[prev in list] [next in list] [prev in thread] [next in thread]
List: dovecot
Subject: Re: [Dovecot] Tru64 Unix and SIA
From: Simon L Jackson <simon.jackson () carringbush ! net>
Date: 2006-09-27 3:43:50
Message-ID: 4519F376.7090003 () carringbush ! net
[Download RAW message or body]
Timo Sirainen wrote:
> On Wed, 2006-09-20 at 14:46 +1000, Simon L Jackson wrote:
>
>> I have recently written a (minimal) Tru64 Unix SIA password module for
>> Dovecot as part of testing a Dovecot installation.
>>
>> Has anyone else written a Tru64 Unix SIA module?
>>
>> Is anyone else interested in such a module?
>>
>> If so, how might I/we go about getting this/such a module into the
>> main Dovecot source?
>>
>
> First show me the code, then I'll see how it looks like :) If it's small
> you might as well post the patch here to the list, for larger either
> mail me or give some URL.
>
I'll try just posting it.
There are some diffs and finally that new source.
---------------------------------------------------------------------------------
b02> diff /usr/src/dovecot-1.0.rc7/configure.in.orig
/usr/src/dovecot-1.0.rc7/configure.in
101a102,110
> AC_ARG_WITH(sia,
> [ --with-sia Build with SIA support (default)],
> if test x$withval = xno; then
> want_sia=no
> else
> want_sia=yes
> fi,
> want_sia=yes)
>
1352a1362,1372
> ])
> fi
>
> if test $want_sia = yes; then
> AC_CHECK_FUNC(sia_validate_user, [
> AC_CHECK_HEADERS(sia.h siad.h sys/security.h)
> need_crypt=yes
> AC_DEFINE(PASSDB_SIA,, Build with SIA support)
> passdb="$passdb sia"
> AC_CHECK_LIB(security, sia_validate_user)
> LIBS="$LIBS -depth_ring_search"
b02> diff /usr/src/dovecot-1.0.rc7/config.h.in.orig
/usr/src/dovecot-1.0.rc7/config.h.in
407a408,410
> /* Build with sia support */
> #undef PASSDB_SIA
>
b02> diff /usr/src/dovecot-1.0.rc7/src/lib/mountpoint.c.orig
/usr/src/dovecot-1.0.rc7/src/lib/mountpoint.c
53c53
< point_r->type = p_strdup(pool, buf.f_fstypename);
---
> point_r->type = p_strdup(pool, getvfsbynumber(buf.f_type));
b02> diff /usr/src/dovecot-1.0.rc7/src/auth/Makefile.in.orig
/usr/src/dovecot-1.0.rc7/src/auth/Makefile.in
84,85c84,88
< passdb-checkpassword.$(OBJEXT) passdb-shadow.$(OBJEXT) \
< passdb-vpopmail.$(OBJEXT) passdb-sql.$(OBJEXT) \
---
> passdb-checkpassword.$(OBJEXT) \
> passdb-shadow.$(OBJEXT) \
> passdb-sia.$(OBJEXT) \
> passdb-vpopmail.$(OBJEXT) \
> passdb-sql.$(OBJEXT) \
312a316
> passdb-sia.c \
475a480
> @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/passdb-sia.Po@am__quote@
b02> diff /usr/src/dovecot-1.0.rc7/src/auth/passdb.c.orig
/usr/src/dovecot-1.0.rc7/src/auth/passdb.c
13a14
> extern struct passdb_module_interface passdb_sia;
38a40,42
> #endif
> #ifdef PASSDB_SIA
> &passdb_sia,
b02> cat /usr/src/dovecot-1.0.rc7/src/auth/passdb-sia.c
/* Copyright (C) 2006 Simon L Jackson */
#include "common.h"
#ifdef PASSDB_SIA
#include "safe-memset.h"
#include "passdb.h"
#include "mycrypt.h"
#include <pwd.h>
#include <sia.h>
#include <siad.h>
#include <sys/security.h>
/* #define SIA_CACHE_KEY "%u" */
#define SIA_PASS_SCHEME "CRYPT"
static int checkpw_collect (
int timeout,
int rendition,
uchar_t *title,
int nprompts,
prompt_t *prompts )
{
switch (rendition) {
case SIAONELINER:
case SIAINFO:
case SIAWARNING:
return SIACOLSUCCESS;
}
return SIACOLABORT; /* another else is bogus */
}
static void
local_sia_verify_plain(struct auth_request *request, const char *password,
verify_plain_callback_t *callback)
{
struct passwd *pw;
bool result;
pw = getpwnam(request->user);
if (pw == NULL) {
auth_request_log_info(request, "sia", "unknown user");
callback(PASSDB_RESULT_USER_UNKNOWN, request);
return;
}
/* check if the password is valid */
