1/* MODULE: auth_sasldb */ 2 3/* COPYRIGHT 4 * Copyright (c) 1997-2000 Messaging Direct Ltd. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY MESSAGING DIRECT LTD. ``AS IS'' AND ANY 17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MESSAGING DIRECT LTD. OR 20 * ITS EMPLOYEES OR AGENTS BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 22 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 23 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 24 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 25 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 26 * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 27 * DAMAGE. 28 * END COPYRIGHT */ 29 30/* SYNOPSIS 31 * crypt(3) based passwd file validation 32 * END SYNOPSIS */ 33 34#ifdef __GNUC__ 35#ident "$Id: auth_sasldb.c,v 1.6 2009/02/20 22:08:56 mel Exp $" 36#endif 37 38/* PUBLIC DEPENDENCIES */ 39#include "mechanisms.h" 40 41#include <string.h> 42#include <stdlib.h> 43#include <pwd.h> 44#include <config.h> 45/* END PUBLIC DEPENDENCIES */ 46 47#define RETURN(x) return strdup(x) 48 49 50#ifdef AUTH_SASLDB 51#include "../include/sasl.h" 52#include "../include/saslplug.h" 53#include "../sasldb/sasldb.h" 54 55static int 56vf(void *context __attribute__((unused)), 57 char *file __attribute__((unused)), 58 int type __attribute__((unused))) 59{ 60 /* always say ok */ 61 return SASL_OK; 62} 63 64static int lame_getcallback(sasl_conn_t *conn __attribute__((unused)), 65 unsigned long callbackid, 66 int (**pproc)(), 67 void **pcontext) 68{ 69 if(callbackid == SASL_CB_VERIFYFILE) { 70 *pproc = vf; 71 *pcontext = NULL; 72 return SASL_OK; 73 } 74 75 return SASL_FAIL; 76} 77 78static void lame_log(sasl_conn_t *conn, int level, const char *fmt, ...) 79{ 80 return; 81} 82 83static void lame_seterror(sasl_conn_t *conn, unsigned flags, 84 const char *fmt, ...) 85{ 86 return; 87} 88 89/* FUNCTION: init_lame_utils */ 90/* This sets up a very minimal sasl_utils_t for use only with the 91 * database functions */ 92static void init_lame_utils(sasl_utils_t *utils) 93{ 94 memset(utils, 0, sizeof(sasl_utils_t)); 95 96 utils->malloc=(sasl_malloc_t *)malloc; 97 utils->calloc=(sasl_calloc_t *)calloc; 98 utils->realloc=(sasl_realloc_t *)realloc; 99 utils->free=(sasl_free_t *)free; 100 101 utils->getcallback=lame_getcallback; 102 utils->log=lame_log; 103 utils->seterror=lame_seterror; 104 105 return; 106} 107 108/* END FUNCTION: init_lame_utils */ 109 110#endif /* AUTH_SASLDB */ 111 112/* FUNCTION: auth_sasldb */ 113 114char * /* R: allocated response string */ 115auth_sasldb ( 116 /* PARAMETERS */ 117#ifdef AUTH_SASLDB 118 const char *login, /* I: plaintext authenticator */ 119 const char *password, /* I: plaintext password */ 120 const char *service __attribute__((unused)), 121 const char *realm 122#else 123 const char *login __attribute__((unused)),/* I: plaintext authenticator */ 124 const char *password __attribute__((unused)), /* I: plaintext password */ 125 const char *service __attribute__((unused)), 126 const char *realm __attribute__((unused)) 127#endif 128 /* END PARAMETERS */ 129 ) 130{ 131#ifdef AUTH_SASLDB 132 /* VARIABLES */ 133 char pw[1024]; /* pointer to passwd file entry */ 134 sasl_utils_t utils; 135 int ret, outsize; 136 const char *use_realm; 137 char realm_buf[MAXHOSTNAMELEN]; 138 /* END VARIABLES */ 139 140 init_lame_utils(&utils); 141 142 _sasl_check_db(&utils, (void *)0x1); 143 144 if(!realm || !strlen(realm)) { 145 ret = gethostname(realm_buf,MAXHOSTNAMELEN); 146 if(ret) RETURN("NO"); 147 use_realm = realm_buf; 148 } else { 149 use_realm = realm; 150 } 151 152 153 ret = _sasldb_getdata(&utils, (void *)0x1, login, use_realm, 154 "userPassword", pw, 1024, &outsize); 155 156 if (ret != SASL_OK) { 157 RETURN("NO"); 158 } 159 160 if (strcmp(pw, password)) { 161 RETURN("NO"); 162 } 163 164 RETURN("OK"); 165#else 166 RETURN("NO"); 167#endif 168} 169 170/* END FUNCTION: auth_sasldb */ 171 172/* END MODULE: auth_sasldb */ 173