crypto/dist/heimdal/appl/popper/pop_auth.c

   1 /*
   2  * Copyright (c) 2004 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33
  34 #include <popper.h>
  35 #ifdef SASL
  36 #include <base64.h>
  37 #include <pop_auth.h>
  38 __RCSID("$Heimdal: pop_auth.c 14046 2004-07-14 09:11:52Z joda $"
  39         "$NetBSD$");
  40
  41 /*
  42  *  auth: RFC1734
  43  */
  44
  45 static char *
  46 getline(POP *p)
  47 {
  48     char *buf = NULL;
  49     size_t size = 1024;
  50     buf = malloc(size);
  51     if(buf == NULL)
  52         return NULL;
  53     *buf = '\0';
  54     while(fgets(buf + strlen(buf), size - strlen(buf), p->input) != NULL) {
  55         char *p;
  56         if((p = strchr(buf, '\n')) != NULL) {
  57             while(p > buf && p[-1] == '\r')
  58                 p--;
  59             *p = '\0';
  60             return buf;
  61         }
  62         /* just assume we ran out of buffer space, we'll catch eof
  63            next round */
  64         size += 1024;
  65         p = realloc(buf, size);
  66         if(p == NULL)
  67             break;
  68         buf = p;
  69     }
  70     free(buf);
  71     return NULL;
  72 }
  73
  74 static char auth_msg[128];
  75 void
  76 pop_auth_set_error(const char *message)
  77 {
  78     strlcpy(auth_msg, message, sizeof(auth_msg));
  79 }
  80
  81 static struct auth_mech *methods[] = {
  82 #ifdef KRB5
  83     &gssapi_mech,
  84 #endif
  85 #ifdef KRB4
  86     &krb4_mech,
  87 #endif
  88     NULL
  89 };
  90
  91 static int
  92 auth_execute(POP *p, struct auth_mech *m, void *state, const char *line)
  93 {
  94     void *input, *output;
  95     size_t input_length, output_length;
  96     int status;
  97
  98     if(line == NULL) {
  99         input = NULL;
 100         input_length = 0;
 101     } else {
 102         input = strdup(line);
 103         if(input == NULL) {
 104             pop_auth_set_error("out of memory");
 105             return POP_AUTH_FAILURE;
 106         }
 107         input_length = base64_decode(line, input);
 108         if(input_length == (size_t)-1) {
 109             pop_auth_set_error("base64 decode error");
 110             return POP_AUTH_FAILURE;
 111         }
 112     }
 113     output = NULL; output_length = 0;
 114     status = (*m->loop)(p, state, input, input_length, &output, &output_length);
 115     if(output_length > 0) {
 116         char *s;
 117         base64_encode(output, output_length, &s);
 118         fprintf(p->output, "+ %s\r\n", s);
 119         fflush(p->output);
 120         free(output);
 121         free(s);
 122     }
 123     return status;
 124 }
 125
 126 static int
 127 auth_loop(POP *p, struct auth_mech *m)
 128 {
 129     int status;
 130     void *state = NULL;
 131     char *line;
 132
 133     status = (*m->init)(p, &state);
 134
 135     status = auth_execute(p, m, state, p->pop_parm[2]);
 136
 137     while(status == POP_AUTH_CONTINUE) {
 138         line = getline(p);
 139         if(line == NULL) {
 140             (*m->cleanup)(p, state);
 141             return pop_msg(p, POP_FAILURE, "error reading data");
 142         }
 143         if(strcmp(line, "*") == 0) {
 144             (*m->cleanup)(p, state);
 145             return pop_msg(p, POP_FAILURE, "terminated by client");
 146         }
 147         status = auth_execute(p, m, state, line);
 148         free(line);
 149     }
 150
 151
 152     (*m->cleanup)(p, state);
 153     if(status == POP_AUTH_FAILURE)
 154         return pop_msg(p, POP_FAILURE, "%s", auth_msg);
 155
 156     status = login_user(p);
 157     if(status != POP_SUCCESS)
 158         return status;
 159     return pop_msg(p, POP_SUCCESS, "authentication complete");
 160 }
 161
 162 int
 163 pop_auth (POP *p)
 164 {
 165     int i;
 166
 167     for (i = 0; methods[i] != NULL; ++i)
 168         if (strcasecmp(p->pop_parm[1], methods[i]->name) == 0)
 169             return auth_loop(p, methods[i]);
 170     return pop_msg(p, POP_FAILURE,
 171                    "Authentication method %s unknown", p->pop_parm[1]);
 172 }
 173
 174 void
 175 pop_capa_sasl(POP *p)
 176 {
 177     int i;
 178
 179     if(methods[0] == NULL)
 180         return;
 181
 182     fprintf(p->output, "SASL");
 183     for (i = 0; methods[i] != NULL; ++i)
 184         fprintf(p->output, " %s", methods[i]->name);
 185     fprintf(p->output, "\r\n");
 186 }
 187 #endif