if (password != NULL) {
char *argutility = "dovecot";
result = ( sia_validate_user
(checkpw_collect,1,&argutility,NULL,
(char *) request->user,NULL,NULL,NULL,(char *)
password) == SIASUCCESS );
}
if (!result) {
auth_request_log_info(request, "sia", "password mismatch");
callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);
return;
}
/* make sure we're using the username exactly as it's in the
database */
auth_request_set_field(request, "user", pw->pw_name, NULL);
callback(PASSDB_RESULT_OK, request);
}
static void local_sia_init(struct passdb_module *module,
const char *args __attr_unused__)
{
/* module->cache_key = SIA_CACHE_KEY; */
module->default_pass_scheme = SIA_PASS_SCHEME;
}
static void local_sia_deinit(struct passdb_module *module __attr_unused__)
{
}
struct passdb_module_interface passdb_sia = {
"sia",
NULL,
local_sia_init,
local_sia_deinit,
local_sia_verify_plain,
NULL
};
#endif
-----------------------------------------------------------------------------------------
Cheers
--
Simon L Jackson
Carringbush.Net
+-
Carringbush.Net
Hosting * Development * Advice
Web: www.carringbush.net <http://www.carringbush.net/>
Email: simon.jackson@carringbush.net <mailto:simon.jackson@carringbush.net>
Office: +61 3 9411 4400
Support: +61 3 9411 4444
Fax: +61 3 9411 4499
Level 1
15 Bedford Street
Collingwood VIC 3066
Australia
P.O. Box 1464
Collingwood VIC 3066
Australia
+-
[Attachment #3 (text/html)]
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Timo Sirainen wrote:
<blockquote cite="mid1158937152.17848.18.camel@hurina" type="cite">
<pre wrap="">On Wed, 2006-09-20 at 14:46 +1000, Simon L Jackson wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I have recently written a (minimal) Tru64 Unix SIA password module \
for Dovecot as part of testing a Dovecot installation.
Has anyone else written a Tru64 Unix SIA module?
Is anyone else interested in such a module?
If so, how might I/we go about getting this/such a module into the
main Dovecot source?
</pre>
</blockquote>
<pre wrap=""><!---->
First show me the code, then I'll see how it looks like :) If it's small
you might as well post the patch here to the list, for larger either
mail me or give some URL.
</pre>
</blockquote>
I'll try just posting it.<br>
<br>
There are some diffs and finally that new source.<br>
<br>
---------------------------------------------------------------------------------<br>
b02> diff /usr/src/dovecot-1.0.rc7/configure.in.orig
/usr/src/dovecot-1.0.rc7/configure.in<br>
101a102,110<br>
> AC_ARG_WITH(sia,<br>
> [ --with-sia \
Build with SIA support (default)],<br> > if \
test x$withval = xno; then<br> \
> \
want_sia=no<br> > else<br>
> \
want_sia=yes<br> > fi,<br>
> want_sia=yes)<br>
><br>
1352a1362,1372<br>
> ])<br>
> fi<br>
><br>
> if test $want_sia = yes; then<br>
> AC_CHECK_FUNC(sia_validate_user, [<br>
> \
AC_CHECK_HEADERS(sia.h siad.h sys/security.h)<br> \
> \
need_crypt=yes<br> > \
AC_DEFINE(PASSDB_SIA,, Build with SIA support)<br> \
> \
passdb="$passdb sia"<br> \
> \
AC_CHECK_LIB(security, sia_validate_user)<br> \
> \
LIBS="$LIBS -depth_ring_search"<br> b02> diff \
/usr/src/dovecot-1.0.rc7/config.h.in.orig
/usr/src/dovecot-1.0.rc7/config.h.in<br>
407a408,410<br>
> /* Build with sia support */<br>
> #undef PASSDB_SIA<br>
><br>
b02> diff /usr/src/dovecot-1.0.rc7/src/lib/mountpoint.c.orig
/usr/src/dovecot-1.0.rc7/src/lib/mountpoint.c<br>
53c53<br>
< point_r->type = p_strdup(pool, \
buf.f_fstypename);<br>
---<br>
> point_r->type = p_strdup(pool,
getvfsbynumber(buf.f_type));<br>
b02> diff /usr/src/dovecot-1.0.rc7/src/auth/Makefile.in.orig
/usr/src/dovecot-1.0.rc7/src/auth/Makefile.in<br>
84,85c84,88<br>
