summaryrefslogtreecommitdiff
path: root/src/operator-login.cc
blob: cef8acbc047bffff417a426694a2bf7c2580b809 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
/**
 *  @file operator-login.cc
 *  @brief Implementation of the rapid LOGIN command
 *  @author Andreas Aardal Hanssen, Erwin Hoffmann
 *  @date 2002-2005, 2023
 */

#include "authenticate.h"
#include "depot.h"
#include "globals.h"
#include "iodevice.h"
#include "iofactory.h"
#include "operators.h"
#include "recursivedescent.h"
#include "session.h"

#include <iostream>
#include <string>

#include <errno.h>
#include <signal.h>

#include <sys/types.h>
#include <unistd.h>

using namespace Binc;

LoginOperator::LoginOperator() {}

LoginOperator::~LoginOperator() {}

const std::string LoginOperator::getName() const
{
  return "LOGIN";
}

Session::State LoginOperator::getState() const
{
  return Session::NONAUTHENTICATED;
}

Operator::ProcessResult LoginOperator::process(Depot &depot, Request &command)
{
  Session &session = Session::getInstance();

  if (!session.command.ssl && !session.hasEnv("ALLOW_NONSSL_PLAINTEXT_LOGINS")) {
    session.setLastError("Plain text password authentication is disallowd. "
                         "Please enable StartTLS or TLS in your mail client.");
    return Operator::ProcessResult::NO;
  }

  session.setEnv("BINCIMAP_LOGIN", "LOGIN+" + command.getTag());
  std::string challenge;

  switch (authenticate(depot, command.getUserID(), command.getPassword(), challenge)) {
  case 1:
    session.setLastError("An internal error occurred when you attempted "
                         "to log in to the IMAP server. Please contact "
                         "your system administrator.");
    return Operator::ProcessResult::NO;
  case 2:
    session.setLastError("Login failed. Either your user name "
                         "or your password was wrong. Please try again, "
                         "and if the problem persists, please contact "
                         "your system administrator.");
    return Operator::ProcessResult::NO;
  case 3:
    bincClient << "* BYE Timeout after " << IDLE_TIMEOUT << " seconds of inactivity."
               << std::endl;
    break;
  case -1:
    bincClient << "* BYE The server died unexpectedly. Please contact "
                  "your system administrator for more information."
               << std::endl;
    break;
  }

  // go to logout
  session.setState(Session::LOGOUT);

  return Operator::ProcessResult::NOTHING;
}

Parser::ParseResult LoginOperator::parse(Request &c_in)
{
  constexpr auto ACCEPT = Parser::ParseResult::ACCEPT;

  Session &session = Session::getInstance();

  if (c_in.getUidMode()) return Parser::ParseResult::REJECT;

  Parser::ParseResult res;
  if ((res = expectSPACE()) != ACCEPT) {
    session.setLastError("Expected single SPACE after LOGIN");
    return res;
  }

  std::string userid;
  if ((res = expectAstring(userid)) != ACCEPT) {
    session.setLastError("Expected userid after LOGIN SPACE");
    return res;
  }

  c_in.setUserID(userid);
  if ((res = expectSPACE()) != ACCEPT) {
    session.setLastError("Expected SPACE after LOGIN SPACE userid");
    return res;
  }

  std::string password;
  if ((res = expectAstring(password)) != ACCEPT) {
    session.setLastError("Expected password after LOGIN "
                         "SPACE userid SPACE");
    return res;
  }

  if ((res = expectCRLF()) != ACCEPT) {
    session.setLastError("Expected CRLF after password");
    return res;
  }

  c_in.setPassword(password);
  c_in.setName("LOGIN");

  return ACCEPT;
}