Commit 21459954 21459954c24a8e1669ee78370cade4e5dc224739 by Sergey Poznyakoff

Return meaningful error codes.

1 parent 29b867a3
......@@ -451,26 +451,37 @@ mu_radius_authenticate (struct mu_auth_data **return_data ARG_UNUSED,
const void *key,
void *func_data ARG_UNUSED, void *call_data)
{
int rc;
int rc, code;
grad_request_t *reply;
const struct mu_auth_data *auth_data = key;
if (!radius_auth_enabled)
{
errno = ENOSYS;
return 1;
}
return ENOSYS;
if (!auth_request)
{
mu_error (_("--radius-auth-request is not specified"));
return 1;
return EINVAL;
}
reply = send_request (auth_request, RT_ACCESS_REQUEST,
auth_data->name, (char*) call_data);
rc = !reply || reply->code != RT_ACCESS_ACCEPT;
if (!reply)
return EAGAIN;
switch (reply->code) {
case RT_ACCESS_ACCEPT:
rc = 0;
break;
case RT_ACCESS_CHALLENGE:
/* Should return another code here? */
default:
rc = MU_ERR_AUTH_FAILURE;
}
grad_request_free (reply);
return rc;
}
......@@ -479,31 +490,35 @@ mu_auth_radius_user_by_name (struct mu_auth_data **return_data,
const void *key,
void *unused_func_data, void *unused_call_data)
{
int rc = 1;
int rc = MU_ERR_AUTH_FAILURE;
grad_request_t *reply;
if (!radius_auth_enabled)
{
errno = ENOSYS;
return 1;
}
return ENOSYS;
if (!getpwnam_request)
{
mu_error (_("--radius-getpwnam-request is not specified"));
return 1;
return MU_ERR_FAILURE;
}
reply = send_request (getpwnam_request, RT_ACCESS_REQUEST, key, NULL);
if (!reply)
mu_error (_("radius server did not respond"));
else if (reply->code != RT_ACCESS_ACCEPT)
mu_error (_("%s: server returned %s"),
(char*) key,
grad_request_code_to_name (reply->code));
{
mu_error (_("radius server did not respond"));
rc = EAGAIN;
}
else
rc = decode_reply (reply, key, "x", return_data);
grad_request_free (reply);
{
if (reply->code != RT_ACCESS_ACCEPT)
mu_error (_("%s: server returned %s"),
(char*) key,
grad_request_code_to_name (reply->code));
else
rc = decode_reply (reply, key, "x", return_data);
grad_request_free (reply);
}
return rc;
}
......@@ -512,39 +527,37 @@ mu_auth_radius_user_by_uid (struct mu_auth_data **return_data,
const void *key,
void *func_data, void *call_data)
{
int rc = 1;
int rc = MU_ERR_AUTH_FAILURE;
grad_request_t *reply;
char uidstr[64];
if (!radius_auth_enabled)
{
errno = ENOSYS;
return 1;
}
return ENOSYS;
if (!key)
{
errno = EINVAL;
return 1;
}
return EINVAL;
if (!getpwuid_request)
{
mu_error (_("--radius-getpwuid-request is not specified"));
return 1;
return MU_ERR_FAILURE;
}
snprintf (uidstr, sizeof (uidstr), "%u", *(uid_t*)key);
reply = send_request (getpwuid_request, RT_ACCESS_REQUEST, uidstr, NULL);
if (!reply)
{
mu_error (_("radius server did not respond"));
rc = EAGAIN;
}
if (reply->code != RT_ACCESS_ACCEPT)
{
mu_error (_("uid %s: server returned %s"), uidstr,
grad_request_code_to_name (reply->code));
}
else
{
rc = decode_reply (reply, uidstr, "x", return_data);
}
rc = decode_reply (reply, uidstr, "x", return_data);
grad_request_free (reply);
return rc;
}
......@@ -560,8 +573,7 @@ mu_radius_authenticate (struct mu_auth_data **return_data ARG_UNUSED,
const void *key,
void *func_data ARG_UNUSED, void *call_data)
{
errno = ENOSYS;
return 1;
return ENOSYS;
}
static int
......@@ -570,8 +582,7 @@ mu_auth_radius_user_by_name (struct mu_auth_data **return_data ARG_UNUSED,
void *func_data ARG_UNUSED,
void *call_data ARG_UNUSED)
{
errno = ENOSYS;
return 1;
return ENOSYS;
}
static int
......@@ -579,8 +590,7 @@ mu_auth_radius_user_by_uid (struct mu_auth_data **return_data,
const void *key,
void *func_data, void *call_data)
{
errno = ENOSYS;
return 1;
return ENOSYS;
}
#endif
......
