On Mon, 19 Aug 2002 10:19:57 +0200, Marc Haber
<[EMAIL PROTECTED]> wrote:
>I am currently trying to write an authcustom module to allow courier
>to authenticate via a command line program. I am by no way a C adept,
>but at least my code does not segfault any more. However, my
>authentication code does not work at the moment.
The reason was - ironically - broken newline handling, four weeks
before courier itself began to suffer the same problems ;)
In the thread I am now writing, I accused Sam of shipping broken
authcustom code. I have to apologize since his code is actually fine.
Learned that with a debugger after writing example code to explore the
authentication system.
I found that very hard since authcustom does not contain useable code,
so there is nothing to start from. To make this process easier for the
next people, I decided to publish my example code. It does not do any
error detection, and it simply interfaces with a dumb shell script.
But I still hope that it will make the process of understanding
courier easier for other people, and maybe feedback about my code will
help me to better understand what I did.
The patch is made against Debian's courier 0.39.1-1, but will most
probably apply against the upstream as well.
Sam, please consider applying that patch to the distribution. It won't
break anything since it only modifies a module that is useless in the
distribution anyway since it is missing the functional code, but it
will help people in writing their own authcustom module.
I would appreciate any comments since I don't consider myself fluent
in C. There are probably bad mistakes in the code.
Greetings
Marc
diff -urN courier-0.39.1/authlib/authcustom.sh
courier/authlib/authcustom.sh
--- courier-0.39.1/authlib/authcustom.sh Thu Jan 1 00:00:00
1970
+++ courier/authlib/authcustom.sh Thu Sep 26 19:20:04 2002
@@ -0,0 +1,62 @@
+#!/bin/bash
+
+# this is a simple external authcustom program
+# its single argument is only used as a demonstration (if it is not
"doit",
+# don't do anything).
+# on stdin, it receives the username
+# on stdout, it emits the following 11 lines:
+# returncode (0: ok, informaiton follows, 1: error, -1: user
does not exist
+# sysusername
+# sysuserid
+# sysgroupid
+# homedir
+# address
+# fullname
+# maildir
+# quota
+# passwd
+# clearpasswd
+# Its output is then parsed into the courier struct authinfo by code
+# in preauthcustom.c
+
+ARG="$1"
+
+if [ "$ARG" != "doit" ]; then
+ echo "1"
+ exit 1
+fi
+
+read USERID
+
+case "$USERID" in
+ luser)
+ echo "0"
+ echo "luser"
+ echo "1234"
+ echo "1234"
+ echo "/home/luser"
+ echo "[EMAIL PROTECTED]"
+ echo "Joe Q. Luser"
+ echo ".mail"
+ echo "0"
+ echo ""
+ echo "astupidpassword"
+ ;;
+ mh)
+ echo "0"
+ echo "mh"
+ echo "5310"
+ echo "5310"
+ echo "/home/haber"
+ echo "[EMAIL PROTECTED]"
+ echo "Marc Haber"
+ echo ".mail"
+ echo "0"
+ echo ""
+ echo "Acij9ez"
+ ;;
+ *)
+ echo -1
+ exit 1
+ ;;
+esac
diff -urN courier-0.39.1/authlib/preauthcustom.c
courier/authlib/preauthcustom.c
--- courier-0.39.1/authlib/preauthcustom.c Fri Mar 30 02:20:35
2001
+++ courier/authlib/preauthcustom.c Thu Sep 26 18:21:06 2002
@@ -63,6 +63,38 @@
return ((*callback)(&auth, arg));
}
+static int get_malloced_string( FILE **infile, char **string )
+{
+ char buffer[200];
+ if( fgets(buffer, 200, *infile ))
+ {
+ if( buffer[strlen(buffer)-1] == '\n' )
+ {
+ buffer[strlen(buffer)-1]='\0';
+ }
+ if( (*string=malloc(strlen(buffer)+1)))
+ {
+ strcpy(*string,buffer);
+ }
+ else
+ {
+ perror("malloc");
+ return(1);
+ }
+ }
+ return 0;
+}
+
+static int free_char( char **ptr )
+{
+ if(*ptr)
+ {
+ free(*ptr);
+ *ptr=NULL;
+ }
+ return 0;
+}
+
static int do_auth_custom(const char *userid, struct authinfo
*authinfo)
