const char *do_login(const char *u, const char *p, const char *ip)
{
if (auth_login("webmail", u, p, doauthlogin, (void *)u))
{
courier_safe_printf("INFO: LOGIN FAILED, user=%s, ip=[%s]",
u?u:"", ip);
return NULL;
}
fprintf(stderr, "INFO: LOGIN, user=%s, ip=[%s]\n", u, ip);
return u;
}
bool smtp_client::send_envelope(const mail_message& message)
{
if (open() == false)
return false;
if (get_banner() == false)
return false;
if (greet() == false)
return false;
const char* user = message.get_auth_user();
const char* pass = message.get_auth_pass();
if (user && pass && auth_login(user, pass) == false)
return false;
const rfc822_addr* from = message.get_from();
if (from == NULL)
{
logger_error("from null");
return false;
}
if (mail_from(from->addr) == false)
return false;
return to_recipients(message.get_recipients());
}
int
main(int argc, char *argv[])
{
const char* prop_file = "../../config/OpenSSOAgentBootstrap.properties";
const char* config_file = "../../config/OpenSSOAgentConfiguration.properties";
am_status_t status = AM_FAILURE;
am_properties_t prop = AM_PROPERTIES_NULL;
am_auth_context_t auth_ctx = NULL;
am_sso_token_handle_t sso_handle = NULL;
const char *ssoTokenID = NULL;
char *user = NULL;
char* org_name = NULL;
char* auth_module = "LDAP";
char *pw = NULL;
int j;
char c;
int usage = 0;
boolean_t agentInitialized = B_FALSE;
boolean_t dispatch_listener = B_FALSE; /* dispatch listener in a */
/* seperate thread */
for (j=1; j < argc; j++) {
if (*argv[j]=='-') {
c = argv[j][1];
switch (c) {
case 'u':
user = (j <= argc-1) ? argv[++j] : NULL;
break;
case 'p':
pw = (j <= argc-1) ? argv[++j] : NULL;
break;
case 'o':
org_name = (j < argc-1) ? argv[++j] : NULL;
break;
case 'f':
prop_file = (j <= argc-1) ? argv[++j] : NULL;
break;
case 'c':
config_file = (j <= argc-1) ? argv[++j] : NULL;
break;
case 's':
ssoTokenID = (j <= argc-1) ? argv[++j] : NULL;
break;
case 'm':
auth_module = (j < argc-1) ? argv[++j] : NULL;
break;
case 'd':
dispatch_listener = B_TRUE;
break;
default:
usage++;
break;
}
if (usage)
break;
}
else {
usage++;
break;
}
}
if (usage || (NULL==ssoTokenID && (NULL==org_name) && (NULL==user || NULL==pw))) {
Usage(argv);
return EXIT_FAILURE;
}
am_web_init(prop_file, config_file);
am_agent_init(&agentInitialized);
// initialize sso
status = am_properties_create(&prop);
fail_on_error(status, "am_properties_create");
status = am_properties_load( prop, prop_file );
fail_on_error(status, "am_properties_load");
status = am_log_init(prop);
fail_on_error(status, "am_log_init");
status = am_sso_init(prop);
fail_on_error(status, "am_sso_init");
// login to get a sso token ID
if (NULL == ssoTokenID) {
auth_login(prop, user, pw, org_name, &auth_ctx, &ssoTokenID, auth_module);
}
else {
am_log_log(AM_LOG_ALL_MODULES, AM_LOG_INFO,
"SSO Token ID is %s.", ssoTokenID);
}
// create sso token handle
status = AM_FAILURE;
status = am_sso_create_sso_token_handle(&sso_handle,
ssoTokenID,
B_FALSE);
fail_on_error(status, "am_sso_create_sso_token_handle");
printf("Created sso token handle for %s.\n", ssoTokenID);
status = am_sso_destroy_sso_token_handle(sso_handle);
fail_on_error(status, "am_sso_destroy_sso_token_handle");
sso_handle = NULL;
// call it again to see if found in cache (check log)
status = am_sso_create_sso_token_handle(&sso_handle,
ssoTokenID,
B_FALSE);
fail_on_error(status, "am_sso_create_sso_token_handle (again)");
printf("Created sso token handle again for %s.\n", ssoTokenID);
// test interfaces for sso_handle
test_interfaces(sso_handle, ssoTokenID);
// test listeners and notification
test_listeners(sso_handle, ssoTokenID, dispatch_listener);
// test invalidate.