......@@ -271,6 +271,56 @@ struct argp mu_sql_argp = {
};
static int
decode_tuple (mu_sql_connection_t conn, int n, struct mu_auth_data **return_data)
{
int rc;
char *mailbox_name = NULL;
char *name;
if (mu_sql_get_column (conn, 0, 0, &name))
return MU_ERR_FAILURE;
if (n == 7)
{
char *tmp;
if (mu_sql_get_column (conn, 0, 6, &tmp))
return MU_ERR_FAILURE;
if ((mailbox_name = strdup (tmp)) == NULL)
return ENOMEM;
}
else if (mu_construct_user_mailbox_url (&mailbox_name, name))
return MU_ERR_FAILURE;
if (mailbox_name)
{
char *passwd, *suid, *sgid, *dir, *shell;
if (mu_sql_get_column (conn, 0, 1, &passwd)
|| mu_sql_get_column (conn, 0, 2, &suid)
|| mu_sql_get_column (conn, 0, 3, &sgid)
|| mu_sql_get_column (conn, 0, 4, &dir)
|| mu_sql_get_column (conn, 0, 5, &shell))
return MU_ERR_FAILURE;
rc = mu_auth_data_alloc (return_data,
name,
passwd,
atoi (suid),
atoi (sgid),
"SQL User",
dir,
shell,
mailbox_name,
1);
}
else
rc = MU_ERR_AUTH_FAILURE;
free (mailbox_name);
return rc;
}
static int
mu_auth_sql_by_name (struct mu_auth_data **return_data,
const void *key,
void *func_data ARG_UNUSED,
......@@ -282,15 +332,12 @@ mu_auth_sql_by_name (struct mu_auth_data **return_data,
size_t n;
if (!key)
{
errno = EINVAL;
return 1;
}
return EINVAL;
query_str = mu_sql_expand_query (mu_sql_getpwnam_query, key);
if (!query_str)
return 1;
return MU_ERR_FAILURE;
status = mu_sql_connection_init (&conn,
sql_interface,
......@@ -304,7 +351,7 @@ mu_auth_sql_by_name (struct mu_auth_data **return_data,
mu_error ("%s: %s", mu_strerror (status), mu_sql_strerror (conn));
mu_sql_connection_destroy (&conn);
free (query_str);
return status;
return MU_ERR_FAILURE;
}
status = mu_sql_connect (conn);
......@@ -314,7 +361,7 @@ mu_auth_sql_by_name (struct mu_auth_data **return_data,
mu_error ("%s: %s", mu_strerror (status), mu_sql_strerror (conn));
mu_sql_connection_destroy (&conn);
free (query_str);
return status;
return EAGAIN;
}
status = mu_sql_query (conn, query_str);
......@@ -326,7 +373,7 @@ mu_auth_sql_by_name (struct mu_auth_data **return_data,
(status == MU_ERR_SQL) ? mu_sql_strerror (conn) :
mu_strerror (status));
mu_sql_connection_destroy (&conn);
return 1;
return MU_ERR_FAILURE;
}
status = mu_sql_store_result (conn);
......@@ -337,59 +384,14 @@ mu_auth_sql_by_name (struct mu_auth_data **return_data,
(status == MU_ERR_SQL) ? mu_sql_strerror (conn) :
mu_strerror (status));
mu_sql_connection_destroy (&conn);
return 1;
return MU_ERR_FAILURE;
}
mu_sql_num_tuples (conn, &n);
if (n == 0)
{
rc = 1;
}
rc = MU_ERR_AUTH_FAILURE;
else
{
char *mailbox_name = NULL;
char *name;
mu_sql_get_column (conn, 0, 0, &name);
if (n == 7)
{
char *tmp;
mu_sql_get_column (conn, 0, 6, &tmp);
mailbox_name = strdup (tmp);
}
else
{
mu_construct_user_mailbox_url (&mailbox_name, name);
/* FIXME: Error code is lost */
}
if (mailbox_name)
{
char *passwd, *suid, *sgid, *dir, *shell;
mu_sql_get_column (conn, 0, 1, &passwd);
mu_sql_get_column (conn, 0, 2, &suid);
mu_sql_get_column (conn, 0, 3, &sgid);
mu_sql_get_column (conn, 0, 4, &dir);
mu_sql_get_column (conn, 0, 5, &shell);
rc = mu_auth_data_alloc (return_data,
name,
passwd,
atoi (suid),
atoi (sgid),
"SQL User",
dir,
shell,
mailbox_name,
1);
}
else
rc = 1;
free (mailbox_name);
}
rc = decode_tuple (conn, n, return_data);
mu_sql_release_result (conn);
mu_sql_disconnect (conn);
......@@ -411,16 +413,13 @@ mu_auth_sql_by_uid (struct mu_auth_data **return_data,
size_t n;
if (!key)
{
errno = EINVAL;
return 1;
}
return EINVAL;
snprintf (uidstr, sizeof (uidstr), "%u", *(uid_t*)key);
query_str = mu_sql_expand_query (mu_sql_getpwuid_query, uidstr);
if (!query_str)
return 1;
return ENOMEM;
status = mu_sql_connection_init (&conn,
sql_interface,
......@@ -434,7 +433,7 @@ mu_auth_sql_by_uid (struct mu_auth_data **return_data,
mu_error ("%s: %s", mu_strerror (status), mu_sql_strerror (conn));
