diff options
| author |   gilles <gilles@openbsd.org> | 2011-05-17 16:42:06 +0000 |
|---|---|---|
| committer | gilles <gilles@openbsd.org> | 2011-05-17 16:42:06 +0000 |
| commit | f81d7617d648b27af55ba8d669b76d113f685602 (patch) | |
| tree | 586dc0975c2191d25972b5018a78358f4ac0e5b5 | |
| parent | somehow a previous sync with relayd missed one line... (diff) | |
| download | wireguard-openbsd-f81d7617d648b27af55ba8d669b76d113f685602.tar.xz wireguard-openbsd-f81d7617d648b27af55ba8d669b76d113f685602.zip | |
smtpd now uses an auth_backend API to authenticate users that are allowed
to send mail so they do not necessarily need a local system account.
two backends are provided by default, bsd_auth(3) and getpwnam(3), however
smtpd will only select bsd_auth(3) for the moment and not provide a way to
chose any other backend (that's on purpose ;p).
bye bye authenticate() !
| -rw-r--r-- | usr.sbin/smtpd/auth_backend.c (renamed from usr.sbin/smtpd/authenticate.c) | 54 | ||||
| -rw-r--r-- | usr.sbin/smtpd/smtpd.c | 6 | ||||
| -rw-r--r-- | usr.sbin/smtpd/smtpd.h | 19 | ||||
| -rw-r--r-- | usr.sbin/smtpd/smtpd/Makefile | 4 |
4 files changed, 73 insertions, 10 deletions
diff --git a/usr.sbin/smtpd/authenticate.c b/usr.sbin/smtpd/auth_backend.c index 281b4e094b5..defffc2ff39 100644 --- a/usr.sbin/smtpd/authenticate.c +++ b/usr.sbin/smtpd/auth_backend.c @@ -1,7 +1,7 @@ -/* $OpenBSD: authenticate.c,v 1.3 2010/11/28 14:02:46 gilles Exp $ */ +/* $OpenBSD: auth_backend.c,v 1.1 2011/05/17 16:42:06 gilles Exp $ */ /* - * Copyright (c) 2009 Gilles Chehade <gilles@openbsd.org> + * Copyright (c) 2011 Gilles Chehade <gilles@openbsd.org> * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -21,16 +21,64 @@ #include <sys/tree.h> #include <sys/param.h> #include <sys/socket.h> +#include <sys/stat.h> #include <bsd_auth.h> #include <event.h> #include <imsg.h> +#include <libgen.h> +#include <pwd.h> #include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> #include "smtpd.h" +#include "log.h" + +int auth_bsd(char *, char *); +int auth_getpwnam(char *, char *); +struct auth_backend *auth_backend_lookup(enum auth_type); + +struct auth_backend auth_backends[] = { + { AUTH_BSD, auth_bsd }, + { AUTH_GETPWNAM, auth_getpwnam } +}; + +struct auth_backend * +auth_backend_lookup(enum auth_type type) +{ + u_int8_t i; + + for (i = 0; i < nitems(auth_backends); ++i) + if (auth_backends[i].type == type) + break; + + if (i == nitems(auth_backends)) + fatalx("invalid auth type"); + + return &auth_backends[i]; +} + int -authenticate_user(char *username, char *password) +auth_bsd(char *username, char *password) { return auth_userokay(username, NULL, "auth-smtp", password); } + + +int +auth_getpwnam(char *username, char *password) +{ + struct passwd *pw; + + pw = getpwnam(username); + if (pw == NULL) + return 0; + + if (strcmp(pw->pw_passwd, crypt(password, pw->pw_passwd)) == 0) + return 1; + + return 0; +} diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c index 38d932c1411..2e4d1002cf8 100644 --- a/usr.sbin/smtpd/smtpd.c +++ b/usr.sbin/smtpd/smtpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.c,v 1.124 2011/05/16 21:05:52 gilles Exp $ */ +/* $OpenBSD: smtpd.c,v 1.125 2011/05/17 16:42:06 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -87,6 +87,7 @@ parent_imsg(struct imsgev *iev, struct imsg *imsg) struct forward_req *fwreq; struct reload *reload; struct auth *auth; + struct auth_backend *auth_backend; int fd, r; if (iev->proc == PROC_SMTP) { @@ -96,8 +97,9 @@ parent_imsg(struct imsgev *iev, struct imsg *imsg) return; case IMSG_PARENT_AUTHENTICATE: + auth_backend = auth_backend_lookup(AUTH_BSD); auth = imsg->data; - auth->success = authenticate_user(auth->user, + auth->success = auth_backend->authenticate(auth->user, auth->pass); imsg_compose_event(iev, IMSG_PARENT_AUTHENTICATE, 0, 0, -1, auth, sizeof *auth); diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h index de48338db78..187b56f16e0 100644 --- a/usr.sbin/smtpd/smtpd.h +++ b/usr.sbin/smtpd/smtpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.h,v 1.222 2011/05/16 21:05:52 gilles Exp $ */ +/* $OpenBSD: smtpd.h,v 1.223 2011/05/17 16:42:06 gilles Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -914,6 +914,19 @@ struct queue_backend { }; +/* queue structures */ +enum auth_type { + AUTH_INVALID=0, + AUTH_BSD, + AUTH_GETPWNAM, +}; + +struct auth_backend { + enum auth_type type; + int (*authenticate)(char *, char *); +}; + + extern struct smtpd *env; extern void (*imsg_callback)(struct imsgev *, struct imsg *); @@ -927,8 +940,8 @@ int aliases_virtual_get(objid_t, struct expandtree *, struct mailaddr *); int alias_parse(struct expandnode *, char *); -/* authenticate.c */ -int authenticate_user(char *, char *); +/* auth_backend.c */ +struct auth_backend *auth_backend_lookup(enum auth_type); /* bounce.c */ diff --git a/usr.sbin/smtpd/smtpd/Makefile b/usr.sbin/smtpd/smtpd/Makefile index b3a249c184e..742a1b05c6f 100644 --- a/usr.sbin/smtpd/smtpd/Makefile +++ b/usr.sbin/smtpd/smtpd/Makefile @@ -1,7 +1,7 @@ -# $OpenBSD: Makefile,v 1.25 2011/05/16 21:05:52 gilles Exp $ +# $OpenBSD: Makefile,v 1.26 2011/05/17 16:42:06 gilles Exp $ PROG= smtpd -SRCS= aliases.c authenticate.c bounce.c client.c \ +SRCS= aliases.c auth_backend.c bounce.c client.c \ config.c control.c dns.c expand.c forward.c \ lka.c lka_session.c log.c map.c map_backend.c \ map_parser.c mda.c mfa.c mta.c parse.y queue.c \ |