< passdb-checkpassword.$(OBJEXT) \
passdb-shadow.$(OBJEXT) \<br> < \
passdb-vpopmail.$(OBJEXT) passdb-sql.$(OBJEXT) \<br>
---<br>
> passdb-checkpassword.$(OBJEXT) \<br>
> passdb-shadow.$(OBJEXT) \<br>
> passdb-sia.$(OBJEXT) \<br>
> passdb-vpopmail.$(OBJEXT) \<br>
> passdb-sql.$(OBJEXT) \<br>
312a316<br>
> passdb-sia.c \<br>
475a480<br>
> @AMDEP_TRUE@@am__include@
@am__quote@./$(DEPDIR)/passdb-sia.Po@am__quote@<br>
b02> diff /usr/src/dovecot-1.0.rc7/src/auth/passdb.c.orig
/usr/src/dovecot-1.0.rc7/src/auth/passdb.c<br>
13a14<br>
> extern struct passdb_module_interface passdb_sia;<br>
38a40,42<br>
> #endif<br>
> #ifdef PASSDB_SIA<br>
> &passdb_sia,<br>
b02> cat /usr/src/dovecot-1.0.rc7/src/auth/passdb-sia.c<br>
/* Copyright (C) 2006 Simon L Jackson */<br>
<br>
#include "common.h"<br>
<br>
#ifdef PASSDB_SIA<br>
<br>
#include "safe-memset.h"<br>
#include "passdb.h"<br>
#include "mycrypt.h"<br>
<br>
#include <pwd.h><br>
#include <sia.h><br>
#include <siad.h><br>
#include <sys/security.h><br>
<br>
/* #define SIA_CACHE_KEY "%u" */<br>
#define SIA_PASS_SCHEME "CRYPT"<br>
<br>
static int checkpw_collect (<br>
int timeout,<br>
int rendition,<br>
uchar_t *title,<br>
int nprompts,<br>
prompt_t *prompts )<br>
{<br>
switch (rendition) {<br>
case SIAONELINER:<br>
case SIAINFO:<br>
case SIAWARNING:<br>
return SIACOLSUCCESS;<br>
}<br>
return SIACOLABORT; \
/* another else is bogus */<br> }<br>
<br>
<br>
static void<br>
local_sia_verify_plain(struct auth_request *request, const char
*password,<br>
\
verify_plain_callback_t *callback)<br> {<br>
struct passwd *pw;<br>
bool result;<br>
<br>
pw = getpwnam(request->user);<br>
if (pw == NULL) {<br>
\
auth_request_log_info(request, "sia", "unknown user");<br> \
\
callback(PASSDB_RESULT_USER_UNKNOWN, request);<br> \
\
return;<br> }<br>
<br>
/* check if the password is valid */<br>
if (password != NULL) {<br>
\
char *argutility = "dovecot";<br> \
\
result = ( sia_validate_user (checkpw_collect,1,&argutility,NULL,<br>
\
(char *) request->user,NULL,NULL,NULL,(char
*) password) == SIASUCCESS );<br>
}<br>
<br>
if (!result) {<br>
\
auth_request_log_info(request, "sia", "password mismatch");<br>
\
callback(PASSDB_RESULT_PASSWORD_MISMATCH, request);<br> \
\
return;<br> }<br>
<br>
/* make sure we're using the username \
exactly as it's in the database */<br>
auth_request_set_field(request, "user", \
pw->pw_name, NULL);<br> <br>
callback(PASSDB_RESULT_OK, request);<br>
}<br>
<br>
static void local_sia_init(struct passdb_module *module,<br>
\
const char *args __attr_unused__)<br> {<br>
/* module->cache_key = SIA_CACHE_KEY; */<br>
module->default_pass_scheme = \
SIA_PASS_SCHEME;<br> }<br>
<br>
static void local_sia_deinit(struct passdb_module *module
__attr_unused__)<br>
{<br>
}<br>
<br>
struct passdb_module_interface passdb_sia = {<br>
"sia",<br>
<br>
NULL,<br>
local_sia_init,<br>
local_sia_deinit,<br>
<br>
local_sia_verify_plain,<br>
NULL<br>
};<br>
<br>
#endif<br>
<br>
-----------------------------------------------------------------------------------------<br>
<br>
Cheers<br>
<br>
<div class="moz-signature">-- <br>
Simon L Jackson<br>
Carringbush.Net<br>
<br>
+-<br>
Carringbush.Net<br>
Hosting * Development * Advice<br>
<br>
Web: <a href="http://www.carringbush.net/">www.carringbush.net</a><br>
Email: <a href="mailto:simon.jackson@carringbush.net">simon.jackson@carringbush.net</a><br>
<br>
Office: +61 3 9411 4400<br>
Support: +61 3 9411 4444<br>
Fax: +61 3 9411 4499<br>
<br>
Level 1<br>
15 Bedford Street<br>
Collingwood VIC 3066<br>
Australia<br>
<br>
P.O. Box 1464<br>
Collingwood VIC 3066<br>
Australia<br>
+-<br>
</div>
</body>
</html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic