summaryrefslogtreecommitdiff
path: root/src/authenticate.cc
diff options
context:
space:
mode:
Diffstat (limited to 'src/authenticate.cc')
-rw-r--r--src/authenticate.cc161
1 files changed, 72 insertions, 89 deletions
diff --git a/src/authenticate.cc b/src/authenticate.cc
index bdd18c9..88bfa63 100644
--- a/src/authenticate.cc
+++ b/src/authenticate.cc
@@ -7,25 +7,26 @@
#include <string>
#include <vector>
-#include <sys/types.h>
+#include <errno.h>
+#include <signal.h>
+
#include <grp.h>
#include <pwd.h>
-#include <signal.h>
+#include <sys/types.h>
#include <unistd.h>
-#include <errno.h>
// #ifndef HAVE_SYS_WAIT_H
// #include <wait.h>
-//#else
+// #else
#include <sys/wait.h>
-//#endif
+// #endif
#include "authenticate.h"
+#include "convert.h"
+#include "globals.h"
#include "iodevice.h"
#include "iofactory.h"
#include "session.h"
-#include "convert.h"
-#include "globals.h"
using namespace ::std;
using namespace Binc;
@@ -36,16 +37,18 @@ using namespace Binc;
// 3 = timeout
// -1 = abort
//------------------------------------------------------------------------
-int Binc::authenticate(Depot &depot, const string &username,
- const string &password, const string &challenge)
+int Binc::authenticate(Depot &depot,
+ const string &username,
+ const string &password,
+ const string &challenge)
{
Session &session = Session::getInstance();
session.setUserID(username);
// check if checkpassword is present
if (::access(session.unparsedArgs[0], X_OK) != 0) { // x is enough
- bincError << "unable to start authenticator " << session.unparsedArgs[0]
- << ": " << strerror(errno) << endl;
+ bincError << "unable to start authenticator " << session.unparsedArgs[0] << ": " << strerror(errno)
+ << endl;
return 1;
}
@@ -60,22 +63,19 @@ int Binc::authenticate(Depot &depot, const string &username,
bool authenticated = false;
if (pipe(authintercom) == -1) {
- session.setLastError("An error occurred when creating pipes: "
- + string(strerror(errno)));
+ session.setLastError("An error occurred when creating pipes: " + string(strerror(errno)));
return -1;
}
if (pipe(intercomw) == -1) {
- session.setLastError("An error occurred when creating pipes: "
- + string(strerror(errno)));
+ session.setLastError("An error occurred when creating pipes: " + string(strerror(errno)));
close(authintercom[0]);
close(authintercom[1]);
return -1;
}
if (pipe(intercomr) == -1) {
- session.setLastError("An error occurred when creating pipes: "
- + string(strerror(errno)));
+ session.setLastError("An error occurred when creating pipes: " + string(strerror(errno)));
close(intercomw[0]);
close(intercomr[0]);
close(authintercom[0]);
@@ -98,9 +98,7 @@ int Binc::authenticate(Depot &depot, const string &username,
int result;
int childspid = fork();
if (childspid == -1) {
- bincLog << "bincimap-up: pid " << pid
- << " failed to start main server: "
- << strerror(errno) << endl;
+ bincLog << "bincimap-up: pid " << pid << " failed to start main server: " << strerror(errno) << endl;
return 1;
}
@@ -111,43 +109,39 @@ int Binc::authenticate(Depot &depot, const string &username,
if (dup2(intercomr[1], 1) == -1) {
bincDebug << "bincimap-up: pid " << pid
- << " authenticate(), [auth module] dup2 failed: "
- << strerror(errno) << endl;
+ << " authenticate(), [auth module] dup2 failed: " << strerror(errno) << endl;
bincDebug.flush();
exit(111);
}
if (dup2(intercomw[0], 0) == -1) {
- bincDebug << "bincimap-up: pid " << pid
- << " authenticate(), [auth module] dup2 failed: "
- << strerror(errno) << endl;
+ bincDebug << "bincimap-up: pid " << pid
+ << " authenticate(), [auth module] dup2 failed: " << strerror(errno) << endl;
bincDebug.flush();
exit(111);
}
if (dup2(authintercom[0], 3) == -1) {
- bincDebug << "bincimap-up: pid " << pid
- << " authenticate(), [auth module] dup2 failed: "
- << strerror(errno) << endl;
+ bincDebug << "bincimap-up: pid " << pid
+ << " authenticate(), [auth module] dup2 failed: " << strerror(errno) << endl;
bincDebug.flush();
exit(111);
}
if (session.unparsedArgs[0] != 0) {
execvp(session.unparsedArgs[0], &session.unparsedArgs[0]);
- bincDebug << "bincimap-up: pid " << pid
- << " authenticate(), [auth module] invocation of "
- << session.unparsedArgs[0]
- << " failed: " << strerror(errno) << endl;
+ bincDebug << "bincimap-up: pid " << pid << " authenticate(), [auth module] invocation of "
+ << session.unparsedArgs[0] << " failed: " << strerror(errno) << endl;
bincDebug.flush();
exit(111);
}
-
- bincLog << "bincimap-up: pid " << pid
+
+ bincLog << "bincimap-up: pid " << pid
<< " missing mandatory -- in argument list,"
" after bincimap-up + arguments, before authenticator."
" Please check your run scripts and the man page bincimap(1) for"
- " more on how to invoke Binc IMAP." << endl;
+ " more on how to invoke Binc IMAP."
+ << endl;
bincDebug.flush();
exit(111);
}
@@ -173,8 +167,7 @@ int Binc::authenticate(Depot &depot, const string &username,
cpTmp += timestamp.length();
*cpTmp++ = '\0';
- bincDebug << "bincimap-up: pid " << pid
- << " authenticate(), writing username/password to "
+ bincDebug << "bincimap-up: pid " << pid << " authenticate(), writing username/password to "
<< session.unparsedArgs[0] << endl;
// write the userid
@@ -182,10 +175,8 @@ int Binc::authenticate(Depot &depot, const string &username,
int res = write(authintercom[1], checkpasswordData, dataSize);
delete[] checkpasswordData;
if (res != dataSize) {
- bincWarning << "bincimap-up: pid " << pid
- << " error writing to authenticator "
- << session.unparsedArgs[0] << ": "
- << strerror(errno) << endl;
+ bincWarning << "bincimap-up: pid " << pid << " error writing to authenticator "
+ << session.unparsedArgs[0] << ": " << strerror(errno) << endl;
return 1;
}
@@ -199,7 +190,7 @@ int Binc::authenticate(Depot &depot, const string &username,
FD_ZERO(&rmask);
FD_SET(fileno(stdin), &rmask);
FD_SET(intercomr[0], &rmask);
-
+
int maxfd = intercomr[0];
bool disconnected = false;
bool timedout = false;
@@ -225,16 +216,14 @@ int Binc::authenticate(Depot &depot, const string &username,
} while (n < 0 && errno == EINTR);
if (n < 0) {
- bincWarning << "bincimpa-up: pid " << pid
- << " error: invalid exit from select, "
+ bincWarning << "bincimpa-up: pid " << pid << " error: invalid exit from select, "
<< strerror(errno) << endl;
break;
}
if (n == 0) {
- bincLog << "bincimap-up: pid " << pid
- << " server timed out after "
- << IDLE_TIMEOUT << " seconds" << endl;
+ bincLog << "bincimap-up: pid " << pid << " server timed out after " << IDLE_TIMEOUT << " seconds"
+ << endl;
timedout = true;
break;
}
@@ -252,8 +241,8 @@ int Binc::authenticate(Depot &depot, const string &username,
break;
}
- // Fall through. Triggered when there was no data
- // to read, even though no error has occurred
+ // Fall through. Triggered when there was no data
+ // to read, even though no error has occurred
if (ret == -2) continue;
int w;
@@ -264,9 +253,8 @@ int Binc::authenticate(Depot &depot, const string &username,
if (w > 0) Session::getInstance().addReadBytes(w);
if (w < 0) {
- bincDebug << "bincimap-up: pid " << pid
- << " error writing to server: "
- << strerror(errno) << endl;
+ bincDebug << "bincimap-up: pid " << pid << " error writing to server: " << strerror(errno)
+ << endl;
eof = true;
}
} while (bincClient.canRead());
@@ -276,17 +264,16 @@ int Binc::authenticate(Depot &depot, const string &username,
char buf[8192];
int ret = read(intercomr[0], buf, sizeof(buf));
if (ret == 0) {
- // Main server has shut down
+ // Main server has shut down
eof = true;
- break;
+ break;
} else if (ret == -1) {
- bincDebug << "bincimap-up: pid " << pid
- << " error reading from server: "
- << strerror(errno) << endl;
+ bincDebug << "bincimap-up: pid " << pid << " error reading from server: " << strerror(errno)
+ << endl;
eof = true;
