byterazor/qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f37fba7c2b
qpsmtpd/plugins/auth/auth_vpopmaild
Matt Simerson a6e664ce83 Altered SASL method to include the mechanism in log entries. 
removed auth method from return calls in all auth plugins. The caller knows the mechanism already. In the code, the difference looks like this:

before:
        or return (DENY, "authcvm/$method");
after:
        or return (DENY, "authcvm");

Added debug level log entries in auth_vpopmaild

Conflicts:

	plugins/auth/auth_vpopmail_sql
2012-05-06 16:20:25 -07:00

119 lines
3.0 KiB
Perl
Raw Blame History

#!perl -w
use strict;
use warnings;
use Qpsmtpd::Constants;
use IO::Socket;
use version;
my $VERSION = qv('1.0.2');
sub register {
my ($self, $qp, %args) = @_;
$self->{_vpopmaild_host} = $args{host} || 'localhost';
$self->{_vpopmaild_port} = $args{port} || '89';
$self->register_hook('auth-plain', 'auth_vpopmaild');
$self->register_hook('auth-login', 'auth_vpopmaild');
#$self->register_hook('auth-cram-md5', 'auth_vpopmaild'); # not supported
}
sub auth_vpopmaild {
my ($self, $transaction, $method, $user, $passClear, $passHash, $ticket) = @_;
if ( ! $passClear ) {
$self->log(LOGINFO, "vpopmaild does not support cram-md5");
return DECLINED;
}
# create socket
my $vpopmaild_socket =
IO::Socket::INET->new(
PeerAddr => $self->{_vpopmaild_host},
PeerPort => $self->{_vpopmaild_port},
Proto => 'tcp',
Type => SOCK_STREAM
) or return DECLINED;
$self->log(LOGDEBUG, "attempting $method");
# Get server greeting (+OK)
my $connect_response = <$vpopmaild_socket>;
if ( ! $connect_response ) {
$self->log(LOGERROR, "no connection response");
close($vpopmaild_socket);
return DECLINED;
};
if ( $connect_response !~ /^\+OK/ ) {
$self->log(LOGERROR, "bad connection response: $connect_response");
close($vpopmaild_socket);
return DECLINED;
};
print $vpopmaild_socket "login $user $passClear\n\r"; # send login details
my $login_response = <$vpopmaild_socket>; # get response from server
close($vpopmaild_socket);
if ( ! $login_response ) {
$self->log(LOGERROR, "no login response");
return DECLINED;
};
# check for successful login (single line (+OK) or multiline (+OK+))
if ( $login_response =~ /^\+OK/ ) {
$self->log(LOGDEBUG, "auth success");
return (OK, 'auth_vpopmaild');
};
$self->log(LOGNOTICE, "failed authentication response: $login_response");
return DECLINED;
}
__END__
=head1 NAME
auth_vpopmaild - Authenticate to vpopmaild
=head1 DESCRIPTION
Authenticates the user against against vpopmaild [1] daemon.
=head1 CONFIGURATION
Add a line to C<config/plugins> as follows:
auth_vpopmaild
By default, the plugin connects to localhot on port 89. If your vpopmaild
daemon is running on a different host or port, specify as follows:
auth_vpopmaild host [host] port [port]
=head1 SEE ALSO
For an overview of the vpopmail authentication plugins and their merits,
please read the VPOPMAIL section in doc/authentication.pod
=head1 LINKS
[1] http://www.qmailwiki.org/Vpopmaild
=head1 AUTHOR
Robin Bowes <robin.bowes@yo61.com>
Matt Simerson (4/2012: added CRAM-MD5 support, updated response parsing)
=head1 COPYRIGHT AND LICENSE
Copyright (c) 2010 Robin Bowes
This plugin is licensed under the same terms as the qpsmtpd package itself.
Please see the LICENSE file included with qpsmtpd for details.
=cut
Reference in New Issue View Git Blame Copy Permalink