printf("Invalidating token..\n");
status = am_sso_invalidate_token(sso_handle);
printf("am_sso_invalidate_token returned %s.\n", am_status_to_name(status));
// session should now be invalid.
printf("IsValid=%s.\n", am_sso_is_valid_token(sso_handle)?"true":"false");
// add listener should now fail.
status = am_sso_add_sso_token_listener(sso_handle,
listener_func_one,
NULL,
dispatch_listener);
printf("am_sso_add_sso_token_listener() returned %s.\n",
am_status_to_name(status));
// destroy auth context
status = am_auth_destroy_auth_context(auth_ctx);
printf("am_auth_destroy_auth_context returned %s.\n",
am_status_to_name(status));
// destroy sso token handle (free the memory)
printf("Deleting token..\n");
status = am_sso_destroy_sso_token_handle(sso_handle);
printf("am_sso_destroy_sso_token_handle() returned %s.\n",
am_status_to_name(status));
printf("Cleaning up..\n");
(void)am_cleanup();
am_properties_destroy(prop);
printf("Done.\n");
return EXIT_SUCCESS;
} /* end of main procedure */
int do_imap_command(const char *tag)
{
struct imaptoken *curtoken=nexttoken();
char authservice[40];
#if SMAP
if (strcmp(tag, "\\SMAP1") == 0)
{
const char *p=getenv("SMAP_CAPABILITY");
if (p && *p)
putenv("PROTOCOL=SMAP1");
else
return -1;
}
#endif
courier_authdebug_login( 1, "command=%s", curtoken->tokenbuf );
if (strcmp(curtoken->tokenbuf, "LOGOUT") == 0)
{
if (nexttoken()->tokentype != IT_EOL) return (-1);
writes("* BYE Courier-IMAP server shutting down\r\n");
cmdsuccess(tag, "LOGOUT completed\r\n");
writeflush();
fprintf(stderr, "INFO: LOGOUT, ip=[%s], rcvd=%lu, sent=%lu\n",
getenv("TCPREMOTEIP"), bytes_received_count, bytes_sent_count);
exit(0);
}
if (strcmp(curtoken->tokenbuf, "NOOP") == 0)
{
if (nexttoken()->tokentype != IT_EOL) return (-1);
cmdsuccess(tag, "NOOP completed\r\n");
return (0);
}
if (strcmp(curtoken->tokenbuf, "CAPABILITY") == 0)
{
if (nexttoken()->tokentype != IT_EOL) return (-1);
writes("* CAPABILITY ");
imapcapability();
writes("\r\n");
cmdsuccess(tag, "CAPABILITY completed\r\n");
return (0);
}
if (strcmp(curtoken->tokenbuf, "STARTTLS") == 0)
{
if (!have_starttls()) return (-1);
if (starttls(tag)) return (-2);
putenv("IMAP_STARTTLS=NO");
putenv("IMAP_TLS_REQUIRED=0");
putenv("IMAP_TLS=1");
return (0);
}
if (strcmp(curtoken->tokenbuf, "LOGIN") == 0)
{
struct imaptoken *tok=nexttoken_nouc();
char *userid;
char *passwd;
const char *p;
int rc;
if (have_starttls() && tlsrequired()) /* Not yet */
{
cmdfail(tag, "STARTTLS required\r\n");
return (0);
}
switch (tok->tokentype) {
case IT_ATOM:
case IT_NUMBER:
case IT_QUOTED_STRING:
break;
default:
return (-1);
}
userid=strdup(tok->tokenbuf);
if (!userid)
write_error_exit(0);
tok=nexttoken_nouc_okbracket();
switch (tok->tokentype) {
case IT_ATOM:
case IT_NUMBER:
case IT_QUOTED_STRING:
break;
default:
free(userid);
return (-1);
}
passwd=my_strdup(tok->tokenbuf);
if (nexttoken()->tokentype != IT_EOL)
{
free(userid);
