archive-org.com » ORG » L » LIFEWITHQMAIL.ORG

Total: 92

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".

  • close fds 0 write fds 1 smtpauthlogin str len smtpauthlogin 1 write fds 1 smtpauthpass str len smtpauthpass 1 if str len smtpauthtimestamp write fds 1 smtpauthtimestamp str len smtpauthtimestamp 1 close fds 1 wait pid st pid if wait crashed st die crash if wait exitcode st 0 out 235 go ahead r n flush relayok relayclient authenticated 1 remoteinfo smtpauthlogin return sleep 2 out 535 auth failure r n flush return void smtp auth arg char arg int ret netscape 4 5 sends AUTH LOGIN microsoft outlook express sends AUTH LOGIN idea is simple use an external program to test authority if success set RELAYCLIENT otherwise let them know nicely hangup note i really don t like djb s coding style even though i m using it here i think using spaces for tabs is bad mrs brisby nimh org Here i ve added support for other auth types brush elysium pl if authenticated if ret strncasecmp arg login 5 0 while arg arg arg arg pass over the space while arg arg arg arg if arg arg here s the base64 encoded login b64 pton arg smtpauthlogin sizeof smtpauthlogin else out 334 VXNlcm5hbWU6 r n b64 0 b64 pton smtpauth s smtpauthlogin sizeof smtpauthlogin else die read out 334 UGFzc3dvcmQ6 r n b64 0 b64 pton smtpauth s smtpauthpass sizeof smtpauthpass else die read smtpauthtimestamp 0 0 auth argv 1 smtpauth argv 1 change checkpass prg auth argv 2 smtpauth argv 2 change checkpass prg auth argv 3 NULL change checkpass prg smtpauth authenticate return else if ret strncasecmp arg plain 5 0 int start static char smtpauthloginpass 200 while arg arg arg arg pass over the space while arg arg arg arg if arg arg if strlen arg 3 4 sizeof smtpauthloginpass out 535 input too long r n flush return here s the base64 encoded login password b64 pton arg smtpauthloginpass sizeof smtpauthloginpass 1 else int i out 334 ok go on r n flush i smtpauth getl if i sizeof smtpauthloginpass out 535 input too long r n flush return else b64 pton smtpauth s smtpauthloginpass sizeof smtpauthloginpass 1 smtpauthloginpass sizeof smtpauthloginpass 1 0 start strlen smtpauthloginpass 1 if start sizeof smtpauthloginpass strlen smtpauthloginpass start 65 out 535 malformed input r n flush return strcpy smtpauthlogin smtpauthloginpass start start strlen smtpauthlogin 1 if start sizeof smtpauthloginpass strlen smtpauthloginpass start 65 out 535 malformed input r n flush return strcpy smtpauthpass smtpauthloginpass start smtpauthtimestamp 0 0 auth argv 1 smtpauth argv 1 change checkpass prg auth argv 2 smtpauth argv 2 change checkpass prg auth argv 3 NULL change checkpass prg smtpauth authenticate return else if ret strncasecmp arg cram md5 8 0 char helper char s int i static stralloc me 0 static stralloc greet 0 static stralloc greetenc 0 i control readline me control me if i 1 out 535 internal server error r n flush exit 0 for i 0 i greet s greet len 0 obscure fix but it works stralloc readyplus greet 3 if greetenc len for i 0 i 0 s calloc size t strlen smtpauth s size t 1 b64 pton smtpauth s s strlen smtpauth s helper strtok s if helper NULL strncpy smtpauthlogin helper 64 else out 535 malformed input r n return helper strtok NULL if helper NULL strncpy smtpauthtimestamp helper 64 else out 535 malformed input r n return strncpy smtpauthpass greet s 64 auth argv 1 smtpauth argv 3 change checkpass prg auth argv 2 smtpauth argv 4 change checkpass prg auth argv 3 NULL change checkpass prg smtpauth authenticate return else out 504 auth type not supported r n flush return else out 503 you are already authenticated r n flush return endif struct commands smtpcommands rcpt smtp rcpt 0 mail smtp mail 0 data smtp data flush ifdef USE SMTPAUTH auth smtp auth flush endif quit smtp quit flush helo smtp helo flush ehlo smtp ehlo flush 1104 8 1401 11 0 err unimpl flush void main void main argc argv int argc char argv ifdef USE SMTPAUTH smtpauth argv argv endif ifdef TLS sig alarmcatch sigalrm endif qmail 1 03 patch20010301 orig hier c Thu Mar 1 23 33 39 2001 qmail 1 03 patch20010301 hier c Thu Mar 8 23 32 30 2001 152 6 152 7 c auto qmail bin qmail quotawarn auto uido auto gidq 0755 c auto qmail bin auth pop auto uido auto gidq 0700 c auto qmail bin auth imap auto uido auto gidq 0700 c auto qmail bin auth smtp auto uido auto gidq 0755 c auto qmail bin qmail ldaplookup auto uido auto gidq 0700 c auto qmail man man5 addresses 5 auto uido auto gidq 0644 qmail 1 03 patch20010301 orig checkpassword smtp c Sun Mar 11 20 07 55 2001 qmail 1 03 patch20010301 checkpassword smtp c Sun Mar 11 20 01 44 2001 0 0 1 589 checkpasswd smtp c Henning Brauer include qmail ldap h include stralloc h include auth mod h include qldap ldaplib h include qldap errno h include readwrite h include error h include str h include open h include substdio h include getln h include include include compatibility h include digest md4 h include digest md5 h include digest rmd160 h include digest sha1 h include select h include ipalloc h include dns h include timeoutconn h include byte h include scan h include fmt h include alloc h include check h include qldap debug h Edit the first lines in the Makefile to enable local passwd lookups and debug options To use shadow passwords under Solaris uncomment the SHADOWOPTS line in the Makefile To use shadow passwords under Linux uncomment the SHADOWOPTS line and the SHADOWLIBS lshadow line in the Makefile include ifdef PW SHADOW include endif ifdef AIX include endif extern stralloc qldap me extern stralloc qldap objectclass int rebind int cluster static int check ldap stralloc login stralloc authdata unsigned long uid unsigned long gid stralloc home stralloc maildir static int

