421d5e793acf0a9c6c0495f01d719400b3f16a07
[users/heiko/exim.git] / src / src / auths / dovecot.c
1 /* $Cambridge: exim/src/src/auths/dovecot.c,v 1.5 2007/01/24 17:14:27 magnus Exp $ */
2
3 /*
4  * Copyright (c) 2004 Andrey Panin <pazke@donpac.ru>
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published
8  * by the Free Software Foundation; either version 2 of the License, or
9  * (at your option) any later version.
10  */
11
12 #include "../exim.h"
13 #include "dovecot.h"
14
15 #define VERSION_MAJOR  1
16 #define VERSION_MINOR  0
17
18 /* Options specific to the authentication mechanism. */
19 optionlist auth_dovecot_options[] = {
20        {
21                "server_socket",
22                opt_stringptr,
23                (void *)(offsetof(auth_dovecot_options_block, server_socket))
24        },
25 };
26
27 /* Size of the options list. An extern variable has to be used so that its
28 address can appear in the tables drtables.c. */
29 int auth_dovecot_options_count =
30        sizeof(auth_dovecot_options) / sizeof(optionlist);
31
32 /* Default private options block for the authentication method. */
33 auth_dovecot_options_block auth_dovecot_option_defaults = {
34        NULL,                           /* server_socket */
35 };
36
37 /*************************************************
38  *          Initialization entry point           *
39  *************************************************/
40
41 /* Called for each instance, after its options have been read, to
42 enable consistency checks to be done, or anything else that needs
43 to be set up. */
44 void auth_dovecot_init(auth_instance *ablock)
45 {
46        auth_dovecot_options_block *ob =
47                (auth_dovecot_options_block *)(ablock->options_block);
48
49        if (ablock->public_name == NULL)
50                ablock->public_name = ablock->name;
51        if (ob->server_socket != NULL)
52                ablock->server = TRUE;
53        ablock->client = FALSE;
54 }
55
56 static int strcut(char *str, char **ptrs, int nptrs)
57 {
58        char *tmp = str;
59        int n;
60
61        for (n = 0; n < nptrs; n++)
62                ptrs[n] = NULL;
63        n = 1;
64
65        while (*str) {
66                if (*str == '\t') {
67                        if (n <= nptrs) {
68                                *ptrs++ = tmp;
69                                tmp = str + 1;
70                                *str = 0;
71                        }
72                        n++;
73                }
74                str++;
75        }
76
77        if (n < nptrs)
78                *ptrs = tmp;
79
80        return n;
81 }
82
83 #define CHECK_COMMAND(str, arg_min, arg_max) do { \
84        if (strcasecmp((str), args[0]) != 0) \
85                goto out; \
86        if (nargs - 1 < (arg_min)) \
87                goto out; \
88        if (nargs - 1 > (arg_max)) \
89                goto out; \
90 } while (0)
91
92 #define OUT(msg) do { \
93        auth_defer_msg = (US msg); \
94        goto out; \
95 } while(0)
96
97
98
99 /*************************************************
100  *             Server entry point                *
101  *************************************************/
102
103 int auth_dovecot_server(auth_instance *ablock, uschar *data)
104 {
105        auth_dovecot_options_block *ob =
106                (auth_dovecot_options_block *)(ablock->options_block);
107        struct sockaddr_un sa;
108        char buffer[4096];
109        char *args[8];
110        uschar *auth_command;
111        uschar *auth_extra_data = US"";
112        int nargs, tmp;
113        int cuid = 0, cont = 1, found = 0, fd, ret = DEFER;
114        FILE *f;
115
116        HDEBUG(D_auth) debug_printf("dovecot authentication\n");
117
118        memset(&sa, 0, sizeof(sa));
119        sa.sun_family = AF_UNIX;
120
121        /* This was the original code here: it is nonsense because strncpy()
122        does not return an integer. I have converted this to use the function
123        that formats and checks length. PH */
124
125        /*
126        if (strncpy(sa.sun_path, ob->server_socket, sizeof(sa.sun_path)) < 0) {
127        */
128
129        if (!string_format(US sa.sun_path, sizeof(sa.sun_path), "%s",
130                           ob->server_socket)) {
131                auth_defer_msg = US"authentication socket path too long";
132                return DEFER;
133        }
134
135        auth_defer_msg = US"authentication socket connection error";
136
137        fd = socket(PF_UNIX, SOCK_STREAM, 0);
138        if (fd < 0)
139                return DEFER;
140
141        if (connect(fd, (struct sockaddr *) &sa, sizeof(sa)) < 0)
142                goto out;
143
144        f = fdopen(fd, "a+");
145        if (f == NULL)
146                goto out;
147
148        auth_defer_msg = US"authentication socket protocol error";
149
150        while (cont) {
151                if (fgets(buffer, sizeof(buffer), f) == NULL)
152                        OUT("authentication socket read error or premature eof");
153
154                buffer[strlen(buffer) - 1] = 0;
155                HDEBUG(D_auth) debug_printf("received: %s\n", buffer);
156                nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0]));
157
158                switch (toupper(*args[0])) {
159                case 'C':
160                        CHECK_COMMAND("CUID", 1, 1);
161                        cuid = atoi(args[1]);
162                        break;
163
164                case 'D':
165                        CHECK_COMMAND("DONE", 0, 0);
166                        cont = 0;
167                        break;
168
169                case 'M':
170                        CHECK_COMMAND("MECH", 1, INT_MAX);
171                        if (strcmpic(US args[1], ablock->public_name) == 0)
172                                found = 1;
173                        break;
174
175                case 'S':
176                        CHECK_COMMAND("SPID", 1, 1);
177                        break;
178
