1/* 2 * Copyright (c) 2004 Kungliga Tekniska Högskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#include <popper.h> 35#ifdef SASL 36#include <base64.h> 37#include <pop_auth.h> 38RCSID("$Id$"); 39 40/* 41 * auth: RFC1734 42 */ 43 44static char * 45getline(POP *p) 46{ 47 char *buf = NULL; 48 size_t size = 1024; 49 buf = malloc(size); 50 if(buf == NULL) 51 return NULL; 52 *buf = '\0'; 53 while(fgets(buf + strlen(buf), size - strlen(buf), p->input) != NULL) { 54 char *p; 55 if((p = strchr(buf, '\n')) != NULL) { 56 while(p > buf && p[-1] == '\r') 57 p--; 58 *p = '\0'; 59 return buf; 60 } 61 /* just assume we ran out of buffer space, we'll catch eof 62 next round */ 63 size += 1024; 64 p = realloc(buf, size); 65 if(p == NULL) 66 break; 67 buf = p; 68 } 69 free(buf); 70 return NULL; 71} 72 73static char auth_msg[128]; 74void 75pop_auth_set_error(const char *message) 76{ 77 strlcpy(auth_msg, message, sizeof(auth_msg)); 78} 79 80static struct auth_mech *methods[] = { 81#ifdef KRB5 82 &gssapi_mech, 83#endif 84 NULL 85}; 86 87static int 88auth_execute(POP *p, struct auth_mech *m, void *state, const char *line) 89{ 90 void *input, *output; 91 size_t input_length, output_length; 92 int status; 93 94 if(line == NULL) { 95 input = NULL; 96 input_length = 0; 97 } else { 98 input = strdup(line); 99 if(input == NULL) { 100 pop_auth_set_error("out of memory"); 101 return POP_AUTH_FAILURE; 102 } 103 input_length = base64_decode(line, input); 104 if(input_length == (size_t)-1) { 105 pop_auth_set_error("base64 decode error"); 106 return POP_AUTH_FAILURE; 107 } 108 } 109 output = NULL; output_length = 0; 110 status = (*m->loop)(p, state, input, input_length, &output, &output_length); 111 if(output_length > 0) { 112 char *s; 113 base64_encode(output, output_length, &s); 114 fprintf(p->output, "+ %s\r\n", s); 115 fflush(p->output); 116 free(output); 117 free(s); 118 } 119 return status; 120} 121 122static int 123auth_loop(POP *p, struct auth_mech *m) 124{ 125 int status; 126 void *state = NULL; 127 char *line; 128 129 status = (*m->init)(p, &state); 130 131 status = auth_execute(p, m, state, p->pop_parm[2]); 132 133 while(status == POP_AUTH_CONTINUE) { 134 line = getline(p); 135 if(line == NULL) { 136 (*m->cleanup)(p, state); 137 return pop_msg(p, POP_FAILURE, "error reading data"); 138 } 139 if(strcmp(line, "*") == 0) { 140 (*m->cleanup)(p, state); 141 return pop_msg(p, POP_FAILURE, "terminated by client"); 142 } 143 status = auth_execute(p, m, state, line); 144 free(line); 145 } 146 147 148 (*m->cleanup)(p, state); 149 if(status == POP_AUTH_FAILURE) 150 return pop_msg(p, POP_FAILURE, "%s", auth_msg); 151 152 status = login_user(p); 153 if(status != POP_SUCCESS) 154 return status; 155 return pop_msg(p, POP_SUCCESS, "authentication complete"); 156} 157 158int 159pop_auth (POP *p) 160{ 161 int i; 162 163 for (i = 0; methods[i] != NULL; ++i) 164 if (strcasecmp(p->pop_parm[1], methods[i]->name) == 0) 165 return auth_loop(p, methods[i]); 166 return pop_msg(p, POP_FAILURE, 167 "Authentication method %s unknown", p->pop_parm[1]); 168} 169 170void 171pop_capa_sasl(POP *p) 172{ 173 int i; 174 175 if(methods[0] == NULL) 176 return; 177 178 fprintf(p->output, "SASL"); 179 for (i = 0; methods[i] != NULL; ++i) 180 fprintf(p->output, " %s", methods[i]->name); 181 fprintf(p->output, "\r\n"); 182} 183#endif 184