add files for 2006-08-30T23:37:48Z

diff --git a/src/c-client/auth_pla.c b/src/c-client/auth_pla.c
new file mode 100644 (file)
index 0000000..73ca225
--- /dev/null
+++ b/src/c-client/auth_pla.c
@@ -0,0 +1,133 @@
+/* ========================================================================
+ * Copyright 1988-2006 University of Washington
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * 
+ * ========================================================================
+ */
+
+/*
+ * Program:    Plain authenticator
+ *
+ * Author:     Mark Crispin
+ *             Networks and Distributed Computing
+ *             Computing & Communications
+ *             University of Washington
+ *             Administration Building, AG-44
+ *             Seattle, WA  98195
+ *             Internet: MRC@CAC.Washington.EDU
+ *
+ * Date:       22 September 1998
+ * Last Edited:        30 August 2006
+ */
+\f
+long auth_plain_client (authchallenge_t challenger,authrespond_t responder,
+                       char *service,NETMBX *mb,void *stream,
+                       unsigned long *trial,char *user);
+char *auth_plain_server (authresponse_t responder,int argc,char *argv[]);
+
+AUTHENTICATOR auth_pla = {
+  AU_AUTHUSER | AU_HIDE,       /* allow authuser, hidden */
+  "PLAIN",                     /* authenticator name */
+  NIL,                         /* always valid */
+  auth_plain_client,           /* client method */
+  auth_plain_server,           /* server method */
+  NIL                          /* next authenticator */
+};
+\f
+/* Client authenticator
+ * Accepts: challenger function
+ *         responder function
+ *         SASL service name
+ *         parsed network mailbox structure
+ *         stream argument for functions
+ *         pointer to current trial count
+ *         returned user name
+ * Returns: T if success, NIL otherwise, number of trials incremented if retry
+ */
+
+long auth_plain_client (authchallenge_t challenger,authrespond_t responder,
+                       char *service,NETMBX *mb,void *stream,
+                       unsigned long *trial,char *user)
+{
+  char *u,pwd[MAILTMPLEN];
+  void *challenge;
+  unsigned long clen;
+  long ret = NIL;
+                               /* snarl if not SSL/TLS session */
+  if (!mb->sslflag && !mb->tlsflag)
+    mm_log ("SECURITY PROBLEM: insecure server advertised AUTH=PLAIN",WARN);
+                               /* get initial (empty) challenge */
+  if (challenge = (*challenger) (stream,&clen)) {
+    fs_give ((void **) &challenge);
+    if (clen) {                        /* abort if challenge non-empty */
+      mm_log ("Server bug: non-empty initial PLAIN challenge",WARN);
+      (*responder) (stream,NIL,0);
+      ret = LONGT;             /* will get a BAD response back */
+    }
+    pwd[0] = NIL;              /* prompt user if empty challenge */
+    mm_login (mb,user,pwd,*trial);
+    if (!pwd[0]) {             /* empty challenge or user requested abort */
+      (*responder) (stream,NIL,0);
+      *trial = 0;              /* cancel subsequent attempts */
+      ret = LONGT;             /* will get a BAD response back */
+    }
+    else {
+      unsigned long rlen = 
+       strlen (mb->authuser) + strlen (user) + strlen (pwd) + 2;
+      char *response = (char *) fs_get (rlen);
+      char *t = response;      /* copy authorization id */
+      if (mb->authuser[0]) for (u = user; *u; *t++ = *u++);
+      *t++ = '\0';             /* delimiting NUL */
+                               /* copy authentication id */
+      for (u = mb->authuser[0] ? mb->authuser : user; *u; *t++ = *u++);
+      *t++ = '\0';             /* delimiting NUL */
+                               /* copy password */
+      for (u = pwd; *u; *t++ = *u++);
+                               /* send credentials */
+      if ((*responder) (stream,response,rlen)) {
+       if (challenge = (*challenger) (stream,&clen))
+         fs_give ((void **) &challenge);
+       else {
+         ++*trial;             /* can try again if necessary */
+         ret = LONGT;          /* check the authentication */
+       }
+      }
+      memset (response,0,rlen);        /* erase credentials */
+      fs_give ((void **) &response);
+    }
+  }
+  memset (pwd,0,MAILTMPLEN);   /* erase password */
+  if (!ret) *trial = 65535;    /* don't retry if bad protocol */
+  return ret;
+}
+\f
+/* Server authenticator
+ * Accepts: responder function
+ *         argument count
+ *         argument vector
+ * Returns: authenticated user name or NIL
+ */
+
+char *auth_plain_server (authresponse_t responder,int argc,char *argv[])
+{
+  char *ret = NIL;
+  char *user,*aid,*pass;
+  unsigned long len;
+                               /* get user name */
+  if (aid = (*responder) ("",0,&len)) {
+                               /* note: responders null-terminate */
+    if ((((unsigned long) ((user = aid + strlen (aid) + 1) - aid)) < len) &&
+       (((unsigned long) ((pass = user + strlen (user) + 1) - aid)) < len) &&
+       (((unsigned long) ((pass + strlen (pass)) - aid)) == len) &&
+       (*aid ? server_login (aid,pass,user,argc,argv) :
+        server_login (user,pass,NIL,argc,argv))) ret = myusername ();
+    fs_give ((void **) &aid);
+  }
+  return ret;
+}