Mercurial > prosody-modules
annotate mod_net_dovecotauth/mod_net_dovecotauth.lua @ 2456:f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 22 Jan 2017 04:41:04 +0100 |
| parents | 1831c7b23286 |
| children | 17539a5d73f4 |
| rev | line source |
|---|---|
|
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- mod_net_dovecotauth.lua |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 -- |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 -- Protocol spec: |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 -- http://dovecot.org/doc/auth-protocol.txt |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 -- |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 -- Example postfix config: |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 -- sudo postconf smtpd_sasl_path=inet:127.0.0.1:28484 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 -- sudo postconf smtpd_sasl_type=dovecot |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 -- sudo postconf smtpd_sasl_auth_enable=yes |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 module:set_global(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 -- Imports |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 local new_sasl = require "core.usermanager".get_sasl_handler; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 local user_exists = require "core.usermanager".user_exists; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 local base64 = require"util.encodings".base64; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 local dump = require"util.serialization".serialize; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
18 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 -- Config |
|
2011
1831c7b23286
mod_net_dovecotauth: Improve variable names for clarity
Kim Alvefur <zash@zash.se>
parents:
1491
diff
changeset
|
20 local default_vhost = module:get_option_string("dovecotauth_host", (next(hosts))); -- TODO Is there a better solution? |
|
1491
e7294423512f
mod_net_dovecotauth: Fix typo in config option
Kim Alvefur <zash@zash.se>
parents:
1088
diff
changeset
|
21 local allow_master = module:get_option_boolean("dovecotauth_allow_master", false); |
|
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
22 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 -- Active sessions |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 local sessions = {}; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 -- Session methods |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 local new_session; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 do |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 local sess = { }; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 local sess_mt = { __index = sess }; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 function new_session(conn) |
|
2456
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2011
diff
changeset
|
33 local sess = { type = "?", conn = conn, buf = "", sasl = {} } |
|
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
34 function sess:log(l, m, ...) |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
35 return module:log(l, self.type..tonumber(tostring(self):match("%x+$"), 16)..": "..m, ...); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 return setmetatable(sess, sess_mt); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
38 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 function sess:send(...) |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 local data = table.concat({...}, "\t") .. "\n" |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 -- self:log("debug", "SEND: %s", dump(ret)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 return self.conn:write(data); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 local mech_params = { |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 ANONYMOUS = "anonymous"; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 PLAIN = "plaintext"; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 ["DIGEST-MD5"] = "mutual-auth"; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 ["SCRAM-SHA-1"] = "mutual-auth"; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 ["SCRAM-SHA-1-PLUS"] = "mutual-auth"; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 } |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 function sess:handshake() |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 self:send("VERSION", 1, 1); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 self:send("SPID", pposix.getpid()); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 self:send("CUID", tonumber(tostring(self):match"%x+$", 16)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 for mech in pairs(self.g_sasl:mechanisms()) do |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 self:send("MECH", mech, mech_params[mech]); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 self:send("DONE"); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 function sess:feed(data) |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 -- TODO break this up a bit |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 -- module:log("debug", "sess = %s", dump(self)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 local buf = self.buf; |
|
2456
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2011
diff
changeset
|
68 buf = buf .. data; |
|
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2011
diff
changeset
|
69 local line, eol = buf:match("(.-)\r?\n()") |
|
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
70 while line and line ~= "" do |
|
2456
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2011
diff
changeset
|
71 buf = buf:sub(eol); |
|
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2011
diff
changeset
|
72 self.buf = buf; |
|
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
73 local part = line:gmatch("[^\t]+"); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 local command = part(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 if command == "VERSION" then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 local major = tonumber(part()); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
77 local minor = tonumber(part()); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
78 if major ~= 1 then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
79 self:log("warn", "Wrong version, expected 1.1, got %s.%s", tostring(major), tostring(minor)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
80 self.conn:close(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
81 break; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
82 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 elseif command == "CPID" then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
84 self.type = "C"; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
85 self.pid = part(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
86 elseif command == "SPID" and allow_master then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
87 self.type = "M"; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
88 self.pid = part(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
89 elseif command == "AUTH" and self.type ~= "?" then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
90 -- C: "AUTH" TAB <id> TAB <mechanism> TAB service=<service> [TAB <parameters>] |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
91 local id = part() -- <id> |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
92 local sasl = self.sasl[id]; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
93 local mech = part(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
94 if not sasl then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
95 -- TODO Should maybe initialize SASL handler after parsing the line? |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
96 sasl = self.g_sasl:clean_clone(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
97 self.sasl[id] = sasl; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
98 if not sasl:select(mech) then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
99 self:send("FAIL", id, "reason=invalid-mechanism"); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
100 self.sasl[id] = nil; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
101 sasl = false |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
102 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
103 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
104 if sasl then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
105 local params = {}; -- Not used for anything yet |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
106 for p in part do |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
107 local k,v = p:match("^([^=]*)=(.*)$"); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
108 if k == "resp" then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
109 self:log("debug", "params = %s", dump(params)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
110 v = base64.decode(v); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
111 local status, ret, err = sasl:process(v); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
112 self:log("debug", status); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
113 if status == "challenge" then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
114 self:send("CONT", id, base64.encode(ret)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
115 elseif status == "failure" then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
116 self.sasl[id] = nil; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
117 self:send("FAIL", id, "reason="..tostring(err)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
118 elseif status == "success" then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
119 self.sasl[id] = nil; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
120 self:send("OK", id, "user="..sasl.username, ret and "resp="..base64.encode(ret)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
121 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
122 break; -- resp MUST be the last param |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
123 else |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
124 params[k or p] = v or true; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
125 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
126 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
127 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
128 elseif command == "USER" and self.type == "M" then |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
129 -- FIXME Should this be on a separate listener? |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
130 local id = part(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
131 local user = part(); |
|
2011
1831c7b23286
mod_net_dovecotauth: Improve variable names for clarity
Kim Alvefur <zash@zash.se>
parents:
1491
diff
changeset
|
132 if user and user_exists(user, default_vhost) then |
|
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
133 self:send("USER", id); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
134 else |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
135 self:send("NOTFOUND", id); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
136 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
137 else |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
138 self:log("warn", "Unhandled command %s", tostring(command)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
139 self.conn:close(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
140 break; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
141 end |
|
2456
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2011
diff
changeset
|
142 line, eol = buf:match("(.-)\r?\n()") |
|
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
143 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
144 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
145 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
146 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
147 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
148 local listener = {} |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
149 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
150 function listener.onconnect(conn) |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
151 s = new_session(conn); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
152 sessions[conn] = s; |
|
2011
1831c7b23286
mod_net_dovecotauth: Improve variable names for clarity
Kim Alvefur <zash@zash.se>
parents:
1491
diff
changeset
|
153 local g_sasl = new_sasl(default_vhost, s); |
|
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
154 s.g_sasl = g_sasl; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
155 s:handshake(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
156 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
157 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
158 function listener.onincoming(conn, data) |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
159 local s = sessions[conn]; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
160 -- s:log("debug", "RECV %s", dump(data)); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
161 return s:feed(data); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
162 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
163 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
164 function listener.ondisconnect(conn) |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
165 sessions[conn] = nil; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
166 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
167 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
168 function module.unload() |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
169 for c in pairs(sessions) do |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
170 c:close(); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
171 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
172 end |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
173 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
174 module:provides("net", { |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
175 default_port = 28484; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
176 listener = listener; |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
177 }); |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
178 |