← Back to branch summary

~ubuntu-branches/ubuntu/utopic/dovecot/utopic-proposed

« back to all changes in this revision

Viewing changes to src/pop3-login/client-authenticate.c

  • Committer: Package Import Robot
  • Author(s): James Page
  • Date: 2014-01-08 09:35:49 UTC
  • mfrom: (4.1.35 sid)
  • Revision ID: package-import@ubuntu.com-20140108093549-i72o93pux8p0dlaf
Tags: 1:2.2.9-1ubuntu1
* Merge from Debian unstable, remaining changes:
  + Add mail-stack-delivery package:
    - Update d/rules
    - d/control: convert existing dovecot-postfix package to a dummy
      package and add new mail-stack-delivery package.
    - Update maintainer scripts.
    - Rename d/dovecot-postfix.* to debian/mail-stack-delivery.*
    - d/mail-stack-delivery.preinst: Move previously installed backups and
      config files to a new package namespace.
    - d/mail-stack-delivery.prerm: Added to handle downgrades.
  + Use Snakeoil SSL certificates by default:
    - d/control: Depend on ssl-cert.
    - d/dovecot-core.postinst: Relax grep for SSL_* a bit.
  + Add autopkgtest to debian/tests/*.
  + Add ufw integration:
    - d/dovecot-core.ufw.profile: new ufw profile.
    - d/rules: install profile in dovecot-core.
    - d/control: dovecot-core - suggest ufw.
  + d/dovecot-core.dirs: Added usr/share/doc/dovecot-core
  + Add apport hook:
    - d/rules, d/source_dovecot.py
  + Add upstart job:
    - d/rules, d/dovecot-core.dovecot.upstart, d/control,
      d/dovecot-core.dirs, dovecot-imapd.{postrm, postinst, prerm},
      d/dovecot-pop3d.{postinst, postrm, prerm}.
      d/mail-stack-deliver.postinst: Convert init script to upstart.
  + Use the autotools-dev dh addon to update config.guess/config.sub for
    arm64.
* Dropped changes, included in Debian:
  - Update Dovecot name to reflect distribution in login greeting.
  - Update Drac plugin for >= 2.0.0 support.
* d/control: Drop dovecot-postfix package as its no longer required.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/pop3-login/client-authenticate.c
1
 
/* Copyright (c) 2002-2012 Dovecot authors, see the included COPYING file */
 
1
/* Copyright (c) 2002-2013 Dovecot authors, see the included COPYING file */
2
2
 
3
3
#include "login-common.h"
4
4
#include "base64.h"
5
5
#include "buffer.h"
6
6
#include "hex-binary.h"
7
 
#include "hostpid.h"
8
7
#include "ioloop.h"
9
8
#include "istream.h"
10
9
#include "ostream.h"
11
10
#include "safe-memset.h"
12
11
#include "str.h"
13
12
#include "str-sanitize.h"
14
 
#include "time-util.h"
15
13
#include "auth-client.h"
16
14
#include "../pop3/pop3-capability.h"
17
15
#include "ssl-proxy.h"
33
31
        str_append(str, "+OK\r\n");
34
32
        str_append(str, capability_string);
35
33
 
36
 
        if (ssl_initialized && !client->common.tls)
 
34
        if (client_is_tls_enabled(&client->common) && !client->common.tls)
37
35
                str_append(str, "STLS\r\n");
38
36
        if (!client->common.set->disable_plaintext_auth ||
39
37
            client->common.secured)
51
49
        return TRUE;
52
50
}
53
51
 
54
 
bool pop3_client_auth_handle_reply(struct client *client,
55
 
                                   const struct client_auth_reply *reply)
 
52
void pop3_client_auth_result(struct client *client,
 
53
                             enum client_auth_result result,
 
54
                             const struct client_auth_reply *reply ATTR_UNUSED,
 