    Original URL path: http://www.lifewithqmail.org/ldap/patches/smtp-auth/smtp-auth-20010411.patch (2016-04-29)
    Open archived version from archive


  • for extra info if make filter login filter create search filter debug 4 warning check ldap could not make a filter n qldap errno set by make filter return 1 search filter filter s ret ldap lookup search attrs info extra free stralloc filter free the old filter if ret 0 debug 4 warning check ldap ldap lookup not successful n qldap errno set by ldap lookup return 1 check the status of the account if info status STATUS BOUNCE qldap errno ACC DISABLED return 1 scan ulong info uid uid get uid gid and home scan ulong info gid gid the values are checked later XXX have a look at check c and qmail ldap h for chck pathb if chck pathb home s home len debug 2 warning check ldap path contains illegal chars n qldap errno ILL PATH return 1 if stralloc 0 home qldap errno ERRNO return 1 if stralloc 0 maildir qldap errno ERRNO return 1 free a part of the info struct alloc free info user alloc free info uid alloc free info gid if info homedir alloc free info homedir if info mms alloc free info mms if rebind search bind ok debug 32 check ldap ldap lookup sucessfully authenticated with rebind n return 0 if we got till here under rebind mode the user is authenticated else if rebind debug 32 check ldap ldap lookup authentication failed with rebind n qldap errno AUTH FAILED return 1 user authentification failed if extra 0 vals debug 2 warning check ldap password is missing for uid s n login qldap errno AUTH NEEDED return 1 ret cmp passwd unsigned char authdata s extra 0 vals 0 debug 32 check ldap password compare was s n ret 0 successful not successful ldap value free extra 0 vals return ret static int check passwd stralloc login stralloc authdata unsigned long uid unsigned long gid stralloc home stralloc md int ret struct passwd pw ifdef PW SHADOW struct spwd spw endif ifdef AIX struct userpw spw endif pw getpwnam login s if pw XXX unfortunately getpwnam hides temporary errors debug 32 check passwd user s not found in passwd db n login s qldap errno AUTH NOSUCH return 1 gid pw pw gid uid pw pw uid here we don t check the home and maildir path if a user has a faked passwd entry then you have a bigger problem on your system than just a guy how can read the mail of other users customers if stralloc copys home pw pw dir qldap errno ERRNO return 1 if get local maildir home md 1 function sets qldap errno return 1 debug 32 get local maildir maildir s n md s if stralloc 0 home qldap errno ERRNO auth error ifdef PW SHADOW spw getspnam login s if spw XXX again temp hidden qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw sp pwdp else no PW SHADOW ifdef AIX spw getuserpw login s if spw XXX and again qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw upw passwd else no AIX ret cmp passwd unsigned char authdata s pw pw passwd endif END AIX endif END PW SHADOW debug 32 check pw password compare was s n ret 0 successful not successful return ret static int cmp passwd unsigned char clear char encrypted define HASH LEN 100 XXX is this enough I think yes What do you think char hashed HASH LEN these to buffers can not be used for exploits char salt 33 int shift if encrypted 0 hashed if str diffn crypt encrypted 7 CRYPT shift 7 str copy hashed crypt clear encrypted shift else if str diffn MD4 encrypted 5 MD4 shift 5 MD4DataBase64 clear str len clear hashed sizeof hashed else if str diffn MD5 encrypted 5 MD5 shift 5 MD5DataBase64 clear str len clear hashed sizeof hashed else if str diffn NS MTA MD5 encrypted 12 NS MTA MD5 shift 12 if str len encrypted 76 qldap errno ILL AUTH return 1 boom byte copy salt 32 encrypted 44 salt 32 0 if ns mta hash alg hashed salt char clear 1 qldap errno ERRNO return 1 byte copy hashed 32 33 salt else if str diffn SHA encrypted 5 SHA shift 5 SHA1DataBase64 clear str len clear hashed sizeof hashed else if str diffn RMD160 encrypted 8 RMD160 shift 8 RMD160DataBase64 clear str len clear hashed sizeof hashed else unknown hash function detected shift 0 qldap errno ILL AUTH return 1 End getting correct hash func hashed debug 256 cpm passwd comparing hashed passwd s s n hashed encrypted if encrypted str diff hashed encrypted shift qldap errno AUTH FAILED return 1 hashed passwds are equal else crypt or clear text debug 256 cpm passwd comparing standart passwd s s n crypt clear encrypted encrypted if encrypted str diff encrypted crypt clear encrypted CLEARTEXTPASSWD ARE NOT GOOD so they are disabled by default ifdef CLEARTEXTPASSWD warning CLEARTEXT PASSWORD SUPPORT IS ON if encrypted str diff encrypted clear endif qldap errno AUTH FAILED return 1 ifdef CLEARTEXTPASSWD endif crypted or cleartext passwd ok end hashed or crypt clear text return 0 static int get local maildir stralloc home stralloc maildir substdio ss stralloc dotqmail 0 char buf 512 int match int fd if stralloc copy dotqmail home qldap errno ERRNO return 1 if stralloc cats dotqmail qmail qldap errno ERRNO return 1 if stralloc 0 dotqmail qldap errno ERRNO return 1 if fd open read dotqmail s 1 if errno error noent return 0 qldap errno ERRNO return 1 substdio fdbuf ss read fd buf sizeof buf while 1 if getln ss dotqmail match n 0 goto tryclose if match dotqmail len break if dotqmail s 0 dotqmail s 0 dotqmail s dotqmail len 2 is a maildir line if stralloc copy maildir dotqmail goto tryclose maildir s maildir len 1 0 break close fd for match 0 match outfd

