cprintf("%s\n", config.c_moreprompt);
cprintf("1\n"); /* 1 = yes, this system supports floors */
cprintf("1\n"); /* 1 = we support the extended paging options */
- cprintf("%s\n", CC->cs_nonce);
+ cprintf("\n"); /* nonce no longer supported */
cprintf("1\n"); /* 1 = yes, this system supports the QNOP command */
#ifdef HAVE_LDAP
}
-/*
- * Generate a "nonce" for APOP-style authentication.
- *
- * RFC 1725 et al specify a PID to be placed in front of the nonce.
- * Quoth BTX: That would be stupid.
- */
-void generate_nonce(CitContext *con) {
- struct timeval tv;
-
- memset(con->cs_nonce, NONCE_SIZE, 0);
- gettimeofday(&tv, NULL);
- memset(con->cs_nonce, NONCE_SIZE, 0);
- snprintf(con->cs_nonce, NONCE_SIZE, "<%d%ld@%s>",
- rand(), (long)tv.tv_usec, config.c_fqdn);
-}
-
/*
* Back-end function for starting a session
*con->fake_hostname = '\0';
*con->fake_roomname = '\0';
*con->cs_clientinfo = '\0';
- generate_nonce(con);
safestrncpy(con->cs_host, config.c_fqdn, sizeof con->cs_host);
safestrncpy(con->cs_addr, "", sizeof con->cs_addr);
con->cs_UDSclientUID = -1;
struct ctdluser user; /* Database record buffers */
struct ctdlroom room;
- /* Beginning of cryptography - session nonce */
- char cs_nonce[NONCE_SIZE]; /* The nonce for this session's next auth transaction */
-
-
/* A linked list of all instant messages sent to us. */
struct ExpressMessage *FirstExpressMessage;
int disable_exp; /* Set to 1 to disable incoming pages */
+++ /dev/null
-/*
- * cmd_pas2 - MD5 APOP style auth keyed off of the hash of the password
- * plus a nonce displayed at the login banner.
- *
- * Copyright (c) 1994-2009 by the citadel.org team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-#include <stdlib.h>
-#include <unistd.h>
-#include <stdio.h>
-
-#if TIME_WITH_SYS_TIME
-# include <sys/time.h>
-# include <time.h>
-#else
-# if HAVE_SYS_TIME_H
-# include <sys/time.h>
-# else
-# include <time.h>
-# endif
-#endif
-
-#include <ctype.h>
-#include <string.h>
-#include <errno.h>
-#include <libcitadel.h>
-#include "citadel.h"
-#include "server.h"
-#include "citserver.h"
-#include "support.h"
-#include "user_ops.h"
-#include "md5.h"
-
-
-#include "ctdl_module.h"
-
-
-void cmd_pas2(char *argbuf)
-{
- char pw[256];
- char hexstring[MD5_HEXSTRING_SIZE];
-
-
- if (!strcmp(CC->curr_user, NLI))
- {
- cprintf("%d You must enter a user with the USER command first.\n", ERROR + USERNAME_REQUIRED);
- return;
- }
-
- if (CC->logged_in)
- {
- cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
- return;
- }
-
- extract_token(pw, argbuf, 0, '|', sizeof pw);
-
- if (CtdlGetUser(&CC->user, CC->curr_user))
- {
- cprintf("%d Unable to find user record for %s.\n", ERROR + NO_SUCH_USER, CC->curr_user);
- return;
- }
-
- strproc(pw);
- strproc(CC->user.password);
-
- if (strlen(pw) != (MD5_HEXSTRING_SIZE-1))
- {
- cprintf("%d Auth string of length %ld is the wrong length (should be %d).\n", ERROR + ILLEGAL_VALUE, (long)strlen(pw), MD5_HEXSTRING_SIZE-1);
- return;
- }
-
- make_apop_string(CC->user.password, CC->cs_nonce, hexstring, sizeof hexstring);
-
- if (!strcmp(hexstring, pw))
- {
- do_login();
- return;
- }
- else
- {
- cprintf("%d Wrong password.\n", ERROR + PASSWORD_REQUIRED);
- return;
- }
-}
-
-
-
-
-
-CTDL_MODULE_INIT(pas2)
-{
- if (!threading)
- {
- CtdlRegisterProtoHook(cmd_pas2, "PAS2", "APOP-based login");
- }
-
- /* return our Subversion id for the Log */
- return "pas2";
-}
CC->session_specific_data = malloc(sizeof(struct citpop3));
memset(POP3, 0, sizeof(struct citpop3));
- cprintf("+OK Citadel POP3 server %s\r\n",
- CC->cs_nonce);
+ cprintf("+OK Citadel POP3 server ready.\r\n");
}
}
-void pop3_apop(char *argbuf)
-{
- char username[SIZ];
- char userdigest[MD5_HEXSTRING_SIZE];
- char realdigest[MD5_HEXSTRING_SIZE];
- char *sptr;
-
- if (CC->logged_in)
- {
- cprintf("-ERR You are already logged in; not in the AUTHORIZATION phase.\r\n");
- return;
- }
-
- if ((sptr = strchr(argbuf, ' ')) == NULL)
- {
- cprintf("-ERR Invalid APOP line.\r\n");
- return;
- }
-
- *sptr++ = '\0';
-
- while ((*sptr) && isspace(*sptr))
- sptr++;
-
- strncpy(username, argbuf, sizeof(username)-1);
- username[sizeof(username)-1] = '\0';
-
- memset(userdigest, 0, MD5_HEXSTRING_SIZE);
- strncpy(userdigest, sptr, MD5_HEXSTRING_SIZE-1);
-
- if (CtdlLoginExistingUser(NULL, username) != login_ok)
- {
- cprintf("-ERR No such user.\r\n");
- return;
- }
-
- if (CtdlGetUser(&CC->user, CC->curr_user))
- {
- cprintf("-ERR No such user.\r\n");
- return;
- }
-
- make_apop_string(CC->user.password, CC->cs_nonce, realdigest, sizeof realdigest);
- if (!strncasecmp(realdigest, userdigest, MD5_HEXSTRING_SIZE-1))
- {
- do_login();
- pop3_login();
- }
- else
- {
- cprintf("-ERR That is NOT the password.\r\n");
- }
-}
-
/*
* Authorize with password (implements POP3 "PASS" command)
pop3_pass(&cmdbuf[5]);
}
- else if (!strncasecmp(cmdbuf, "APOP", 4))
- {
- pop3_apop(&cmdbuf[5]);
- }
-
#ifdef HAVE_OPENSSL
else if (!strncasecmp(cmdbuf, "STLS", 4)) {
pop3_stls();
projects / citadel.git / commitdiff