free(passwd);
return (-1);
}
strcat(strcpy(authservice, "AUTHSERVICE"),
getenv("TCPLOCALPORT"));
p=getenv(authservice);
if (!p || !*p)
p="imap";
rc=auth_login(p, userid, passwd, login_callback, (void *)tag);
courier_safe_printf("INFO: LOGIN FAILED, user=%s, ip=[%s]",
userid, getenv("TCPREMOTEIP"));
free(userid);
free(passwd);
if (rc > 0)
{
perror("ERR: authentication error");
writes("* BYE Temporary problem, please try again later\r\n");
writeflush();
exit(1);
}
sleep(5);
cmdfail(tag, "Login failed.\r\n");
return (0);
}
if (strcmp(curtoken->tokenbuf, "AUTHENTICATE") == 0)
{
char method[32];
int rc;
if (have_starttls() && tlsrequired()) /* Not yet */
{
cmdfail(tag, "STARTTLS required\r\n");
return (0);
}
rc=authenticate(tag, method, sizeof(method));
courier_safe_printf("INFO: LOGIN FAILED, method=%s, ip=[%s]",
method, getenv("TCPREMOTEIP"));
if (rc > 0)
{
perror("ERR: authentication error");
writes("* BYE Temporary problem, please try again later\r\n");
writeflush();
exit(1);
}
sleep(5);
cmdfail(tag, "Login failed.\r\n");
writeflush();
return (-2);
}
return (-1);
}
int main(int argc, char **argv)
{
char *user=0;
char *p;
char buf[BUFSIZ];
int c;
const char *ip=getenv("TCPREMOTEIP");
char authservice[40];
char *q ;
#ifdef HAVE_SETVBUF_IOLBF
setvbuf(stderr, NULL, _IOLBF, BUFSIZ);
#endif
if (!ip || !*ip)
{
ip="127.0.0.1";
}
if (argc != 3)
{
printf("-ERR pop3login requires exactly two arguments.\r\n");
fflush(stdout);
exit(1);
}
pop3d=argv[1];
defaultmaildir=argv[2];
courier_authdebug_login_init();
fprintf(stderr, "DEBUG: Connection, ip=[%s]\n", ip);
printf("+OK Hello there.\r\n");
fflush(stdout);
fflush(stderr);
alarm(60);
while (fgets(buf, sizeof(buf), stdin))
{
c=1;
for (p=buf; *p; p++)
{
if (*p == '\n')
break;
if (*p == ' ' || *p == '\t') c=0;
if (c)
*p=toupper((int)(unsigned char)*p);
}
if (*p)
*p=0;
else while ((c=getchar()) != EOF && c != '\n')
;
p=strtok(buf, " \t\r");
if (p)
{
courier_authdebug_login( 1, "command=%s", p );
if ( strcmp(p, "QUIT") == 0)
{
fprintf(stderr, "INFO: LOGOUT, ip=[%s]\n",
ip);
fflush(stderr);
printf("+OK Better luck next time.\r\n");
fflush(stdout);
break;
}
if ( strcmp(p, "USER") == 0)
{
if (tls_required())
{
printf("-ERR TLS required to log in.\r\n");
fflush(stdout);
continue;
}
p=strtok(0, "\r\n");
if (p)
{
if (user) free(user);
if ((user=malloc(strlen(p)+1)) == 0)
{
printf("-ERR Server out of memory, aborting connection.\r\n");
fflush(stdout);
perror("malloc");
exit(1);
}
strcpy(user, p);
printf("+OK Password required.\r\n");
fflush(stdout);
continue;
}
} else if (strcmp(p, "CAPA") == 0)
{
pop3dcapa();
continue;
} else if (strcmp(p, "STLS") == 0)
{
if (!have_starttls())
{
printf("-ERR TLS support not available.\r\n");
fflush(stdout);
continue;
}
starttls();
fflush(stdout);
continue;
} else if (strcmp(p, "AUTH") == 0)
{
char *authtype, *authdata;
char *method=strtok(0, " \t\r");
if (tls_required())
{