    Original URL path: http://www.lifewithqmail.org/ldap/patches/smtp-auth/smtp-auth-20010501.patch (2016-04-29)
    Open archived version from archive


  • end marker for extra info if make filter login filter create search filter log 4 warning check ldap could not make a filter n qldap errno set by make filter return 1 search filter filter s ret ldap lookup search attrs info extra free stralloc filter free the old filter if ret 0 log 4 warning check ldap ldap lookup not successful n qldap errno set by ldap lookup return 1 check the status of the account if info status STATUS BOUNCE qldap errno ACC DISABLED return 1 scan ulong info uid uid get uid gid and home scan ulong info gid gid the values are checked later XXX have a look at check c and qmail ldap h for chck pathb if chck pathb home s home len log 2 warning check ldap path contains illegal chars n qldap errno ILL PATH return 1 if stralloc 0 home qldap errno ERRNO return 1 if stralloc 0 maildir qldap errno ERRNO return 1 free a part of the info struct alloc free info user alloc free info uid alloc free info gid if info homedir alloc free info homedir if info mms alloc free info mms if rebind search bind ok log 32 check ldap ldap lookup sucessfully authenticated with rebind n return 0 if we got till here under rebind mode the user is authenticated else if rebind log 32 check ldap ldap lookup authentication failed with rebind n qldap errno AUTH FAILED return 1 user authentification failed if extra 0 vals log 2 warning check ldap password is missing for uid s n login qldap errno AUTH NEEDED return 1 ret cmp passwd unsigned char authdata s extra 0 vals 0 log 32 check ldap password compare was s n ret 0 successful not successful ldap value free extra 0 vals return ret static int check passwd stralloc login stralloc authdata unsigned long uid unsigned long gid stralloc home stralloc md int ret struct passwd pw ifdef PW SHADOW struct spwd spw endif ifdef AIX struct userpw spw endif pw getpwnam login s if pw XXX unfortunately getpwnam hides temporary errors log 32 check passwd user s not found in passwd db n login s qldap errno AUTH NOSUCH return 1 gid pw pw gid uid pw pw uid here we don t check the home and maildir path if a user has a faked passwd entry then you have a bigger problem on your system than just a guy how can read the mail of other users customers if stralloc copys home pw pw dir qldap errno ERRNO return 1 if get local maildir home md 1 function sets qldap errno return 1 log 32 get local maildir maildir s n md s if stralloc 0 home qldap errno ERRNO auth error ifdef PW SHADOW spw getspnam login s if spw XXX again temp hidden qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw sp pwdp else no PW SHADOW ifdef AIX spw getuserpw login s if spw XXX and again qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw upw passwd else no AIX ret cmp passwd unsigned char authdata s pw pw passwd endif END AIX endif END PW SHADOW log 32 check pw password compare was s n ret 0 successful not successful return ret static int cmp passwd unsigned char clear char encrypted define HASH LEN 100 XXX is this enough I think yes What do you think char hashed HASH LEN these to buffers can not be used for exploits char salt 33 int shift if encrypted 0 hashed if str diffn crypt encrypted 7 CRYPT shift 7 str copy hashed crypt clear encrypted shift else if str diffn MD4 encrypted 5 MD4 shift 5 MD4DataBase64 clear str len clear hashed sizeof hashed else if str diffn MD5 encrypted 5 MD5 shift 5 MD5DataBase64 clear str len clear hashed sizeof hashed else if str diffn NS MTA MD5 encrypted 12 NS MTA MD5 shift 12 if str len encrypted 76 qldap errno ILL AUTH return 1 boom byte copy salt 32 encrypted 44 salt 32 0 if ns mta hash alg hashed salt char clear 1 qldap errno ERRNO return 1 byte copy hashed 32 33 salt else if str diffn SHA encrypted 5 SHA shift 5 SHA1DataBase64 clear str len clear hashed sizeof hashed else if str diffn RMD160 encrypted 8 RMD160 shift 8 RMD160DataBase64 clear str len clear hashed sizeof hashed else unknown hash function detected shift 0 qldap errno ILL AUTH return 1 End getting correct hash func hashed log 256 cpm passwd comparing hashed passwd s s n hashed encrypted if encrypted str diff hashed encrypted shift qldap errno AUTH FAILED return 1 hashed passwds are equal else crypt or clear text log 256 cpm passwd comparing standart passwd s s n crypt clear encrypted encrypted if encrypted str diff encrypted crypt clear encrypted CLEARTEXTPASSWD ARE NOT GOOD so they are disabled by default ifdef CLEARTEXTPASSWD warning CLEARTEXT PASSWORD SUPPORT IS ON if encrypted str diff encrypted clear endif qldap errno AUTH FAILED return 1 ifdef CLEARTEXTPASSWD endif crypted or cleartext passwd ok end hashed or crypt clear text return 0 static int get local maildir stralloc home stralloc maildir substdio ss stralloc dotqmail 0 char buf 512 int match int fd if stralloc copy dotqmail home qldap errno ERRNO return 1 if stralloc cats dotqmail qmail qldap errno ERRNO return 1 if stralloc 0 dotqmail qldap errno ERRNO return 1 if fd open read dotqmail s 1 if errno error noent return 0 qldap errno ERRNO return 1 substdio fdbuf ss read fd buf sizeof buf while 1 if getln ss dotqmail match n 0 goto tryclose if match dotqmail len break if dotqmail s 0 dotqmail s 0 dotqmail s dotqmail len 2 is a maildir line if stralloc copy maildir dotqmail goto tryclose maildir s maildir len 1 0 break close fd for match 0