mu_sql_connection_destroy (&conn);
free (query_str);
return status;
return MU_ERR_FAILURE;
}
status = mu_sql_connect (conn);
......@@ -444,7 +443,7 @@ mu_auth_sql_by_uid (struct mu_auth_data **return_data,
mu_error ("%s: %s", mu_strerror (status), mu_sql_strerror (conn));
mu_sql_connection_destroy (&conn);
free (query_str);
return status;
return EAGAIN;
}
status = mu_sql_query (conn, query_str);
......@@ -456,7 +455,7 @@ mu_auth_sql_by_uid (struct mu_auth_data **return_data,
(status == MU_ERR_SQL) ? mu_sql_strerror (conn) :
mu_strerror (status));
mu_sql_connection_destroy (&conn);
return 1;
return MU_ERR_FAILURE;
}
status = mu_sql_store_result (conn);
......@@ -467,59 +466,15 @@ mu_auth_sql_by_uid (struct mu_auth_data **return_data,
(status == MU_ERR_SQL) ? mu_sql_strerror (conn) :
mu_strerror (status));
mu_sql_connection_destroy (&conn);
return 1;
return MU_ERR_FAILURE;
}
mu_sql_num_tuples (conn, &n);
if (n == 0)
{
rc = 1;
}
rc = MU_ERR_AUTH_FAILURE;
else
{
char *name;
char *mailbox_name = NULL;
mu_sql_get_column (conn, 0, 0, &name);
if (n == 7)
{
char *tmp;
mu_sql_get_column (conn, 0, 6, &tmp);
mailbox_name = strdup (tmp);
}
else
{
mu_construct_user_mailbox_url (&mailbox_name, name);
/* FIXME: Error code is lost */
}
if (mailbox_name)
{
char *passwd, *suid, *sgid, *dir, *shell;
mu_sql_get_column (conn, 0, 1, &passwd);
mu_sql_get_column (conn, 0, 2, &suid);
mu_sql_get_column (conn, 0, 3, &sgid);
mu_sql_get_column (conn, 0, 4, &dir);
mu_sql_get_column (conn, 0, 5, &shell);
rc = mu_auth_data_alloc (return_data,
name,
passwd,
atoi (suid),
atoi (sgid),
"SQL User",
dir,
shell,
mailbox_name,
1);
}
else
rc = 1;
free (mailbox_name);
}
rc = decode_tuple (conn, n, return_data);
mu_sql_release_result (conn);
mu_sql_disconnect (conn);
......@@ -553,7 +508,7 @@ mu_sql_getpass (const char *username, char **passwd)
mu_error ("%s: %s", mu_strerror (status), mu_sql_strerror (conn));
mu_sql_connection_destroy (&conn);
free (query_str);
return status;
return MU_ERR_FAILURE;
}
status = mu_sql_connect (conn);
......@@ -563,7 +518,7 @@ mu_sql_getpass (const char *username, char **passwd)
mu_error ("%s: %s", mu_strerror (status), mu_sql_strerror (conn));
mu_sql_connection_destroy (&conn);
free (query_str);
return status;
return EAGAIN;
}
status = mu_sql_query (conn, query_str);
......@@ -575,7 +530,7 @@ mu_sql_getpass (const char *username, char **passwd)
(status == MU_ERR_SQL) ? mu_sql_strerror (conn) :
mu_strerror (status));
mu_sql_connection_destroy (&conn);
return status;
return MU_ERR_FAILURE;
}
status = mu_sql_store_result (conn);
......@@ -586,7 +541,7 @@ mu_sql_getpass (const char *username, char **passwd)
(status == MU_ERR_SQL) ? mu_sql_strerror (conn) :
mu_strerror (status));
mu_sql_connection_destroy (&conn);
return status;
return MU_ERR_FAILURE;
}
status = mu_sql_get_column (conn, 0, 0, &sql_pass);
......@@ -597,7 +552,7 @@ mu_sql_getpass (const char *username, char **passwd)
mu_strerror (status));
mu_sql_release_result (conn);
mu_sql_connection_destroy (&conn);
return status;
return MU_ERR_FAILURE;
}
*passwd = strdup (sql_pass);
......@@ -622,10 +577,10 @@ mu_sql_authenticate (struct mu_auth_data **return_data ARG_UNUSED,
int rc;
if (!auth_data)
return 1;
return EINVAL;
if (mu_sql_getpass (auth_data->name, &sql_pass))
return 1;
if ((rc = mu_sql_getpass (auth_data->name, &sql_pass)))
return rc;
switch (mu_sql_password_type)
{
......@@ -640,6 +595,8 @@ mu_sql_authenticate (struct mu_auth_data **return_data ARG_UNUSED,
just as the rest of mu_sql_.* functions do */
#ifdef HAVE_MYSQL
rc = mu_check_mysql_scrambled_password (sql_pass, pass);
#else
rc = 1;
#endif
break;
......@@ -650,7 +607,7 @@ mu_sql_authenticate (struct mu_auth_data **return_data ARG_UNUSED,
free (sql_pass);
return rc;
return rc == 0 ? 0 : MU_ERR_AUTH_FAILURE;
}
#else
......
