1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
/*
* LOGIN authentication mechanism.
*
* Copyright (c) 2004 Andrey Panin <pazke@donpac.ru>
*
* This software is released under the MIT license.
*/
#include "auth-common.h"
#include "mech.h"
#include "passdb.h"
#include "safe-memset.h"
#include "mech-plain-common.h"
static void
mech_login_auth_continue(struct auth_request *request,
const unsigned char *data, size_t data_size)
{
static const char prompt2[] = "Password:";
const char *username, *error;
if (request->fields.user == NULL) {
username = t_strndup(data, data_size);
if (!auth_request_set_username(request, username, &error)) {
e_info(request->mech_event, "%s", error);
auth_request_fail(request);
return;
}
auth_request_handler_reply_continue(request, prompt2,
strlen(prompt2));
} else {
char *pass = p_strndup(unsafe_data_stack_pool, data, data_size);
auth_request_verify_plain(request, pass, plain_verify_callback);
safe_memset(pass, 0, strlen(pass));
}
}
static void
mech_login_auth_initial(struct auth_request *request,
const unsigned char *data, size_t data_size)
{
static const char prompt1[] = "Username:";
if (data_size == 0) {
auth_request_handler_reply_continue(request, prompt1,
strlen(prompt1));
} else {
mech_login_auth_continue(request, data, data_size);
}
}
static struct auth_request *mech_login_auth_new(void)
{
struct auth_request *request;
pool_t pool;
pool = pool_alloconly_create(MEMPOOL_GROWING"login_auth_request", 2048);
request = p_new(pool, struct auth_request, 1);
request->pool = pool;
return request;
}
const struct mech_module mech_login = {
"LOGIN",
.flags = MECH_SEC_PLAINTEXT,
.passdb_need = MECH_PASSDB_NEED_VERIFY_PLAIN,
mech_login_auth_new,
mech_login_auth_initial,
mech_login_auth_continue,
mech_generic_auth_free
};
|