    Original URL path: http://www.lifewithqmail.org/ldap/patches/smtp-auth/smtp-auth-20010801.patch (2016-04-29)
    Open archived version from archive


  • search bindpw 0 rebind off extra 1 what 0 end marker for extra info if make filter login filter create search filter log 4 warning check ldap could not make a filter n qldap errno set by make filter return 1 search filter filter s if ret qldap open 1 ret qldap lookup search attrs info extra qldap close free stralloc filter free the old filter if ret 0 log 4 warning check ldap qldap lookup not successful n qldap errno set by qldap lookup return 1 check the status of the account if info status STATUS BOUNCE qldap errno ACC DISABLED return 1 scan ulong info uid uid get uid gid and home scan ulong info gid gid the values are checked later XXX have a look at check c and qmail ldap h for chck pathb if chck pathb home s home len log 2 warning check ldap path contains illegal chars n qldap errno ILL PATH return 1 if stralloc 0 home qldap errno ERRNO return 1 if stralloc 0 maildir qldap errno ERRNO return 1 free a part of the info struct alloc free info user alloc free info uid alloc free info gid if info homedir alloc free info homedir if info mms alloc free info mms if rebind search bind ok log 32 check ldap qldap lookup sucessfully authenticated with rebind n return 0 if we got till here under rebind mode the user is authenticated else if rebind log 32 check ldap qldap lookup authentication failed with rebind n qldap errno AUTH FAILED return 1 user authentification failed if extra 0 vals log 2 warning check ldap password is missing for uid s n login qldap errno AUTH NEEDED return 1 ret cmp passwd unsigned char authdata s extra 0 vals 0 log 32 check ldap password compare was s n ret 0 successful not successful ldap value free extra 0 vals return ret static int check passwd stralloc login stralloc authdata unsigned long uid unsigned long gid stralloc home stralloc md int ret struct passwd pw ifdef PW SHADOW struct spwd spw endif ifdef AIX struct userpw spw endif pw getpwnam login s if pw XXX unfortunately getpwnam hides temporary errors log 32 check passwd user s not found in passwd db n login s qldap errno AUTH NOSUCH return 1 gid pw pw gid uid pw pw uid here we don t check the home and maildir path if a user has a faked passwd entry then you have a bigger problem on your system than just a guy how can read the mail of other users customers if stralloc copys home pw pw dir qldap errno ERRNO return 1 if get local maildir home md 1 function sets qldap errno return 1 log 32 get local maildir maildir s n md s if stralloc 0 home qldap errno ERRNO auth error ifdef PW SHADOW spw getspnam login s if spw XXX again temp hidden qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw sp pwdp else no PW SHADOW ifdef AIX spw getuserpw login s if spw XXX and again qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw upw passwd else no AIX ret cmp passwd unsigned char authdata s pw pw passwd endif END AIX endif END PW SHADOW log 32 check pw password compare was s n ret 0 successful not successful return ret static int cmp passwd unsigned char clear char encrypted define HASH LEN 100 XXX is this enough I think yes What do you think char hashed HASH LEN these to buffers can not be used for exploits char salt 33 int shift if encrypted 0 hashed if str diffn crypt encrypted 7 CRYPT shift 7 str copy hashed crypt clear encrypted shift else if str diffn MD4 encrypted 5 MD4 shift 5 MD4DataBase64 clear str len clear hashed sizeof hashed else if str diffn MD5 encrypted 5 MD5 shift 5 MD5DataBase64 clear str len clear hashed sizeof hashed else if str diffn NS MTA MD5 encrypted 12 NS MTA MD5 shift 12 if str len encrypted 76 qldap errno ILL AUTH return 1 boom byte copy salt 32 encrypted 44 salt 32 0 if ns mta hash alg hashed salt char clear 1 qldap errno ERRNO return 1 byte copy hashed 32 33 salt else if str diffn SHA encrypted 5 SHA shift 5 SHA1DataBase64 clear str len clear hashed sizeof hashed else if str diffn RMD160 encrypted 8 RMD160 shift 8 RMD160DataBase64 clear str len clear hashed sizeof hashed else unknown hash function detected shift 0 qldap errno ILL AUTH return 1 End getting correct hash func hashed log 256 cpm passwd comparing hashed passwd s s n hashed encrypted if encrypted str diff hashed encrypted shift qldap errno AUTH FAILED return 1 hashed passwds are equal else crypt or clear text log 256 cpm passwd comparing standart passwd s s n crypt clear encrypted encrypted if encrypted str diff encrypted crypt clear encrypted CLEARTEXTPASSWD ARE NOT GOOD so they are disabled by default ifdef CLEARTEXTPASSWD warning CLEARTEXT PASSWORD SUPPORT IS ON if encrypted str diff encrypted clear endif qldap errno AUTH FAILED return 1 ifdef CLEARTEXTPASSWD endif crypted or cleartext passwd ok end hashed or crypt clear text return 0 static int get local maildir stralloc home stralloc maildir substdio ss stralloc dotqmail 0 char buf 512 int match int fd if stralloc copy dotqmail home qldap errno ERRNO return 1 if stralloc cats dotqmail qmail qldap errno ERRNO return 1 if stralloc 0 dotqmail qldap errno ERRNO return 1 if fd open read dotqmail s 1 if errno error noent return 0 qldap errno ERRNO return 1 substdio fdbuf ss read fd buf sizeof buf while 1 if getln ss dotqmail match n 0 goto tryclose if match dotqmail len break if dotqmail s 0 dotqmail s 0 dotqmail s dotqmail len 2 is a maildir line if stralloc copy

    Original URL path: http://www.lifewithqmail.org/ldap/patches/smtp-auth/smtp-auth-20011001.patch (2016-04-29)
    Open archived version from archive


