From 217f3ed9ef654c1f19c505d9acf14ab1e298d707 Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Wed, 29 Oct 2003 16:10:20 +0200 Subject: [PATCH] Added bsdauth support, patch by Dan Cross --HG-- branch : HEAD --- configure.in | 16 +++++++++ src/auth/Makefile.am | 1 + src/auth/passdb-bsdauth.c | 70 +++++++++++++++++++++++++++++++++++++++ src/auth/passdb.c | 4 +++ src/auth/passdb.h | 1 + 5 files changed, 92 insertions(+) create mode 100644 src/auth/passdb-bsdauth.c diff --git a/configure.in b/configure.in index 8072b3a954..fcfeb1ed42 100644 --- a/configure.in +++ b/configure.in @@ -89,6 +89,15 @@ AC_ARG_WITH(pam, fi, want_pam=yes) +AC_ARG_WITH(bsdauth, +[ --with-bsdauth Build with BSD authentication support (default)], + if test x$withval = xno; then + want_bsdauth=no + else + want_bsdauth=yes + fi, + want_bsdauth=yes) + AC_ARG_WITH(ldap, [ --with-ldap Build with LDAP support], if test x$withval = xno; then @@ -938,6 +947,13 @@ if test $want_pam = yes; then ]) fi +if test $want_bsdauth = yes; then + AC_CHECK_FUNC(auth_userokay, [ + AC_DEFINE(PASSDB_BSDAUTH,, Build with BSD authentication support) + passdb="$passdb bsdauth" + ]) +fi + if test $want_ldap = yes; then AC_CHECK_LIB(ldap, ldap_init, [ AC_CHECK_HEADER(ldap.h, [ diff --git a/src/auth/Makefile.am b/src/auth/Makefile.am index 1cc13d8208..b4814d081c 100644 --- a/src/auth/Makefile.am +++ b/src/auth/Makefile.am @@ -31,6 +31,7 @@ dovecot_auth_SOURCES = \ mech-digest-md5.c \ mycrypt.c \ passdb.c \ + passdb-bsdauth.c \ passdb-ldap.c \ passdb-passwd.c \ passdb-passwd-file.c \ diff --git a/src/auth/passdb-bsdauth.c b/src/auth/passdb-bsdauth.c new file mode 100644 index 0000000000..037c968eeb --- /dev/null +++ b/src/auth/passdb-bsdauth.c @@ -0,0 +1,70 @@ +/* Copyright (C) 2002-2003 Timo Sirainen */ + +#include "config.h" +#undef HAVE_CONFIG_H + +#ifdef PASSDB_BSDAUTH + +#include "common.h" +#include "safe-memset.h" +#include "passdb.h" +#include "mycrypt.h" + +#include +#include +#include + +static void +bsdauth_verify_plain(struct auth_request *request, const char *password, + verify_plain_callback_t *callback) +{ + struct passwd *pw; + int result; + + pw = getpwnam(request->user); + if (pw == NULL) { + if (verbose) + i_info("passwd(%s): unknown user", request->user); + callback(PASSDB_RESULT_USER_UNKNOWN, request); + return; + } + + if (!IS_VALID_PASSWD(pw->pw_passwd)) { + if (verbose) { + i_info("passwd(%s): invalid password field '%s'", + request->user, pw->pw_passwd); + } + callback(PASSDB_RESULT_USER_DISABLED, request); + return; + } + + /* check if the password is valid */ + result = auth_userokay(request->user, NULL, NULL, password); + + /* clear the passwords from memory */ + safe_memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); + + if (!result) { + if (verbose) + i_info("passwd(%s): password mismatch", request->user); + callback(PASSDB_RESULT_PASSWORD_MISMATCH, request); + return; + } + + callback(PASSDB_RESULT_OK, request); +} + +static void bsdauth_deinit(void) +{ + endpwent(); +} + +struct passdb_module passdb_bsdauth = { + NULL, + bsdauth_deinit, + + bsdauth_verify_plain, + NULL +}; + +#endif diff --git a/src/auth/passdb.c b/src/auth/passdb.c index ea68602b44..6e6fe281d0 100644 --- a/src/auth/passdb.c +++ b/src/auth/passdb.c @@ -86,6 +86,10 @@ void passdb_init(void) if (strcasecmp(name, "passwd") == 0) passdb = &passdb_passwd; #endif +#ifdef PASSDB_BSDAUTH + if (strcasecmp(name, "bsdauth") == 0) + passdb = &passdb_bsdauth; +#endif #ifdef PASSDB_PASSWD_FILE if (strcasecmp(name, "passwd-file") == 0) passdb = &passdb_passwd_file; diff --git a/src/auth/passdb.h b/src/auth/passdb.h index 4d28f37aff..2650f52d4a 100644 --- a/src/auth/passdb.h +++ b/src/auth/passdb.h @@ -52,6 +52,7 @@ void passdb_handle_credentials(enum passdb_credentials credentials, extern struct passdb_module *passdb; extern struct passdb_module passdb_passwd; +extern struct passdb_module passdb_bsdauth; extern struct passdb_module passdb_shadow; extern struct passdb_module passdb_passwd_file; extern struct passdb_module passdb_pam; -- 2.47.3