author | Kim Alvefur <zash@zash.se> |
Sat, 25 Jan 2020 01:31:49 +0100 | |
changeset 3861 | 8752e5b5dd08 |
parent 2463 | 8e686bf63441 |
permissions | -rw-r--r-- |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 |
-- mod_net_dovecotauth.lua |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
-- |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 |
-- Protocol spec: |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
-- http://dovecot.org/doc/auth-protocol.txt |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 |
-- |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
-- Example postfix config: |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 |
-- sudo postconf smtpd_sasl_path=inet:127.0.0.1:28484 |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 |
-- sudo postconf smtpd_sasl_type=dovecot |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 |
-- sudo postconf smtpd_sasl_auth_enable=yes |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 |
module:set_global(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 |
-- Imports |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
local new_sasl = require "core.usermanager".get_sasl_handler; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 |
local user_exists = require "core.usermanager".user_exists; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 |
local base64 = require"util.encodings".base64; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
17 |
local dump = require"util.serialization".serialize; |
2461
17539a5d73f4
mod_net_dovecotauth: Import util.pposix [luacheck]
Kim Alvefur <zash@zash.se>
parents:
2460
diff
changeset
|
18 |
local pposix = require "util.pposix"; |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
19 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
20 |
-- Config |
2015
1831c7b23286
mod_net_dovecotauth: Improve variable names for clarity
Kim Alvefur <zash@zash.se>
parents:
1491
diff
changeset
|
21 |
local default_vhost = module:get_option_string("dovecotauth_host", (next(hosts))); -- TODO Is there a better solution? |
1491
e7294423512f
mod_net_dovecotauth: Fix typo in config option
Kim Alvefur <zash@zash.se>
parents:
1088
diff
changeset
|
22 |
local allow_master = module:get_option_boolean("dovecotauth_allow_master", false); |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
24 |
-- Active sessions |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
25 |
local sessions = {}; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
26 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
27 |
-- Session methods |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
28 |
local new_session; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
29 |
do |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
30 |
local sess = { }; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
31 |
local sess_mt = { __index = sess }; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
32 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
33 |
function new_session(conn) |
2463
8e686bf63441
mod_net_dovecotauth: Rename variable to avoid name clash [luacheck]
Kim Alvefur <zash@zash.se>
parents:
2462
diff
changeset
|
34 |
local s = { type = "?", conn = conn, buf = "", sasl = {} } |
8e686bf63441
mod_net_dovecotauth: Rename variable to avoid name clash [luacheck]
Kim Alvefur <zash@zash.se>
parents:
2462
diff
changeset
|
35 |
function s:log(l, m, ...) |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
36 |
return module:log(l, self.type..tonumber(tostring(self):match("%x+$"), 16)..": "..m, ...); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
37 |
end |
2463
8e686bf63441
mod_net_dovecotauth: Rename variable to avoid name clash [luacheck]
Kim Alvefur <zash@zash.se>
parents:
2462
diff
changeset
|
38 |
return setmetatable(s, sess_mt); |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
39 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
40 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
41 |
function sess:send(...) |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
42 |
local data = table.concat({...}, "\t") .. "\n" |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
43 |
-- self:log("debug", "SEND: %s", dump(ret)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
44 |
return self.conn:write(data); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
45 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
46 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
47 |
local mech_params = { |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
48 |
ANONYMOUS = "anonymous"; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
49 |
PLAIN = "plaintext"; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
50 |
["DIGEST-MD5"] = "mutual-auth"; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
51 |
["SCRAM-SHA-1"] = "mutual-auth"; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
52 |
["SCRAM-SHA-1-PLUS"] = "mutual-auth"; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
53 |
} |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
54 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
55 |
function sess:handshake() |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
56 |
self:send("VERSION", 1, 1); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
57 |
self:send("SPID", pposix.getpid()); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
58 |
self:send("CUID", tonumber(tostring(self):match"%x+$", 16)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
59 |
for mech in pairs(self.g_sasl:mechanisms()) do |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
60 |
self:send("MECH", mech, mech_params[mech]); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
61 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
62 |
self:send("DONE"); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
63 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
64 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
65 |
function sess:feed(data) |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
66 |
-- TODO break this up a bit |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
67 |
-- module:log("debug", "sess = %s", dump(self)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
68 |
local buf = self.buf; |
2460
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2015
diff
changeset
|
69 |
buf = buf .. data; |
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2015
diff
changeset
|
70 |
local line, eol = buf:match("(.-)\r?\n()") |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
71 |
while line and line ~= "" do |
2460
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2015
diff
changeset
|
72 |
buf = buf:sub(eol); |
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2015
diff
changeset
|
73 |
self.buf = buf; |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
74 |
local part = line:gmatch("[^\t]+"); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
75 |
local command = part(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
76 |
if command == "VERSION" then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
77 |
local major = tonumber(part()); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
78 |
local minor = tonumber(part()); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
79 |
if major ~= 1 then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
80 |
self:log("warn", "Wrong version, expected 1.1, got %s.%s", tostring(major), tostring(minor)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
81 |
self.conn:close(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
82 |
break; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
83 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
84 |
elseif command == "CPID" then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
85 |
self.type = "C"; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
86 |
self.pid = part(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
87 |