break;
} else {
- // umask(0);
+ // umask(0);
Session::getInstance().addWriteBytes(ret);
bincClient << string(buf, ret);
@@ -298,11 +285,10 @@ int Binc::authenticate(Depot &depot, const string &username,
close(intercomr[0]);
close(intercomw[1]);
- // catch the dead baby
+ // catch the dead baby
if (waitpid(childspid, &result, 0) != childspid) {
- bincLog << "bincimap-up: pid " << pid
- << " <" << username << "> authentication failed: "
- << (authenticated ? "server " : session.unparsedArgs[0])
+ bincLog << "bincimap-up: pid " << pid << " <" << username
+ << "> authentication failed: " << (authenticated ? "server " : session.unparsedArgs[0])
<< " waitpid returned unexpected value" << endl;
string tmp = strerror(errno);
@@ -316,43 +302,40 @@ int Binc::authenticate(Depot &depot, const string &username,
if (disconnected) return 0;
if (WIFSIGNALED(result)) {
- bincLog << "bincimap-up: pid " << pid
- << " <" << username << "> authentication failed: "
- << (authenticated ? "server" : session.unparsedArgs[0])
+ bincLog << "bincimap-up: pid " << pid << " <" << username
+ << "> authentication failed: " << (authenticated ? "server" : session.unparsedArgs[0])
<< " died by signal " << WTERMSIG(result) << endl;
sleep(AUTH_PENALTY);
session.setState(Session::LOGOUT);
return -1;
}
- bincDebug << "bincimap-up: pid " << pid
- << " authenticate() ,"
- << (authenticated ? "authenticator" : "server")
- << " exited with code " << WEXITSTATUS(result) << endl;
+ bincDebug << "bincimap-up: pid " << pid << " authenticate() ,"
+ << (authenticated ? "authenticator" : "server") << " exited with code "
+ << WEXITSTATUS(result) << endl;
switch (WEXITSTATUS(result)) {
- case 0: break;
- case 1:
+ case 0:
+ break;
+ case 1:
// authentication failed - sleep
- bincLog << "bincimap-up: pid " << pid
- << " <" << username << "> failed to log in" << endl;
- sleep(AUTH_PENALTY);
- return 2;
- case 2: case 111: // wrong call or missing auth data
- // abused
- bincLog << "bincimap-up: pid " << pid
- << " <" << username << "> authentication failed: "
- << (authenticated ? "authenticator" : "server")
- << " reports wrong usage" << endl;
- sleep(AUTH_PENALTY);
- return 2;
- default:
+ bincLog << "bincimap-up: pid " << pid << " <" << username << "> failed to log in" << endl;
+ sleep(AUTH_PENALTY);
+ return 2;
+ case 2:
+ case 111: // wrong call or missing auth data
+ // abused
+ bincLog << "bincimap-up: pid " << pid << " <" << username
+ << "> authentication failed: " << (authenticated ? "authenticator" : "server")
+ << " reports wrong usage" << endl;
+ sleep(AUTH_PENALTY);
+ return 2;
+ default:
// internal error -- or authenticator fooled us
- bincLog << "bincimap-up: pid " << pid
- << " <" << username << "> authentication failed: "
- << (authenticated ? "authenticator" : "server")
- << " returned " << WEXITSTATUS(result) << endl;
- return -1;
+ bincLog << "bincimap-up: pid " << pid << " <" << username
+ << "> authentication failed: " << (authenticated ? "authenticator" : "server")
+ << " returned " << WEXITSTATUS(result) << endl;
+ return -1;
}
return 0;
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-22 12:29:41 +0000