/* ** Copyright 1998 - 2000 Double Precision, Inc. See COPYING for ** distribution information. */ #if HAVE_CONFIG_H #include "courier_auth_config.h" #endif #include #include #include #include #include #if HAVE_UNISTD_H #include #endif #include "auth.h" #include "authcustom.h" #include "courierauthdebug.h" int auth_custom_pre(const char *userid, const char *service, int (*callback)(struct authinfo *, void *), void *arg) { return (authcustomcommon(userid, 0, callback, arg)); } static int do_auth_custom(const char *, struct authinfo *); int authcustomcommon(const char *user, const char *pass, int (*callback)(struct authinfo *, void *), void *arg) { struct authinfo auth; int rc; memset(&auth, 0, sizeof(auth)); rc=do_auth_custom(user, &auth); if (rc) return (rc); if (pass == 0) return (0); /* Just get the authentication info */ if (auth.clearpasswd) { if (strcmp(pass, auth.clearpasswd)) return (-1); } else { const char *p=auth.passwd; if (!p || authcheckpassword(pass, p)) return (-1); } auth.clearpasswd=pass; return ((*callback)(&auth, arg)); } static int do_auth_custom(const char *userid, struct authinfo *authinfo) { /* ** Insert custom authentication code here. This code must obtain ** authentication information for account 'userid'. ** ** If you need to link with specific external libraries (-lnsl_s, ** et al), you'll just have to bite the bullet, install automake ** and autoconf, then set authcustom.libsdep and authcustom_LDADD ** in Makefile.am */ /* ** If userid does not exist, return (-1). */ DPRINTF("authcustom: nothing implemented in do_auth_custom()"); return (-1); /* ** If there is some kind of a system problem, that is you are ** unable to check whether userid is valid (the back end database ** is down, or something) return (1). */ /* ** Otherwise, initialize the authinfo structure, and return (0). ** ** NOTES: this function can be called repeated within a single ** process, in certain contexts. Do not simply dynamically ** allocate memory for all the character strings, each time, because ** the caller WILL NOT free the memory of any dynamically allocated ** strings. If you keep dynamically allocating memory, each time, ** you're going to get a memory leak, somewhere, and YOU'LL FUCK ** YOURSELF. What you should do is either use a static buffer, ** or dynamically allocate some memory, and free that memory on ** the next function call. ** ** Additionally: ** ** If you open any files, you MUST set FD_CLOEXEC bit on any ** file descriptor you create (open files, sockets, whatnot). ** ** Someone else might do a fork and an exec, so you need to make ** sure things get cleaned up, in that event. ** ** Fields in the auth structure: ** ** sysusername - REQUIRED - user name, should simply be userid, ** unless you know what you're doing. ** sysuserid - REQUIRED - pointer to the user's uid_t (yes, it's ** a pointer). ** sysgroupid - REQUIRED - gid_t, the group ID of the user. ** ** homedir - REQUIRED - home directory. ** ** address - REQUIRED - the 'identity' of the authenticated user, ** the e-mail address. It is acceptable to set ** this field also to userid, if you can't think ** of anything better to do. ** ** fullname - OPTIONAL - user's full name. ** ** maildir - OPTIONAL - user's primary maildir ($HOME/Maildir default) ** ** quota - OPTIONAL - user's maildir quota (see a README somewhere) ** ** passwd, clearpasswd - one of these fields must be initialized, ** either one is ok. Initialize clearpasswd ** if you store cleartext passwords. If you ** store crypted passwords, initialize passwd. */ } void authcustomclose() { /* ** Place any cleanup here. */ }