  • n login s authdata s if authdata len s attrs 7 0 rebind on check passwd via ldap rebind else extra 0 what LDAP PASSWD need to get the crypted password search bindpw 0 rebind off extra 1 what 0 end marker for extra info if make filter login filter create search filter log 4 warning check ldap could not make a filter n qldap errno set by make filter return 1 search filter filter s if ret qldap open 1 ret qldap lookup search attrs info extra qldap close free stralloc filter free the old filter if ret 0 log 4 warning check ldap qldap lookup not successful n qldap errno set by qldap lookup return 1 check the status of the account if info status STATUS BOUNCE qldap errno ACC DISABLED return 1 scan ulong info uid uid get uid gid and home scan ulong info gid gid the values are checked later XXX have a look at check c and qmail ldap h for chck pathb if chck pathb home s home len log 2 warning check ldap path contains illegal chars n qldap errno ILL PATH return 1 if stralloc 0 home qldap errno ERRNO return 1 if stralloc 0 maildir qldap errno ERRNO return 1 free a part of the info struct alloc free info user alloc free info uid alloc free info gid if info homedir alloc free info homedir if info mms alloc free info mms if rebind search bind ok log 32 check ldap qldap lookup sucessfully authenticated with rebind n return 0 if we got till here under rebind mode the user is authenticated else if rebind log 32 check ldap qldap lookup authentication failed with rebind n qldap errno AUTH FAILED return 1 user authentification failed if extra 0 vals log 2 warning check ldap password is missing for uid s n login qldap errno AUTH NEEDED return 1 ret cmp passwd unsigned char authdata s extra 0 vals 0 log 32 check ldap password compare was s n ret 0 successful not successful ldap value free extra 0 vals return ret static int check passwd stralloc login stralloc authdata unsigned long uid unsigned long gid stralloc home stralloc md int ret struct passwd pw ifdef PW SHADOW struct spwd spw endif ifdef AIX struct userpw spw endif pw getpwnam login s if pw XXX unfortunately getpwnam hides temporary errors log 32 check passwd user s not found in passwd db n login s qldap errno AUTH NOSUCH return 1 gid pw pw gid uid pw pw uid here we don t check the home and maildir path if a user has a faked passwd entry then you have a bigger problem on your system than just a guy how can read the mail of other users customers if stralloc copys home pw pw dir qldap errno ERRNO return 1 if get local maildir home md 1 function sets qldap errno return 1 log 32 get local maildir maildir s n md s if stralloc 0 home qldap errno ERRNO auth error ifdef PW SHADOW spw getspnam login s if spw XXX again temp hidden qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw sp pwdp else no PW SHADOW ifdef AIX spw getuserpw login s if spw XXX and again qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw upw passwd else no AIX ret cmp passwd unsigned char authdata s pw pw passwd endif END AIX endif END PW SHADOW log 32 check pw password compare was s n ret 0 successful not successful return ret static int cmp passwd unsigned char clear char encrypted define HASH LEN 100 XXX is this enough I think yes What do you think char hashed HASH LEN these to buffers can not be used for exploits char salt 33 int shift if encrypted 0 hashed if str diffn crypt encrypted 7 CRYPT shift 7 str copy hashed crypt clear encrypted shift else if str diffn MD4 encrypted 5 MD4 shift 5 MD4DataBase64 clear str len clear hashed sizeof hashed else if str diffn MD5 encrypted 5 MD5 shift 5 MD5DataBase64 clear str len clear hashed sizeof hashed else if str diffn NS MTA MD5 encrypted 12 NS MTA MD5 shift 12 if str len encrypted 76 qldap errno ILL AUTH return 1 boom byte copy salt 32 encrypted 44 salt 32 0 if ns mta hash alg hashed salt char clear 1 qldap errno ERRNO return 1 byte copy hashed 32 33 salt else if str diffn SHA encrypted 5 SHA shift 5 SHA1DataBase64 clear str len clear hashed sizeof hashed else if str diffn RMD160 encrypted 8 RMD160 shift 8 RMD160DataBase64 clear str len clear hashed sizeof hashed else unknown hash function detected shift 0 qldap errno ILL AUTH return 1 End getting correct hash func hashed log 256 cpm passwd comparing hashed passwd s s n hashed encrypted if encrypted str diff hashed encrypted shift qldap errno AUTH FAILED return 1 hashed passwds are equal else crypt or clear text log 256 cpm passwd comparing standart passwd s s n crypt clear encrypted encrypted if encrypted str diff encrypted crypt clear encrypted CLEARTEXTPASSWD ARE NOT GOOD so they are disabled by default ifdef CLEARTEXTPASSWD warning CLEARTEXT PASSWORD SUPPORT IS ON if encrypted str diff encrypted clear endif qldap errno AUTH FAILED return 1 ifdef CLEARTEXTPASSWD endif crypted or cleartext passwd ok end hashed or crypt clear text return 0 static int get local maildir stralloc home stralloc maildir substdio ss stralloc dotqmail 0 char buf 512 int match int fd if stralloc copy dotqmail home qldap errno ERRNO return 1 if stralloc cats dotqmail qmail qldap errno ERRNO return 1 if stralloc 0 dotqmail qldap errno ERRNO return 1 if fd open read dotqmail s 1 if errno error noent return 0 qldap errno ERRNO return 1 substdio fdbuf ss read fd buf sizeof buf while 1 if getln

    Original URL path: http://www.lifewithqmail.org/ldap/patches/smtp-auth/smtp-auth-20020501a.patch (2016-04-29)
    Open archived version from archive


