X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/55f65ae2d3baf60396d3359db952460939de03ca..b7b980a9e051e6999799eda5a81c5a6d8061e0eb:/uip/popsbr.c?ds=sidebyside diff --git a/uip/popsbr.c b/uip/popsbr.c index 714a8da7..5b99c8cf 100644 --- a/uip/popsbr.c +++ b/uip/popsbr.c @@ -8,6 +8,7 @@ #include #include +#include #ifdef CYRUS_SASL # include @@ -70,7 +71,7 @@ static int command(const char *, ...); static int multiline(void); #ifdef CYRUS_SASL -static int pop_auth_sasl(char *, char *, char *, char *); +static int pop_auth_sasl(char *, char *, char *); static int sasl_fgetc(FILE *); #endif /* CYRUS_SASL */ @@ -80,26 +81,10 @@ static int sasl_getline (char *, int, FILE *); static int putline (char *, FILE *); -#ifdef CYRUS_SASL -/* - * This function implements the AUTH command for various SASL mechanisms - * - * We do the whole SASL dialog here. If this completes, then we've - * authenticated successfully and have (possibly) negotiated a security - * layer. - */ - int -pop_auth_sasl(char *user, char *password, char *host, char *mech) +check_mech(char *server_mechs, size_t server_mechs_size, char *mech) { - int result, status, sasl_capability = 0; - unsigned int buflen, outlen; - char server_mechs[256], *buf, outbuf[BUFSIZ]; - const char *chosen_mech; - sasl_security_properties_t secprops; - struct pass_context p_context; - sasl_ssf_t *ssf; - int *moutbuf; + int status, sasl_capability = 0; /* * First off, we're going to send the CAPA command to see if we can @@ -129,7 +114,7 @@ pop_auth_sasl(char *user, char *password, char *host, char *mech) * We've seen the SASL capability. Grab the mech list */ sasl_capability++; - strncpy(server_mechs, response + 5, sizeof(server_mechs)); + strncpy(server_mechs, response + 5, server_mechs_size); } break; } @@ -151,6 +136,42 @@ pop_auth_sasl(char *user, char *password, char *host, char *mech) return NOTOK; } + return OK; +} + +#ifdef CYRUS_SASL +/* + * This function implements the AUTH command for various SASL mechanisms + * + * We do the whole SASL dialog here. If this completes, then we've + * authenticated successfully and have (possibly) negotiated a security + * layer. + */ + +#define CHECKB64SIZE(insize, outbuf, outsize) \ + { size_t wantout = (((insize + 2) / 3) * 4) + 32; \ + if (wantout > outsize) { \ + outbuf = mh_xrealloc(outbuf, outsize = wantout); \ + } \ + } + +int +pop_auth_sasl(char *user, char *host, char *mech) +{ + int result, status; + unsigned int buflen, outlen; + char server_mechs[256], *buf, *outbuf = NULL; + size_t outbufsize = 0; + const char *chosen_mech; + sasl_security_properties_t secprops; + struct pass_context p_context; + sasl_ssf_t *ssf; + int *moutbuf; + + if ((status = check_mech(server_mechs, sizeof(server_mechs), mech)) != OK) { + return status; + } + /* * Start the SASL process. First off, initialize the SASL library. */ @@ -158,7 +179,6 @@ pop_auth_sasl(char *user, char *password, char *host, char *mech) callbacks[POP_SASL_CB_N_USER].context = user; p_context.user = user; p_context.host = host; - p_context.password = password; callbacks[POP_SASL_CB_N_PASS].context = &p_context; result = sasl_client_init(callbacks); @@ -210,10 +230,13 @@ pop_auth_sasl(char *user, char *password, char *host, char *mech) } if (buflen) { - status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL); + CHECKB64SIZE(buflen, outbuf, outbufsize); + status = sasl_encode64(buf, buflen, outbuf, outbufsize, NULL); if (status != SASL_OK) { snprintf(response, sizeof(response), "SASL base64 encode " "failed: %s", sasl_errstring(status, NULL, NULL)); + if (outbuf) + free(outbuf); return NOTOK; } @@ -222,8 +245,13 @@ pop_auth_sasl(char *user, char *password, char *host, char *mech) status = command("AUTH %s", chosen_mech); while (result == SASL_CONTINUE) { - if (status == NOTOK) + size_t inlen; + + if (status == NOTOK) { + if (outbuf) + free(outbuf); return NOTOK; + } /* * If we get a "+OK" prefix to our response, then we should @@ -242,16 +270,31 @@ pop_auth_sasl(char *user, char *password, char *host, char *mech) command("*"); snprintf(response, sizeof(response), "Malformed authentication message from server"); + if (outbuf) + free(outbuf); return NOTOK; } + /* + * For decode, it will always be shorter, so just make sure + * that outbuf is as at least as big as the encoded response. + */ + + inlen = strlen(response + 2); + + if (inlen > outbufsize) { + outbuf = mh_xrealloc(outbuf, outbufsize = inlen); + } + result = sasl_decode64(response + 2, strlen(response + 2), - outbuf, sizeof(outbuf), &outlen); + outbuf, outbufsize, &outlen); if (result != SASL_OK) { command("*"); snprintf(response, sizeof(response), "SASL base64 decode " "failed: %s", sasl_errstring(result, NULL, NULL)); + if (outbuf) + free(outbuf); return NOTOK; } @@ -262,21 +305,30 @@ pop_auth_sasl(char *user, char *password, char *host, char *mech) command("*"); snprintf(response, sizeof(response), "SASL client negotiaton " "failed: %s", sasl_errdetail(conn)); + if (outbuf) + free(outbuf); return NOTOK; } - status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL); + CHECKB64SIZE(buflen, outbuf, outbufsize); + + status = sasl_encode64(buf, buflen, outbuf, outbufsize, NULL); if (status != SASL_OK) { command("*"); snprintf(response, sizeof(response), "SASL base64 encode " "failed: %s", sasl_errstring(status, NULL, NULL)); + if (outbuf) + free(outbuf); return NOTOK; } status = command(outbuf); } + if (outbuf) + free(outbuf); + /* * If we didn't get a positive final response, then error out * (that probably means we failed an authorization check). @@ -351,7 +403,7 @@ static int sasl_get_pass(sasl_conn_t *conn, void *context, int id, sasl_secret_t **psecret) { struct pass_context *p_context = (struct pass_context *) context; - char *pass = p_context->password; + struct nmh_creds creds = { 0, 0, 0 }; int len; NMH_UNUSED (conn); @@ -359,17 +411,50 @@ sasl_get_pass(sasl_conn_t *conn, void *context, int id, sasl_secret_t **psecret) if (! psecret || id != SASL_CB_PASS) return SASL_BADPARAM; - len = strlen(pass); + if (creds.password == NULL) { + /* + * Pass the 0 third argument to nmh_get_credentials() so + * that the default password isn't used. With legacy/.netrc + * credentials support, we'll only get here if the -user + * switch to send(1)/post(8) wasn't used. + */ + if (nmh_get_credentials (p_context->host, p_context->user, 0, &creds) + != OK) { + return SASL_BADPARAM; + } + } + + len = strlen (creds.password); *psecret = (sasl_secret_t *) mh_xmalloc(sizeof(sasl_secret_t) + len); (*psecret)->len = len; - strcpy((char *) (*psecret)->data, pass); + strcpy((char *) (*psecret)->data, creds.password); return SASL_OK; } #endif /* CYRUS_SASL */ +int +pop_auth_xoauth(const char *client_res) +{ + char server_mechs[256]; + int status = check_mech(server_mechs, sizeof(server_mechs), "XOAUTH"); + + if (status != OK) return status; + + if ((status = command("AUTH XOAUTH2 %s", client_res)) != OK) { + return status; + } + if (strncmp(response, "+OK", 3) == 0) { + return OK; + } + + /* response contains base64-encoded JSON, which is always the same. + * See mts/smtp/smtp.c for more notes on that. */ + /* Then we're supposed to send an empty response ("\r\n"). */ + return command(""); +} /* * Split string containing proxy command into an array of arguments @@ -415,31 +500,44 @@ parse_proxy(char *proxy, char *host) } else if (!isspace(*cur)) *c++ = *cur; } + *c = '\0'; *++p = NULL; return pargv; } int pop_init (char *host, char *port, char *user, char *pass, char *proxy, - int snoop, int sasl, char *mech) + int snoop, int sasl, char *mech, const char *oauth_svc) { int fd1, fd2; char buffer[BUFSIZ]; + const char *xoauth_client_res = NULL; #ifndef CYRUS_SASL NMH_UNUSED (sasl); NMH_UNUSED (mech); #endif /* ! CYRUS_SASL */ +#ifdef OAUTH_SUPPORT + if (oauth_svc != NULL) { + xoauth_client_res = mh_oauth_do_xoauth(user, oauth_svc, + snoop ? stderr : NULL); + } +#else + NMH_UNUSED (oauth_svc); + NMH_UNUSED (xoauth_client_res); +#endif /* OAUTH_SUPPORT */ + if (proxy && *proxy) { int pid; int inpipe[2]; /* for reading from the server */ int outpipe[2]; /* for sending to the server */ - /* first give up any root priviledges we may have for rpop */ - setuid(getuid()); - - pipe(inpipe); - pipe(outpipe); + if (pipe(inpipe) < 0) { + adios ("inpipe", "pipe"); + } + if (pipe(outpipe) < 0) { + adios ("outpipe", "pipe"); + } pid=fork(); if (pid==0) { @@ -508,10 +606,16 @@ pop_init (char *host, char *port, char *user, char *pass, char *proxy, if (*response == '+') { # ifdef CYRUS_SASL if (sasl) { - if (pop_auth_sasl(user, pass, host, mech) != NOTOK) + if (pop_auth_sasl(user, host, mech) != NOTOK) return OK; } else # endif /* CYRUS_SASL */ +# if OAUTH_SUPPORT + if (xoauth_client_res != NULL) { + if (pop_auth_xoauth(xoauth_client_res) != NOTOK) + return OK; + } else +# endif /* OAUTH_SUPPORT */ if (command ("USER %s", user) != NOTOK && command ("%s %s", (pophack++, "PASS"), pass) != NOTOK) @@ -744,9 +848,10 @@ command(const char *fmt, ...) static int vcommand (const char *fmt, va_list ap) { - char *cp, buffer[BUFSIZ]; + char *cp, buffer[65536]; vsnprintf (buffer, sizeof(buffer), fmt, ap); + if (poprint) { #ifdef CYRUS_SASL if (sasl_ssf) @@ -845,7 +950,7 @@ sasl_getline (char *s, int n, FILE *iop) *p = 0; if (*--p == '\n') *p = 0; - if (*--p == '\r') + if (p > s && *--p == '\r') *p = 0; return OK; @@ -882,7 +987,9 @@ putline (char *s, FILE *iop) return NOTOK; } - fwrite(buf, buflen, 1, iop); + if (fwrite(buf, buflen, 1, iop) < 1) { + advise ("putline", "fwrite"); + } } #endif /* CYRUS_SASL */