55
                             const char *text)
56
56
{
57
 
        const char *timestamp, *msg;
58
 
 
59
 
        if (!reply->nologin)
60
 
                return FALSE;
61
 
 
62
 
        if (reply->reason != NULL) {
63
 
                client_send_line(client, CLIENT_CMD_REPLY_AUTH_FAILED,
64
 
                                 reply->reason);
65
 
        } else if (reply->temp) {
66
 
                timestamp = t_strflocaltime("%Y-%m-%d %H:%M:%S", ioloop_time);
67
 
                msg = t_strdup_printf(AUTH_TEMP_FAILED_MSG" [%s:%s]",
68
 
                                      my_hostname, timestamp);
69
 
                client_send_line(client, CLIENT_CMD_REPLY_AUTH_FAIL_TEMP, msg);
70
 
        } else {
71
 
                client_send_line(client, CLIENT_CMD_REPLY_AUTH_FAILED,
72
 
                                 AUTH_FAILED_MSG);
 
57
        switch (result) {
 
58
        case CLIENT_AUTH_RESULT_SUCCESS:
 
59
                /* nothing to be done for POP3 */
 
60
                break;
 
61
        case CLIENT_AUTH_RESULT_TEMPFAIL:
 
62
                client_send_reply(client, POP3_CMD_REPLY_TEMPFAIL, text);
 
63
                break;
 
64
        case CLIENT_AUTH_RESULT_AUTHFAILED:
 
65
        case CLIENT_AUTH_RESULT_AUTHFAILED_REASON:
 
66
        case CLIENT_AUTH_RESULT_AUTHZFAILED:
 
67
        case CLIENT_AUTH_RESULT_SSL_REQUIRED:
 
68
                client_send_reply(client, POP3_CMD_REPLY_AUTH_ERROR, text);
 
69
                break;
 
70
        default:
 
71
                client_send_reply(client, POP3_CMD_REPLY_ERROR, text);
 
72
                break;
73
73
        }
74
 
 
75
 
        if (!client->destroyed)
76
 
                client_auth_failed(client);
77
 
        return TRUE;
78
74
}
79
75
 
80
76
bool cmd_auth(struct pop3_client *pop3_client, const char *args)
134
130
                if (!client_check_plaintext_auth(client, TRUE))
135
131
                        return TRUE;
136
132
 
137
 
                client_send_line(client, CLIENT_CMD_REPLY_BAD,
138
 
                                 "No username given.");
 
133
                client_send_reply(client, POP3_CMD_REPLY_ERROR,
 
134
                                  "No username given.");
139
135
                return TRUE;
140
136
        }
141
137
 
166
162
        if (pop3_client->apop_challenge == NULL) {
167
163
                if (client->set->auth_verbose)
168
164
                        client_log(client, "APOP failed: APOP not enabled");
169
 
                client_send_line(client, CLIENT_CMD_REPLY_BAD,
170
 
                                 "APOP not enabled.");
 
165
                client_send_reply(client, POP3_CMD_REPLY_ERROR,
 
166
                                  "APOP not enabled.");
171
167
                return TRUE;
172
168
        }
173
169
 
176
172
        if (p == NULL || strlen(p+1) != 32) {
177
173
                if (client->set->auth_verbose)
178
174
                        client_log(client, "APOP failed: Invalid parameters");
179
 
                client_send_line(client, CLIENT_CMD_REPLY_BAD,
180
 
                                 "Invalid parameters.");
 
175
                client_send_reply(client, POP3_CMD_REPLY_ERROR,
 
176
                                  "Invalid parameters.");
181
177
                return TRUE;
182
178
        }
183
179
 
193
189
                        client_log(client, "APOP failed: "
194
190
                                   "Invalid characters in MD5 response");
195
191
                }
196
 
                client_send_line(client, CLIENT_CMD_REPLY_BAD,
197
 
                                 "Invalid characters in MD5 response.");
 
192
                client_send_reply(client, POP3_CMD_REPLY_ERROR,
 
193
                                  "Invalid characters in MD5 response.");
198
194
                return TRUE;
199
195
        }
200
196