  • s n login s authdata s if authdata len s attrs 7 0 rebind on check passwd via ldap rebind else extra 0 what LDAP PASSWD need to get the crypted password search bindpw 0 rebind off extra 1 what 0 end marker for extra info if make filter login filter create search filter log 4 warning check ldap could not make a filter n qldap errno set by make filter return 1 search filter filter s if ret qldap open 1 ret qldap lookup search attrs info extra qldap close free stralloc filter free the old filter if ret 0 log 4 warning check ldap qldap lookup not successful n qldap errno set by qldap lookup return 1 check the status of the account if info status STATUS BOUNCE qldap errno ACC DISABLED return 1 scan ulong info uid uid get uid gid and home scan ulong info gid gid the values are checked later XXX have a look at check c and qmail ldap h for chck pathb if chck pathb home s home len log 2 warning check ldap path contains illegal chars n qldap errno ILL PATH return 1 if stralloc 0 home qldap errno ERRNO return 1 if stralloc 0 maildir qldap errno ERRNO return 1 free a part of the info struct alloc free info user alloc free info uid alloc free info gid if info homedir alloc free info homedir if info mms alloc free info mms if rebind search bind ok log 32 check ldap qldap lookup sucessfully authenticated with rebind n return 0 if we got till here under rebind mode the user is authenticated else if rebind log 32 check ldap qldap lookup authentication failed with rebind n qldap errno AUTH FAILED return 1 user authentification failed if extra 0 vals log 2 warning check ldap password is missing for uid s n login qldap errno AUTH NEEDED return 1 ret cmp passwd unsigned char authdata s extra 0 vals 0 log 32 check ldap password compare was s n ret 0 successful not successful ldap value free extra 0 vals return ret static int check passwd stralloc login stralloc authdata unsigned long uid unsigned long gid stralloc home stralloc md int ret struct passwd pw ifdef PW SHADOW struct spwd spw endif ifdef AIX struct userpw spw endif pw getpwnam login s if pw XXX unfortunately getpwnam hides temporary errors log 32 check passwd user s not found in passwd db n login s qldap errno AUTH NOSUCH return 1 gid pw pw gid uid pw pw uid here we don t check the home and maildir path if a user has a faked passwd entry then you have a bigger problem on your system than just a guy how can read the mail of other users customers if stralloc copys home pw pw dir qldap errno ERRNO return 1 if get local maildir home md 1 function sets qldap errno return 1 log 32 get local maildir maildir s n md s if stralloc 0 home qldap errno ERRNO auth error ifdef PW SHADOW spw getspnam login s if spw XXX again temp hidden qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw sp pwdp else no PW SHADOW ifdef AIX spw getuserpw login s if spw XXX and again qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw upw passwd else no AIX ret cmp passwd unsigned char authdata s pw pw passwd endif END AIX endif END PW SHADOW log 32 check pw password compare was s n ret 0 successful not successful return ret static int cmp passwd unsigned char clear char encrypted define HASH LEN 100 XXX is this enough I think yes What do you think char hashed HASH LEN these to buffers can not be used for exploits char salt 33 int shift if encrypted 0 hashed if str diffn crypt encrypted 7 CRYPT shift 7 str copy hashed crypt clear encrypted shift else if str diffn MD4 encrypted 5 MD4 shift 5 MD4DataBase64 clear str len clear hashed sizeof hashed else if str diffn MD5 encrypted 5 MD5 shift 5 MD5DataBase64 clear str len clear hashed sizeof hashed else if str diffn NS MTA MD5 encrypted 12 NS MTA MD5 shift 12 if str len encrypted 76 qldap errno ILL AUTH return 1 boom byte copy salt 32 encrypted 44 salt 32 0 if ns mta hash alg hashed salt char clear 1 qldap errno ERRNO return 1 byte copy hashed 32 33 salt else if str diffn SHA encrypted 5 SHA shift 5 SHA1DataBase64 clear str len clear hashed sizeof hashed else if str diffn RMD160 encrypted 8 RMD160 shift 8 RMD160DataBase64 clear str len clear hashed sizeof hashed else unknown hash function detected shift 0 qldap errno ILL AUTH return 1 End getting correct hash func hashed log 256 cpm passwd comparing hashed passwd s s n hashed encrypted if encrypted str diff hashed encrypted shift qldap errno AUTH FAILED return 1 hashed passwds are equal else crypt or clear text log 256 cpm passwd comparing standart passwd s s n crypt clear encrypted encrypted if encrypted str diff encrypted crypt clear encrypted CLEARTEXTPASSWD ARE NOT GOOD so they are disabled by default ifdef CLEARTEXTPASSWD warning CLEARTEXT PASSWORD SUPPORT IS ON if encrypted str diff encrypted clear endif qldap errno AUTH FAILED return 1 ifdef CLEARTEXTPASSWD endif crypted or cleartext passwd ok end hashed or crypt clear text return 0 static int get local maildir stralloc home stralloc maildir substdio ss stralloc dotqmail 0 char buf 512 int match int fd if stralloc copy dotqmail home qldap errno ERRNO return 1 if stralloc cats dotqmail qmail qldap errno ERRNO return 1 if stralloc 0 dotqmail qldap errno ERRNO return 1 if fd open read dotqmail s 1 if errno error noent return 0 qldap errno ERRNO return 1 substdio fdbuf ss read fd buf sizeof buf while 1 if

    Original URL path: http://www.lifewithqmail.org/ldap/patches/smtp-auth/smtp-auth-20030301.patch (2016-04-29)
    Open archived version from archive


