lib/md5pwd.c

   1 /* md5pwd.c     find passwords in UoW imapd MD5 type password files
   2  * Copyright (C) 2002  Simon Josefsson
   3  *
   4  * This file is part of libgsasl.
   5  *
   6  * Libgsasl is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 2.1 of the License, or (at your option) any later version.
  10  *
  11  * Libgsasl is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public
  17  * License along with libgsasl; if not, write to the Free Software
  18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  19  *
  20  */
  21
  22 #include "internal.h"
  23
  24 /**
  25  * gsasl_md5pwd_get_password:
  26  * @filename: filename of file containing passwords.
  27  * @username: username string.
  28  * @key: output character array.
  29  * @keylen: input maximum size of output character array, on output
  30  * contains actual length of output array.
  31  *
  32  * Retrieve password for user from specified file.  To find out how
  33  * large the output array must be, call this function with out=NULL.
  34  *
  35  * The file should be on the UoW "MD5 Based Authentication" format,
  36  * which means it is in text format with comments denoted by # first
  37  * on the line, with user entries looking as username\tpassword.  This
  38  * function removes \r and \n at the end of lines before processing.
  39  *
  40  * Return value: Return GSASL_OK if output buffer contains the
  41  * password, GSASL_AUTHENTICATION_ERROR if the user could not be
  42  * found, or other error code.
  43  **/
  44 int
  45 gsasl_md5pwd_get_password (const char *filename,
  46                            const char *username,
  47                            char *key,
  48                            size_t *keylen)
  49 {
  50   char matchbuf[BUFSIZ];
  51   char line[BUFSIZ];
  52   FILE *fh;
  53
  54   fh = fopen(filename, "r");
  55   if (fh == NULL)
  56       return GSASL_FOPEN_ERROR;
  57
  58   sprintf(matchbuf, "%s\t", username);
  59
  60   while (!feof(fh))
  61     {
  62       if (fgets(line, BUFSIZ, fh) == NULL)
  63         break;
  64
  65       if (line[0] == '#')
  66         continue;
  67
  68       while (strlen(line) > 0 && (line[strlen(line)-1] == '\n' ||
  69                                   line[strlen(line)-1] == '\r'))
  70         line[strlen(line)-1] = '\0';
  71
  72       if (strlen(line) <= strlen(matchbuf))
  73         continue;
  74
  75       if (strncmp(matchbuf, line, strlen(matchbuf)) == 0)
  76         {
  77           if (*keylen < strlen(line) - strlen(matchbuf))
  78             {
  79               fclose(fh);
  80               return GSASL_TOO_SMALL_BUFFER;
  81             }
  82
  83           *keylen = strlen(line) - strlen(matchbuf);
  84
  85           if (key)
  86             memcpy(key, &line[strlen(matchbuf)], *keylen);
  87
  88           fclose(fh);
  89
  90           return GSASL_OK;
  91         }
  92     }
  93
  94   if (fclose(fh) != 0)
  95     return GSASL_FCLOSE_ERROR;
  96
  97   return GSASL_AUTHENTICATION_ERROR;
  98 }