elseif command == "SPID" and allow_master then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
88 |
self.type = "M"; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
89 |
self.pid = part(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
90 |
elseif command == "AUTH" and self.type ~= "?" then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
91 |
-- C: "AUTH" TAB <id> TAB <mechanism> TAB service=<service> [TAB <parameters>] |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
92 |
local id = part() -- <id> |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
93 |
local sasl = self.sasl[id]; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
94 |
local mech = part(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
95 |
if not sasl then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
96 |
-- TODO Should maybe initialize SASL handler after parsing the line? |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
97 |
sasl = self.g_sasl:clean_clone(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
98 |
self.sasl[id] = sasl; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
99 |
if not sasl:select(mech) then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
100 |
self:send("FAIL", id, "reason=invalid-mechanism"); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
101 |
self.sasl[id] = nil; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
102 |
sasl = false |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
103 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
104 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
105 |
if sasl then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
106 |
local params = {}; -- Not used for anything yet |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
107 |
for p in part do |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
108 |
local k,v = p:match("^([^=]*)=(.*)$"); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
109 |
if k == "resp" then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
110 |
self:log("debug", "params = %s", dump(params)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
111 |
v = base64.decode(v); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
112 |
local status, ret, err = sasl:process(v); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
113 |
self:log("debug", status); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
114 |
if status == "challenge" then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
115 |
self:send("CONT", id, base64.encode(ret)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
116 |
elseif status == "failure" then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
117 |
self.sasl[id] = nil; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
118 |
self:send("FAIL", id, "reason="..tostring(err)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
119 |
elseif status == "success" then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
120 |
self.sasl[id] = nil; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
121 |
self:send("OK", id, "user="..sasl.username, ret and "resp="..base64.encode(ret)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
122 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
123 |
break; -- resp MUST be the last param |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
124 |
else |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
125 |
params[k or p] = v or true; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
126 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
127 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
128 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
129 |
elseif command == "USER" and self.type == "M" then |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
130 |
-- FIXME Should this be on a separate listener? |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
131 |
local id = part(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
132 |
local user = part(); |
2015
1831c7b23286
mod_net_dovecotauth: Improve variable names for clarity
Kim Alvefur <zash@zash.se>
parents:
1491
diff
changeset
|
133 |
if user and user_exists(user, default_vhost) then |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
134 |
self:send("USER", id); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
135 |
else |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
136 |
self:send("NOTFOUND", id); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
137 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
138 |
else |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
139 |
self:log("warn", "Unhandled command %s", tostring(command)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
140 |
self.conn:close(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
141 |
break; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
142 |
end |
2460
f3fc2b672df3
mod_net_dovecotauth: Replace missing buffer lib with simpler string based buffering
Kim Alvefur <zash@zash.se>
parents:
2015
diff
changeset
|
143 |
line, eol = buf:match("(.-)\r?\n()") |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
144 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
145 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
146 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
147 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
148 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
149 |
local listener = {} |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
150 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
151 |
function listener.onconnect(conn) |
2462
20f9d7150777
mod_net_dovecotauth: Make variable local [luacheck]
Kim Alvefur <zash@zash.se>
parents:
2461
diff
changeset
|
152 |
local s = new_session(conn); |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
153 |
sessions[conn] = s; |
2015
1831c7b23286
mod_net_dovecotauth: Improve variable names for clarity
Kim Alvefur <zash@zash.se>
parents:
1491
diff
changeset
|
154 |
local g_sasl = new_sasl(default_vhost, s); |
1088
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
155 |
s.g_sasl = g_sasl; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
156 |
s:handshake(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
157 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
158 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
159 |
function listener.onincoming(conn, data) |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
160 |
local s = sessions[conn]; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
161 |
-- s:log("debug", "RECV %s", dump(data)); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
162 |
return s:feed(data); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
163 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
164 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
165 |
function listener.ondisconnect(conn) |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
166 |
sessions[conn] = nil; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
167 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
168 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
169 |
function module.unload() |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
170 |
for c in pairs(sessions) do |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
171 |
c:close(); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
172 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
173 |
end |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
174 |
|
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
175 |
module:provides("net", { |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
176 |
default_port = 28484; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
177 |
listener = listener; |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
178 |
}); |
6f8e7f65f704
mod_net_dovecotauth: Initial commit of server implementation of the Dovecot authentication protocol
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
179 |