1 /**************************************************
2 OpengateM - MAC address authentication system
3 module for Authentication by POP3S
5 Copyright (C) 2002 Opengate Project Team
6 Written by Yoshiaki Watanabe
8 This program is free software; you can redistribute it and/or
9 modify it under the terms of the GNU General Public License
10 as published by the Free Software Foundation; either version 2
11 of the License, or (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22 Email: watanaby@is.saga-u.ac.jp
23 **************************************************/
25 Thanks to programs and documentations refered.
26 Sample client application cli.cpp found in the OpenSSL site
27 (developed by Sampo Kellomaki and simplified by Wade Scholine)
28 Apache module mod_auth_pam.c by Ingo Luetkebohle
31 #include "opengatemmng.h"
33 /*************************/
34 /* Authenticate by POP3S */
35 /*************************/
36 int authPop3s(char *userid, char *passwd)
41 char recvline[BUFFMAXLN];
45 const SSL_METHOD *meth;
47 /* get auth server address */
48 serverAddr=GetConfValue("AuthServer/Address");
50 if(isNull(serverAddr)){
51 err_msg("ERR at %s#%d: Missing address for POP3s server in config",
56 /* get auth server port */
57 port=GetConfValue("AuthServer/Port");
59 /* POP3S server connect */
61 sockfd = Tcp_connect(serverAddr, "pop3s");
63 sockfd = Tcp_connect(serverAddr, port);
66 err_msg("ERR at %s#%d: Pop3s server is not normal 0",__FILE__,__LINE__);
71 SSLeay_add_ssl_algorithms();
72 meth = SSLv23_client_method();
73 SSL_load_error_strings();
74 ctx = SSL_CTX_new (meth);
76 err_msg("ERR at %s#%d: SSL_CTX_new returns NULL",__FILE__,__LINE__);
80 /* ----------------------------------------------- */
81 /* start SSL negotiation. */
85 err_msg("ERR at %s#%d: SSL_new returns NULL",__FILE__,__LINE__);
89 SSL_set_fd (ssl, sockfd);
90 if( SSL_connect (ssl) == -1 ){
91 err_msg("ERR at %s#%d: SSL_connect returns error",__FILE__,__LINE__);
95 /* --------------------------------------------------- */
96 /* DATA EXCHANGE - Send a message and receive a reply. */
97 /* pop3 message exchange */
99 /* get [+OK POP3 <host> <ver> server ready]*/
100 if((n = readlnSSL(ssl, recvline, BUFFMAXLN)) < 0) {
101 err_msg("ERR at %s#%d: Pop3s server is not normal 1",__FILE__,__LINE__);
106 if(strstr(recvline,"+OK")!=recvline){
107 err_msg("ERR at %s#%d: Pop3s server is not normal 2",__FILE__,__LINE__);
112 /* put [user <userid>] */
113 WritefmtSSL(ssl, "user %s\r\n", userid);
115 /* get [+OK User name accepted, password please] */
116 if((n = readlnSSL(ssl, recvline, BUFFMAXLN)) < 0) {
117 err_msg("ERR at %s#%d: Pop3s server is not normal 3",__FILE__,__LINE__);
122 if(strstr(recvline,"+OK")!=recvline){
123 err_msg("ERR at %s#%d: Pop3s server is not normal 4",__FILE__,__LINE__);
128 /* put [pass <password>] */
129 WritefmtSSL(ssl, "pass %s\r\n", passwd);
131 /* get [+OK Mailbox open, <count> messages] */
132 if((n = readlnSSL(ssl, recvline, BUFFMAXLN)) < 0) {
133 err_msg("ERR at %s#%d: Pop3s server is not normal 5",__FILE__,__LINE__);
138 if(strstr(recvline,"+OK")==recvline){
145 WritefmtSSL(ssl,"quit\r\n");
148 SSL_shutdown (ssl); /* send SSL/TLS close_notify */
158 /*****************************************/
159 /* function for debugging */
160 /*****************************************/
161 int AuthPop3s(char *userid, char *passwd)
165 if(debug>1) err_msg("DEBUG:=>authPop3s(%s,passwd)",userid);
166 ret=authPop3s(userid,passwd);
167 if(debug>1) err_msg("DEBUG:(%d)<=authPop3s( )",ret);