smtpd - patch to add more authentication types

Wed, 27 May 2009 00:21:57 -0700 

Hello, everybody.

The following patch adds possibility  to have different authentication 
types with smtpd,
there can now be three of them:
1. bsdauth
2. authentication through program execution
3. authentication using plugin -- dlopen

Hope it will go into  main branch.
 
Gilles, dns at poolp.org is unresponsive, so I decided to put it here.

-- 
With best regards,
        Gregory Edigarov
--- smtpd.c.orig        Tue May 26 23:11:26 2009
+++ smtpd.c.new Tue May 26 23:19:12 2009
@@ -83,6 +83,44 @@
 
 extern char    **environ;
 
+char    *executable     = "/usr/libexec/smtpd-auth";
+char    *plugin         = "/usr/libexec/smtpd-auth.so";
+
+int auth_exec (char *executable, char *user, char *passwd)
+{       
+        pid_t a_pid;
+        int r;
+        
+        if( ( a_pid = fork()) == 0) 
+                execl(executable,executable,user,passwd);
+        else
+                r = wait();
+        return r;
+}       
+        
+int auth_plugin (char *plugin, char *user, char *passwd)
+{
+        void *handle; 
+        int (*smtp_authenticate) (char *user, char *pass); /* plugin must 
export this function */
+        int r;
+        
+        handle = dlopen (plugin,RTLD_NOW);
+        if (!handle) { 
+                /* perhaps should log something before */
+                return 0;
+        }
+        
+        smtp_authenticate = dlsym(handle,"smtp_authenticate");
+        if ((error = dlerror()) != NULL)  {
+                /*  again, should log something */
+                return 0;
+`       }
+        
+        r = smtp_authenticate (user,pass);
+        dlclose (handle);
+        return (r);
+}
+
 int __b64_pton(char const *, unsigned char *, size_t);
 
 __dead void
@@ -497,6 +535,24 @@
 
                        req->success = auth_userokay(req->user, NULL,
                            "auth-smtp", req->pass);
+
+                       /* this should be regulated from config */
+                /* option would be like: authtype = bsd|exec|plugin */  
+                /* plugin should go into /etc/mail/plugin/libauth.so */
+                /* but this should also be regulated with config parameter */
+                /* executable is /usr/libexec/smtpd-auth */
+
+                        switch (authmode){
+                        1:
+                                req->success = auth_userokay(user, NULL, 
"auth-smtp", pass);
+                                break;
+                        2:      
+                                req->success = auth_exec(executable,user,pass);
+                                break;
+                        3:      
+                                req->success = 
auth_plugin_call(plugin,user,pass);
+                                break;
+                        }
 
                        imsg_compose(ibuf, IMSG_PARENT_AUTHENTICATE, 0, 0,
                            -1, req, sizeof(*req));

Reply via email to