifdef QMAIL + char *userback = cpystr(user); +#endif unsigned char digest[MD5DIGLEN]; MD5CONTEXT ctx; char *hex = "0123456789abcdef"; @@ -260,7 +337,15 @@ memset (tmp,0,MAILTMPLEN); /* erase sensitive information */ } if (!ret) sleep (3); /* slow down possible cracker */ + else { + extern void permitsmtp(); + /* permitsmtp();*/ + } +#ifdef QMAIL + return (ret) ? userback : ret; +#else return ret; +#endif } /*