  • to get XXX passwords via debug on normal systems auth init argc argv login authdata log 256 auth init login s authdata s n login s authdata s if authdata len s attrs 7 0 rebind on check passwd via ldap rebind else extra 0 what LDAP PASSWD need to get the crypted password search bindpw 0 rebind off extra 1 what 0 end marker for extra info if make filter login filter create search filter log 4 warning check ldap could not make a filter n qldap errno set by make filter return 1 search filter filter s if ret qldap open 1 ret qldap lookup search attrs info extra qldap close free stralloc filter free the old filter if ret 0 log 4 warning check ldap qldap lookup not successful n qldap errno set by qldap lookup return 1 check the status of the account if info status STATUS BOUNCE qldap errno ACC DISABLED return 1 scan ulong info uid uid get uid gid and home scan ulong info gid gid the values are checked later XXX have a look at check c and qmail ldap h for chck pathb if chck pathb home s home len log 2 warning check ldap path contains illegal chars n qldap errno ILL PATH return 1 if stralloc 0 home qldap errno ERRNO return 1 if stralloc 0 maildir qldap errno ERRNO return 1 free a part of the info struct alloc free info user alloc free info uid alloc free info gid if info homedir alloc free info homedir if info mms alloc free info mms if rebind search bind ok log 32 check ldap qldap lookup sucessfully authenticated with rebind n return 0 if we got till here under rebind mode the user is authenticated else if rebind log 32 check ldap qldap lookup authentication failed with rebind n qldap errno AUTH FAILED return 1 user authentification failed if extra 0 vals log 2 warning check ldap password is missing for uid s n login qldap errno AUTH NEEDED return 1 ret cmp passwd unsigned char authdata s extra 0 vals 0 log 32 check ldap password compare was s n ret 0 successful not successful ldap value free extra 0 vals return ret static int check passwd stralloc login stralloc authdata unsigned long uid unsigned long gid stralloc home stralloc md int ret struct passwd pw ifdef PW SHADOW struct spwd spw endif ifdef AIX struct userpw spw endif pw getpwnam login s if pw XXX unfortunately getpwnam hides temporary errors log 32 check passwd user s not found in passwd db n login s qldap errno AUTH NOSUCH return 1 gid pw pw gid uid pw pw uid here we don t check the home and maildir path if a user has a faked passwd entry then you have a bigger problem on your system than just a guy how can read the mail of other users customers if stralloc copys home pw pw dir qldap errno ERRNO return 1 if get local maildir home md 1 function sets qldap errno return 1 log 32 get local maildir maildir s n md s if stralloc 0 home qldap errno ERRNO auth error ifdef PW SHADOW spw getspnam login s if spw XXX again temp hidden qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw sp pwdp else no PW SHADOW ifdef AIX spw getuserpw login s if spw XXX and again qldap errno AUTH ERROR return 1 ret cmp passwd unsigned char authdata s spw upw passwd else no AIX ret cmp passwd unsigned char authdata s pw pw passwd endif END AIX endif END PW SHADOW log 32 check pw password compare was s n ret 0 successful not successful return ret static int cmp passwd unsigned char clear char encrypted define HASH LEN 100 XXX is this enough I think yes What do you think char hashed HASH LEN these to buffers can not be used for exploits char salt 33 int shift if encrypted 0 hashed if str diffn crypt encrypted 7 CRYPT shift 7 str copy hashed crypt clear encrypted shift else if str diffn MD4 encrypted 5 MD4 shift 5 MD4DataBase64 clear str len clear hashed sizeof hashed else if str diffn MD5 encrypted 5 MD5 shift 5 MD5DataBase64 clear str len clear hashed sizeof hashed else if str diffn NS MTA MD5 encrypted 12 NS MTA MD5 shift 12 if str len encrypted 76 qldap errno ILL AUTH return 1 boom byte copy salt 32 encrypted 44 salt 32 0 if ns mta hash alg hashed salt char clear 1 qldap errno ERRNO return 1 byte copy hashed 32 33 salt else if str diffn SHA encrypted 5 SHA shift 5 SHA1DataBase64 clear str len clear hashed sizeof hashed else if str diffn RMD160 encrypted 8 RMD160 shift 8 RMD160DataBase64 clear str len clear hashed sizeof hashed else unknown hash function detected shift 0 qldap errno ILL AUTH return 1 End getting correct hash func hashed log 256 cpm passwd comparing hashed passwd s s n hashed encrypted if encrypted str diff hashed encrypted shift qldap errno AUTH FAILED return 1 hashed passwds are equal else crypt or clear text log 256 cpm passwd comparing standart passwd s s n crypt clear encrypted encrypted if encrypted str diff encrypted crypt clear encrypted CLEARTEXTPASSWD ARE NOT GOOD so they are disabled by default ifdef CLEARTEXTPASSWD warning CLEARTEXT PASSWORD SUPPORT IS ON if encrypted str diff encrypted clear endif qldap errno AUTH FAILED return 1 ifdef CLEARTEXTPASSWD endif crypted or cleartext passwd ok end hashed or crypt clear text return 0 static int get local maildir stralloc home stralloc maildir substdio ss stralloc dotqmail 0 char buf 512 int match int fd if stralloc copy dotqmail home qldap errno ERRNO return 1 if stralloc cats dotqmail qmail qldap errno ERRNO return 1 if stralloc 0 dotqmail qldap errno ERRNO return 1 if fd open read dotqmail s 1

    Original URL path: http://www.lifewithqmail.org/ldap/patches/smtp-auth/smtp-auth-20030801.patch (2016-04-29)
    Open archived version from archive

  • Index of /ldap/patches/rbltag
    02 rbltag old patch 20 Apr 2001 17 26 3k rbltag 20011001a patch 10 Dec 2001 13 55 9k rbltag 20010801 patch 03 Aug 2001 15 36 9k rbltag 20010421 patch 07 May 2001 19 00 9k THIS ONE IS

    Original URL path: http://www.lifewithqmail.org/ldap/patches/rbltag/?N=D (2016-04-29)
    Open archived version from archive



  •