daa8dbb66f
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@909 ec53bebd-3082-4978-b11e-865c3cabbd6b
101 lines
2.8 KiB
C
101 lines
2.8 KiB
C
/*
|
|
* Copyright (c) 1989 Regents of the University of California.
|
|
* All rights reserved. The Berkeley software License Agreement
|
|
* specifies the terms and conditions for redistribution.
|
|
*/
|
|
|
|
#include <popper.h>
|
|
RCSID("$Id$");
|
|
|
|
/*
|
|
* pass: Obtain the user password from a POP client
|
|
*/
|
|
|
|
int
|
|
pop_pass (POP *p)
|
|
{
|
|
struct passwd *pw;
|
|
char lrealm[REALM_SZ];
|
|
int status;
|
|
int i;
|
|
|
|
/* Make one string of all these parameters */
|
|
|
|
for (i = 1; i < p->parm_count; ++i)
|
|
p->pop_parm[i][strlen(p->pop_parm[i])] = ' ';
|
|
|
|
/* Look for the user in the password file */
|
|
if ((pw = k_getpwnam(p->user)) == NULL)
|
|
return (pop_msg(p,POP_FAILURE,
|
|
"Password supplied for \"%s\" is incorrect.",
|
|
p->user));
|
|
|
|
if ((status = krb_get_lrealm(lrealm,1)) == KFAILURE) {
|
|
pop_log(p, POP_FAILURE, "%s: (%s.%s@%s) %s", p->client,
|
|
p->kdata.pname, p->kdata.pinst, p->kdata.prealm,
|
|
krb_get_err_text(status));
|
|
return(pop_msg(p,POP_FAILURE,
|
|
"Kerberos error: \"%s\".",
|
|
krb_get_err_text(status)));
|
|
}
|
|
|
|
if (!p->kerberosp) {
|
|
char tkt[MaxPathLen];
|
|
|
|
/* We don't accept connections from users with null passwords */
|
|
if (pw->pw_passwd == NULL)
|
|
return (pop_msg(p,
|
|
POP_FAILURE,
|
|
"Password supplied for \"%s\" is incorrect.",
|
|
p->user));
|
|
|
|
sprintf (tkt, TKT_ROOT "_popper.%d", (int)getpid());
|
|
krb_set_tkt_string (tkt);
|
|
#ifdef SKEY
|
|
if (skeyverify (&p->sk, p->pop_parm[1]) == 0)
|
|
;
|
|
else if(!p->permit_passwd)
|
|
return pop_msg(p, POP_FAILURE,
|
|
"Password supplied for \"%s\" is incorrect.",
|
|
p->user);
|
|
else
|
|
#endif
|
|
|
|
if (krb_verify_user(p->user, "", lrealm, p->pop_parm[1], 1, "pop") &&
|
|
unix_verify_user(p->user, p->pop_parm[1])) {
|
|
dest_tkt ();
|
|
return (pop_msg(p,POP_FAILURE,
|
|
"Password supplied for \"%s\" is incorrect.",
|
|
p->user));
|
|
}
|
|
dest_tkt ();
|
|
} else {
|
|
if (kuserok (&p->kdata, p->user)) {
|
|
pop_log(p, POP_FAILURE,
|
|
"%s: (%s.%s@%s) tried to retrieve mail for %s.",
|
|
p->client, p->kdata.pname, p->kdata.pinst,
|
|
p->kdata.prealm, p->user);
|
|
return(pop_msg(p,POP_FAILURE,
|
|
"Popping not authorized"));
|
|
}
|
|
}
|
|
|
|
/* Build the name of the user's maildrop */
|
|
sprintf(p->drop_name, "%s/%s", POP_MAILDIR, p->user);
|
|
|
|
/* Make a temporary copy of the user's maildrop */
|
|
/* and set the group and user id */
|
|
if (pop_dropcopy(p,pw) != POP_SUCCESS) return (POP_FAILURE);
|
|
|
|
/* Get information about the maildrop */
|
|
if (pop_dropinfo(p) != POP_SUCCESS) return(POP_FAILURE);
|
|
|
|
/* Initialize the last-message-accessed number */
|
|
p->last_msg = 0;
|
|
|
|
/* Authorization completed successfully */
|
|
return (pop_msg (p, POP_SUCCESS,
|
|
"%s has %d message(s) (%d octets).",
|
|
p->user, p->msg_count, p->drop_size));
|
|
}
|