appl/popper/pop_auth.c

   1 /*
   2  * Copyright (c) 2004 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33
  34 #include <popper.h>
  35 #ifdef SASL
  36 #include <base64.h>
  37 #include <pop_auth.h>
  38 RCSID("$Id$");
  39
  40 /*
  41  *  auth: RFC1734
  42  */
  43
  44 static char *
  45 getline(POP *p)
  46 {
  47     char *buf = NULL;
  48     size_t size = 1024;
  49     buf = malloc(size);
  50     if(buf == NULL)
  51         return NULL;
  52     *buf = '\0';
  53     while(fgets(buf + strlen(buf), size - strlen(buf), p->input) != NULL) {
  54         char *p;
  55         if((p = strchr(buf, '\n')) != NULL) {
  56             while(p > buf && p[-1] == '\r')
  57                 p--;
  58             *p = '\0';
  59             return buf;
  60         }
  61         /* just assume we ran out of buffer space, we'll catch eof
  62            next round */
  63         size += 1024;
  64         p = realloc(buf, size);
  65         if(p == NULL)
  66             break;
  67         buf = p;
  68     }
  69     free(buf);
  70     return NULL;
  71 }
  72
  73 static char auth_msg[128];
  74 void
  75 pop_auth_set_error(const char *message)
  76 {
  77     strlcpy(auth_msg, message, sizeof(auth_msg));
  78 }
  79
  80 static struct auth_mech *methods[] = {
  81 #ifdef KRB5
  82     &gssapi_mech,
  83 #endif
  84 #ifdef KRB4
  85     &krb4_mech,
  86 #endif
  87     NULL
  88 };
  89
  90 static int
  91 auth_execute(POP *p, struct auth_mech *m, void *state, const char *line)
  92 {
  93     void *input, *output;
  94     size_t input_length, output_length;
  95     int status;
  96
  97     if(line == NULL) {
  98         input = NULL;
  99         input_length = 0;
 100     } else {
 101         input = strdup(line);
 102         if(input == NULL) {
 103             pop_auth_set_error("out of memory");
 104             return POP_AUTH_FAILURE;
 105         }
 106         input_length = base64_decode(line, input);
 107         if(input_length == (size_t)-1) {
 108             pop_auth_set_error("base64 decode error");
 109             return POP_AUTH_FAILURE;
 110         }
 111     }
 112     output = NULL; output_length = 0;
 113     status = (*m->loop)(p, state, input, input_length, &output, &output_length);
 114     if(output_length > 0) {
 115         char *s;
 116         base64_encode(output, output_length, &s);
 117         fprintf(p->output, "+ %s\r\n", s);
 118         fflush(p->output);
 119         free(output);
 120         free(s);
 121     }
 122     return status;
 123 }
 124
 125 static int
 126 auth_loop(POP *p, struct auth_mech *m)
 127 {
 128     int status;
 129     void *state = NULL;
 130     char *line;
 131
 132     status = (*m->init)(p, &state);
 133
 134     status = auth_execute(p, m, state, p->pop_parm[2]);
 135
 136     while(status == POP_AUTH_CONTINUE) {
 137         line = getline(p);
 138         if(line == NULL) {
 139             (*m->cleanup)(p, state);
 140             return pop_msg(p, POP_FAILURE, "error reading data");
 141         }
 142         if(strcmp(line, "*") == 0) {
 143             (*m->cleanup)(p, state);
 144             return pop_msg(p, POP_FAILURE, "terminated by client");
 145         }
 146         status = auth_execute(p, m, state, line);
 147         free(line);
 148     }
 149
 150
 151     (*m->cleanup)(p, state);
 152     if(status == POP_AUTH_FAILURE)
 153         return pop_msg(p, POP_FAILURE, "%s", auth_msg);
 154
 155     status = login_user(p);
 156     if(status != POP_SUCCESS)
 157         return status;
 158     return pop_msg(p, POP_SUCCESS, "authentication complete");
 159 }
 160
 161 int
 162 pop_auth (POP *p)
 163 {
 164     int i;
 165
 166     for (i = 0; methods[i] != NULL; ++i)
 167         if (strcasecmp(p->pop_parm[1], methods[i]->name) == 0)
 168             return auth_loop(p, methods[i]);
 169     return pop_msg(p, POP_FAILURE,
 170                    "Authentication method %s unknown", p->pop_parm[1]);
 171 }
 172
 173 void
 174 pop_capa_sasl(POP *p)
 175 {
 176     int i;
 177
 178     if(methods[0] == NULL)
 179         return;
 180
 181     fprintf(p->output, "SASL");
 182     for (i = 0; methods[i] != NULL; ++i)
 183         fprintf(p->output, " %s", methods[i]->name);
 184     fprintf(p->output, "\r\n");
 185 }
 186 #endif