{
/*
@@ -79,7 +111,132 @@
** If userid does not exist, return (-1).
*/
- return (-1);
+ /* BEGIN SAMPLE CODE */
+
+ static int returncode;
+ static char *sysusername;
+ static uid_t *sysuserid;
+ gid_t sysgroupid;
+ static char *homedir;
+
+ static char *address;
+ static char *fullname;
+ static char *maildir;
+ static char *quota;
+
+ static char *passwd;
+ static char *clearpasswd;
+
+ pid_t p;
+ int stdin[2];
+ int stdout[2];
+ int stderr[2];
+ int tochild;
+ int fromchild;
+ FILE *FROMCHILD;
+
+ uid_t unneeded;
+
+ char buffer[200];
+
+
+ free_char(&sysusername);
+
+ if(sysuserid)
+ {
+ free(sysuserid);
+ sysuserid=NULL;
+ }
+
+ free_char(&homedir);
+ free_char(&address);
+ free_char(&fullname);
+ free_char(&maildir);
+ free_char("a);
+ free_char(&passwd);
+ free_char(&clearpasswd);
+
+ pipe(stdin);
+ pipe(stdout);
+ pipe(stderr);
+
+ while((p=fork()) < 0)
+ {
+ perror("fork");
+ sleep(3);
+ }
+ if(!p)
+ {
+ dup2(stdin[0],0);
+ dup2(stdout[1],1);
+ dup2(stderr[1],2);
+
+ /* Execute external program. pathname and _one_
_single_
+ argument fed in from environment
*/
+
execl(getenv("AUTHCUSTOMPROG"),getenv("AUTHCUSTOMPROG"),getenv("AUTHCUSTOMARG"),NULL);
+ return 1;
+ }
+
+ tochild = stdin[1];
+ fromchild = stdout[0];
+
+ FROMCHILD=fdopen(fromchild, "r");
+
+ write(tochild, userid, strlen(userid) );
+ write(tochild, "\n", 1 );
+
+ if( fgets(buffer, 200, FROMCHILD ))
+ {
+ returncode=atoi(buffer);
+ }
+
+ if( returncode != 0 ) {
+ return returncode;
+ }
+
+ get_malloced_string( &FROMCHILD, &sysusername );
+
+ if( fgets(buffer, 200, FROMCHILD ))
+ {
+ if( (sysuserid=malloc(sizeof(*sysuserid))))
+ {
+ *sysuserid=atoi(buffer);
+ }
+ else
+ {
+ perror("malloc");
+ return(1);
+ }
+ }
+
+ if( fgets(buffer, 200, FROMCHILD ))
+ {
+ sysgroupid=atoi(buffer);
+ }
+
+ get_malloced_string( &FROMCHILD, &homedir );
+ get_malloced_string( &FROMCHILD, &address );
+ get_malloced_string( &FROMCHILD, &fullname );
+ get_malloced_string( &FROMCHILD, &maildir );
+ get_malloced_string( &FROMCHILD, "a );
+ get_malloced_string( &FROMCHILD, &passwd );
+ get_malloced_string( &FROMCHILD, &clearpasswd );
+
+ fclose(FROMCHILD);
+
+ authinfo->sysusername=sysusername;
+ authinfo->sysuserid=sysuserid;
+ authinfo->sysgroupid=sysgroupid;
+ authinfo->homedir=homedir;
+ authinfo->address=address;
+ authinfo->fullname=fullname;
+ authinfo->maildir=maildir;
+ authinfo->quota=quota;
+ authinfo->passwd=passwd;
+ authinfo->clearpasswd=clearpasswd;
+ return(0);
+
+ /* END SAMPLE CODE */
/*
** If there is some kind of a system problem, that is you are
diff -urN courier-0.39.1/debian/changelog courier/debian/changelog
--- courier-0.39.1/debian/changelog Thu Sep 26 19:30:23 2002
+++ courier/debian/changelog Thu Sep 26 19:42:06 2002
@@ -1,3 +1,12 @@
+courier (0.39.1-1tpl2) unstable; urgency=low
+
+ * built on woody
+ * applied authcustom patch
+ * included authcustom shell script
+ * liberalized userdb mask for account name
+
+ -- Marc Haber <[EMAIL PROTECTED]> Thu, 26 Sep 2002
19:41:55 +0000
+
courier (0.39.1-1) unstable; urgency=high
* new upstream release (Closes: #141878, #149928), includes
courierfax module
diff -urN courier-0.39.1/userdb/userdb.pl.in
courier/userdb/userdb.pl.in
--- courier-0.39.1/userdb/userdb.pl.in Sun May 7 17:36:31 2000
+++ courier/userdb/userdb.pl.in Thu Sep 26 19:45:22 2002
@@ -73,7 +73,7 @@
else
{
die "Invalid name: $name\n"
- unless $name =~ /^[\@a-zA-Z0-9\.\-]+$/;
+ unless $name =~ /^[\@a-zA-Z0-9\.\-:;_!+%]+$/;
}
grep( (/[\|\n]/ && die "Invalid field or value.\n"), @ARGV);
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