printf("-ERR TLS required to log in.\r\n");
fflush(stdout);
continue;
}
if (method)
{
char *initreply=strtok(0, " \t\r");
int rc;
char *p;
for (p=method; *p; p++)
*p=toupper(*p);
if (initreply &&
strcmp(initreply, "=") == 0)
initreply="";
rc=auth_sasl_ex(method, initreply,
pop3_externalauth(),
authresp,
NULL,
&authtype,
&authdata);
if (rc == 0)
{
strcat(strcpy(authservice, "AUTHSERVICE"),getenv("TCPLOCALPORT"));
q=getenv(authservice);
if (!q || !*q)
q="pop3";
rc=auth_generic(q,
authtype,
authdata,
login_callback,
NULL);
free(authtype);
free(authdata);
}
courier_safe_printf("INFO: LOGIN "
"FAILED, method=%s, ip=[%s]",
method, ip);
if (rc == AUTHSASL_ABORTED)
printf("-ERR Authentication aborted.\r\n");
else if (rc > 0)
{
perror("ERR: authentication error");
printf("-ERR Temporary problem, please try again later\r\n");
fflush(stdout);
exit(1);
}
else
{
sleep(5);
printf("-ERR Authentication failed.\r\n");
}
fflush(stdout);
continue;
}
} else if (strcmp(p, "PASS") == 0)
{
int rc;
p=strtok(0, "\r\n");
if (!user || p == 0)
{
printf("-ERR USER/PASS required.\r\n");
fflush(stdout);
continue;
}
strcat(strcpy(authservice, "AUTHSERVICE"),getenv("TCPLOCALPORT"));
q=getenv(authservice);
if (!q || !*q)
q="pop3";
rc=auth_login(q, user, p, login_callback, NULL);
courier_safe_printf("INFO: LOGIN "
"FAILED, user=%s, ip=[%s]",
user, ip);
if (rc > 0)
{
perror("ERR: authentication error");
printf("-ERR Temporary problem, please try again later\r\n");
fflush(stdout);
exit(1);
}
sleep(5);
printf("-ERR Login failed.\r\n");
fflush(stdout);
continue;
}
}
printf("-ERR Invalid command.\r\n");
fflush(stdout);
}
fprintf(stderr, "DEBUG: Disconnected, ip=[%s]\n", ip);
exit(0);
return (0);
}
static int validateuseridpw(const char *uid,
const char *pw)
{
return auth_login("socks", uid, pw, auth_cb, NULL);
}
static char *login(int isprivate,
int *flag /* Cleanup requested */
)
{
struct userid_info uinfo;
proxy_userid=NULL;
*flag=0;
memset(&uinfo, 0, sizeof(uinfo));
alarm(300); /* Better log in in five minutes */
for (;;)
{
int c;
char *p;
input_line_len=0;
for (;;)
{
c=inputchar(NULL);
if (c == EOF)
exit(0);
if (c == '\n')
break;
input_buffer[input_line_len]=c;
if (input_line_len < 1024)
++input_line_len;
}
input_buffer[input_line_len]=0;
for (p=input_buffer; *p &&
isspace((int)(unsigned char)*p); p++)
;
if (strncasecmp(p, "PASSWORD", 8) == 0 && !isprivate &&
isspace((int)(unsigned char)p[8]) && uinfo.userid)
{
for (p += 9; isspace((int)(unsigned char)*p); p++)
;
if (*p)
{
int rc;
char *q, *r;
for (q=r=p; *q; q++)
if (!isspace((int)(unsigned char)*q))
r=q+1;
*r=0;
rc=auth_login(uinfo.userid, p,
callback_login, &uinfo);
if (rc)
{
printf("%s %s\n",
rc < 0 ? "501":"401",
strerror(errno));
continue;
}
*flag=1;
break;
}
}
for (p=input_buffer; *p; p++)
if (isspace((int)(unsigned char)*p))
*p=' ';
p=strtok(input_buffer, " ");
if (p && strcasecmp(p, "CAPABILITY") == 0)
{
printf("100 PCP1\n");
continue;
}