/* GNU Mailutils -- a suite of utilities for electronic mail
Copyright (C) 2002 Free Software Foundation, Inc.
Copyright (C) 2002, 2006 Free Software Foundation, Inc.
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
......@@ -52,6 +52,7 @@
#include <mailutils/argp.h>
#include <mailutils/mu_auth.h>
#include <mailutils/nls.h>
#include <mailutils/errno.h>
#ifdef ENABLE_VIRTUAL_DOMAINS
......@@ -143,20 +144,19 @@ mu_auth_virt_domain_by_name (struct mu_auth_data **return_data,
char *mailbox_name;
if (!key)
{
errno = EINVAL;
return 1;
}
return EINVAL;
pw = getpwnam_virtual (key);
if (!pw)
{
pw = getpwnam_ip_virtual (key);
if (!pw)
return 1;
return MU_ERR_AUTH_FAILURE;
}
mailbox_name = calloc (strlen (pw->pw_dir) + strlen ("/INBOX") + 1, 1);
if (!mailbox_name)
return ENOMEM;
sprintf (mailbox_name, "%s/INBOX", pw->pw_dir);
rc = mu_auth_data_alloc (return_data,
......@@ -208,8 +208,7 @@ mu_auth_virt_domain_by_name (struct mu_auth_data **return_data ARG_UNUSED,
void *func_data ARG_UNUSED,
void *call_data ARG_UNUSED)
{
errno = ENOSYS;
return 1;
return ENOSYS;
}
#endif
......
......@@ -42,6 +42,7 @@
#include <mailutils/mailbox.h>
#include <mailutils/argp.h>
#include <mailutils/mu_auth.h>
#include <mailutils/errno.h>
/* System database */
static int
......@@ -51,11 +52,11 @@ mu_auth_system (struct mu_auth_data **return_data, const struct passwd *pw)
int rc;
if (!pw)
return 1;
return MU_ERR_AUTH_FAILURE;
rc = mu_construct_user_mailbox_url (&mailbox_name, pw->pw_name);
if (rc)
return 1; /* FIXME: Return code is lost */
return rc; /* FIXME: Return code is lost */
rc = mu_auth_data_alloc (return_data,
pw->pw_name,
......@@ -78,10 +79,7 @@ mu_auth_system_by_name (struct mu_auth_data **return_data,
void *call_data ARG_UNUSED)
{
if (!key)
{
errno = EINVAL;
return 1;
}
return EINVAL;
return mu_auth_system (return_data, getpwnam (key));
}
......@@ -92,10 +90,7 @@ mu_auth_system_by_uid (struct mu_auth_data **return_data,
void *call_data ARG_UNUSED)
{
if (!key)
{
errno = EINVAL;
return 1;
}
return EINVAL;
return mu_auth_system (return_data, getpwuid (*(uid_t*) key));
}
......@@ -108,9 +103,12 @@ mu_authenticate_generic (struct mu_auth_data **return_data ARG_UNUSED,
const struct mu_auth_data *auth_data = key;
char *pass = call_data;
return !auth_data
|| !auth_data->passwd
|| strcmp (auth_data->passwd, crypt (pass, auth_data->passwd));
if (!auth_data || !pass)
return EINVAL;
return auth_data->passwd
&& strcmp (auth_data->passwd, crypt (pass, auth_data->passwd)) == 0 ?
0 : MU_ERR_AUTH_FAILURE;
}
/* Called only if generic fails */
......@@ -129,10 +127,11 @@ mu_authenticate_system (struct mu_auth_data **return_data ARG_UNUSED,
struct spwd *spw;
spw = getspnam (auth_data->name);
if (spw)
return strcmp (spw->sp_pwdp, crypt (pass, spw->sp_pwdp));
return strcmp (spw->sp_pwdp, crypt (pass, spw->sp_pwdp)) == 0 ?
0 : MU_ERR_AUTH_FAILURE;
}
#endif
return 1;
return MU_ERR_AUTH_FAILURE;
}
......