X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/57c2c6316b8b5f3ef868eb2e8091ab2d85540e0d..981a9fad802cf50ffe4640e9f1a336eef3bd60e6:/src/src/auths/dovecot.c diff --git a/src/src/auths/dovecot.c b/src/src/auths/dovecot.c index c9433741a..78505722f 100644 --- a/src/src/auths/dovecot.c +++ b/src/src/auths/dovecot.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/auths/dovecot.c,v 1.7 2007/03/01 14:06:56 ph10 Exp $ */ +/* $Cambridge: exim/src/src/auths/dovecot.c,v 1.12 2010/03/05 16:11:11 nm4 Exp $ */ /* * Copyright (c) 2004 Andrey Panin @@ -101,7 +101,7 @@ static int strcut(uschar *str, uschar **ptrs, int nptrs) goto out; \ if (nargs - 1 < (arg_min)) \ goto out; \ - if (nargs - 1 > (arg_max)) \ + if ( (arg_max != -1) && (nargs - 1 > (arg_max)) ) \ goto out; \ } while (0) @@ -131,6 +131,7 @@ for (;;) { sbp = read(fd, sbuffer, sizeof(sbuffer)); if (sbp == 0) { if (count == 0) return NULL; else break; } + p = 0; } while (p < sbp) @@ -208,35 +209,23 @@ int auth_dovecot_server(auth_instance *ablock, uschar *data) HDEBUG(D_auth) debug_printf("received: %s\n", buffer); nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0])); - switch (toupper(*args[0])) { - case 'C': + /* Code below rewritten by Kirill Miazine (km@krot.org). Only check commands that + Exim will need. Original code also failed if Dovecot server sent unknown + command. E.g. COOKIE in version 1.1 of the protocol would cause troubles. */ + if (Ustrcmp(args[0], US"CUID") == 0) { CHECK_COMMAND("CUID", 1, 1); cuid = Uatoi(args[1]); - break; - - case 'D': - CHECK_COMMAND("DONE", 0, 0); - cont = 0; - break; - - case 'M': - CHECK_COMMAND("MECH", 1, INT_MAX); - if (strcmpic(US args[1], ablock->public_name) == 0) - found = 1; - break; - - case 'S': - CHECK_COMMAND("SPID", 1, 1); - break; - - case 'V': + } else if (Ustrcmp(args[0], US"VERSION") == 0) { CHECK_COMMAND("VERSION", 2, 2); if (Uatoi(args[1]) != VERSION_MAJOR) OUT("authentication socket protocol version mismatch"); - break; - - default: - goto out; + } else if (Ustrcmp(args[0], US"MECH") == 0) { + CHECK_COMMAND("MECH", 1, INT_MAX); + if (strcmpic(US args[1], ablock->public_name) == 0) + found = 1; + } else if (Ustrcmp(args[0], US"DONE") == 0) { + CHECK_COMMAND("DONE", 0, 0); + cont = 0; } } @@ -277,10 +266,13 @@ int auth_dovecot_server(auth_instance *ablock, uschar *data) Subsequently, the command was modified to add "secured" and "valid-client- cert" when relevant. + + The auth protocol is documented here: + http://wiki.dovecot.org/Authentication_Protocol ****************************************************************************/ auth_command = string_sprintf("VERSION\t%d\t%d\nCPID\t%d\n" - "AUTH\t%d\t%s\tservice=smtp\t%srip=%s\tlip=%s\tresp=%s\n", + "AUTH\t%d\t%s\tservice=smtp\t%srip=%s\tlip=%s\tnologin\tresp=%s\n", VERSION_MAJOR, VERSION_MINOR, getpid(), cuid, ablock->public_name, auth_extra_data, sender_host_address, interface_address, data ? (char *) data : ""); @@ -293,6 +285,9 @@ int auth_dovecot_server(auth_instance *ablock, uschar *data) while (1) { uschar *temp; + uschar *auth_id_pre = NULL; + int i; + if (dc_gets(buffer, sizeof(buffer), fd) == NULL) { auth_defer_msg = US"authentication socket read error or premature eof"; goto out; @@ -323,22 +318,22 @@ int auth_dovecot_server(auth_instance *ablock, uschar *data) goto out; } - temp = string_sprintf("CONT\t%d\t%s\r\n", cuid, data); + temp = string_sprintf("CONT\t%d\t%s\n", cuid, data); if (write(fd, temp, Ustrlen(temp)) < 0) OUT("authentication socket write error"); break; case 'F': - CHECK_COMMAND("FAIL", 1, 2); + CHECK_COMMAND("FAIL", 1, -1); - /* FIXME: add proper response handling */ - if (args[2]) { - uschar *p = Ustrchr(args[2], '='); - if (p) { - ++p; + for (i=2; (i