else if (p && strcasecmp(p, "USERID") == 0 &&
uinfo.userid == NULL)
{
if ((p=strtok(NULL, " ")) != NULL)
{
int rc= auth_userid(p, callback_userid,
&uinfo);
if (rc)
{
printf("%s %s\n",
rc < 0 ? "501":"401",
strerror(errno));
continue;
}
printf("301 Ok, waiting for password.\n");
continue;
}
}
else if (p && strcasecmp(p, "PROXY") == 0 && uinfo.userid &&
isprivate)
{
if ((p=strtok(NULL, " ")) != 0)
{
struct relogin_struct rs;
time_t now;
int rc;
if (proxy_userid)
free(proxy_userid);
if ((proxy_userid=auth_choplocalhost(p))
== NULL)
{
printf("400 %s\n", strerror(errno));
continue;
}
rs.needauthtoken=0;
rs.userid=uinfo.userid;
time(&now);
rc=maildir_cache_search(uinfo.userid, now,
callback_cache_search,
&rs);
if (rc == 0)
{
alarm(0);
printf("200 PROXY ok\n");
break;
}
now -= TIMEOUT;
rc=maildir_cache_search(uinfo.userid, now,
callback_cache_search,
&rs);
if (rc == 0)
{
alarm(0);
printf("200 PROXY ok\n");
break;
}
uinfo.isproxy=1;
rc=auth_userid(uinfo.userid, callback_login,
&uinfo);
if (rc)
{
syslog(LOG_CRIT,
"pcpd: auth_userid() failed\n");
exit(1);
}
alarm(0);
printf("200 PROXY ok\n");
break;
}
}
else if (p && strcasecmp(p, "RELOGIN") == 0 && uinfo.userid &&
!isprivate)
{
if ((p=strtok(NULL, " ")) != 0)
{
struct relogin_struct rs;
int rc;
rs.needauthtoken=1;
rs.userid=uinfo.userid;
if (authtoken_verify(uinfo.userid, p,
&rs.when))
{
printf("500 Invalid authentication token.\n");
continue;
}
rc=maildir_cache_search(uinfo.userid, rs.when,
callback_cache_search,
&rs);
if (rc == 0)
break;
/*
** Couldn't find anything in the login cache.
** call the userid function with the login
** callback.
** This'll initialize lotsa other stuff, but
** we don't care.
*/
rc=auth_userid(uinfo.userid, callback_login,
&uinfo);
if (rc)
{
syslog(LOG_NOTICE,
"pcpd: auth_userid() failed.");
printf("400 Internal failure - try again later.\n");
continue;
}
break;
}
}
else if (p && strcasecmp(p, "QUIT") == 0)
{
printf("200 Ok\n");
exit (0);
}
printf("500 Syntax error\n");
}
return (uinfo.userid);
}
int main(int argc, char **argv)
{
int argn;
const char *service="login";
for (argn=1; argn<argc; argn++)
{
const char *argp;
if (argv[argn][0] != '-') break;
if (argv[argn][1] == 0)
{
++argn;
break;
}
argp=argv[argn]+2;
switch (argv[argn][1]) {
case 's':
if (!*argp && argn+1 < argc)
argp=argv[++argn];
service=argp;
break;
default:
usage();
}
}
if (argc - argn <= 0)
usage();
courier_authdebug_login_level = 2;
if (argc - argn >= 3)
{
if (auth_passwd(service, argv[argn],
argv[argn+1],
argv[argn+2]))
{
perror("Authentication FAILED");
exit(1);
}
else
{
fprintf(stderr, "Password change succeeded.\n");
exit(0);
}
}
if (argc - argn >= 2)
{
if (auth_login(service, argv[argn],
argv[argn+1],
callback_pre,
NULL))
{
perror("Authentication FAILED");
exit(1);
}
}
else if (argc - argn >= 1)
{
if (auth_getuserinfo(service, argv[argn],
callback_pre,
NULL))
{
perror("Authentication FAILED");
exit(1);
}
}
exit(0);
}