179                case 'V':
180                        CHECK_COMMAND("VERSION", 2, 2);
181                        if (atoi(args[1]) != VERSION_MAJOR)
182                                OUT("authentication socket protocol version mismatch");
183                        break;
184
185                default:
186                        goto out;
187                }
188        }
189
190        if (!found)
191                goto out;
192
193        /* Added by PH: data must not contain tab (as it is
194        b64 it shouldn't, but check for safety). */
195
196        if (Ustrchr(data, '\t') != NULL) {
197                ret = FAIL;
198                goto out;
199        }
200
201        /* Added by PH: extra fields when TLS is in use or if the TCP/IP
202        connection is local. */
203
204        if (tls_cipher != NULL)
205                auth_extra_data = string_sprintf("secured\t%s%s",
206                    tls_certificate_verified? "valid-client-cert" : "",
207                    tls_certificate_verified? "\t" : "");
208        else if (interface_address
209                 && Ustrcmp(sender_host_address, interface_address) == 0)
210                auth_extra_data = US"secured\t";
211
212
213 /****************************************************************************
214    The code below was the original code here. It didn't work. A reading of the
215    file auth-protocol.txt.gz that came with Dovecot 1.0_beta8 indicated that
216    this was not right. Maybe something changed. I changed it to move the
217    service indication into the AUTH command, and it seems to be better. PH
218
219        fprintf(f, "VERSION\t%d\t%d\r\nSERVICE\tSMTP\r\nCPID\t%d\r\n"
220                "AUTH\t%d\t%s\trip=%s\tlip=%s\tresp=%s\r\n",
221                VERSION_MAJOR, VERSION_MINOR, getpid(), cuid,
222                ablock->public_name, sender_host_address, interface_address,
223                data ? (char *) data : "");
224
225    Subsequently, the command was modified to add "secured" and "valid-client-
226    cert" when relevant.
227 ****************************************************************************/
228
229        auth_command = string_sprintf("VERSION\t%d\t%d\nCPID\t%d\n"
230                "AUTH\t%d\t%s\tservice=smtp\t%srip=%s\tlip=%s\tresp=%s\n",
231                VERSION_MAJOR, VERSION_MINOR, getpid(), cuid,
232                ablock->public_name, auth_extra_data, sender_host_address,
233                interface_address, data ? (char *) data : "");
234
235        fprintf(f, "%s", auth_command);
236        HDEBUG(D_auth) debug_printf("sent: %s", auth_command);
237
238        while (1) {
239                if (fgets(buffer, sizeof(buffer), f) == NULL) {
240                        auth_defer_msg = US"authentication socket read error or premature eof";
241                        goto out;
242                }
243
244                buffer[strlen(buffer) - 1] = 0;
245                HDEBUG(D_auth) debug_printf("received: %s\n", buffer);
246                nargs = strcut(buffer, args, sizeof(args) / sizeof(args[0]));
247
248                if (atoi(args[1]) != cuid)
249                        OUT("authentication socket connection id mismatch");
250
251                switch (toupper(*args[0])) {
252                case 'C':
253                        CHECK_COMMAND("CONT", 1, 2);
254
255                        tmp = auth_get_no64_data(&data, US args[2]);
256                        if (tmp != OK) {
257                                ret = tmp;
258                                goto out;
259                        }
260
261                        /* Added by PH: data must not contain tab (as it is
262                        b64 it shouldn't, but check for safety). */
263
264                        if (Ustrchr(data, '\t') != NULL) {
265                                ret = FAIL;
266                                goto out;
267                        }
268
269                        if (fprintf(f, "CONT\t%d\t%s\r\n", cuid, data) < 0)
270                                OUT("authentication socket write error");
271
272                        break;
273
274                case 'F':
275                        CHECK_COMMAND("FAIL", 1, 2);
276
277                        /* FIXME: add proper response handling */
278                        if (args[2]) {
279                                uschar *p = US strchr(args[2], '=');
280                                if (p) {
281                                        ++p;
282                                        expand_nstring[1] = auth_vars[0] =
283                                          string_copy(p);  /* PH */
284                                        expand_nlength[1] = Ustrlen(p);
285                                        expand_nmax = 1;
286                                }
287                        }
288
289                        ret = FAIL;
290                        goto out;
291
292                case 'O':
293                        CHECK_COMMAND("OK", 2, 2);
294                        {
295                                /* FIXME: add proper response handling */
296                                uschar *p = US strchr(args[2], '=');
297                                if (!p)
298                                        OUT("authentication socket protocol error, username missing");
299
300                                p++;
301                                expand_nstring[1] = auth_vars[0] =
302                                  string_copy(p);  /* PH */
303                                expand_nlength[1] = Ustrlen(p);
304                                expand_nmax = 1;
305                        }
306                        ret = OK;
307                        /* fallthrough */
308
309                default:
310                        goto out;
311                }
312        }
313
314 out:   close(fd);
315
316        /* Expand server_condition as an authorization check */
317        return (ret == OK)? auth_check_serv_cond(ablock) : ret;
318 }