From 56de5b8f09f14f10955ac105d77a15ea7321c92a Mon Sep 17 00:00:00 2001 From: Thadeu Lima de Souza Cascardo Date: Fri, 19 Jun 2009 19:24:13 -0300 Subject: [PATCH] Added stub support for access control, with deny by default. --- Makefile.am | 2 +- pop.c | 16 +++++++++++++--- usermap.c | 28 ++++++++++++++++++++++++++++ usermap.h | 32 ++++++++++++++++++++++++++++++++ 4 files changed, 74 insertions(+), 4 deletions(-) create mode 100644 usermap.c create mode 100644 usermap.h diff --git a/Makefile.am b/Makefile.am index b958097..c571530 100644 --- a/Makefile.am +++ b/Makefile.am @@ -2,5 +2,5 @@ bin_PROGRAMS = popproxy popproxy_SOURCES = popproxy.c log.c log.h nethook.c nethook.h \ proto_detect.c proto_detect.h jabber.c jabber.h jabber_server.c \ iksemel_extra.c iksemel_extra.h null.c null.h ssl.c ssl.h \ - ssl_server.c pop.c pop.h + ssl_server.c pop.c pop.h usermap.c usermap.h sysconf_DATA = popproxy.conf diff --git a/pop.c b/pop.c index 4e93caa..1925eb4 100644 --- a/pop.c +++ b/pop.c @@ -23,6 +23,7 @@ #include #include "nethook.h" #include "pop.h" +#include "usermap.h" typedef struct { @@ -82,14 +83,23 @@ pop_read (net_hook_t *hook, gchar *buffer, size_t len) { pop_t *pop = hook->data; g_string_append_len (pop->buffer, buffer, len); - hook->data = pop->orig_data; while (pop_getline (pop) == 0) { if (pop_check_user (pop) == 0) - g_message ("User is trying to authenticate as %s.", pop->user); + { + g_message ("User is trying to authenticate as %s.", pop->user); + if (usermap_perm (pop->user) == ACCESS_DENY) + { + g_message ("Denying access to user %s.", pop->user); + pop_destroy (hook); + gnet_conn_disconnect (hook->conn); + return; + } + } + hook->data = pop->orig_data; pop->orig_read (hook, pop->line->str, pop->line->len); + hook->data = pop; } - hook->data = pop; } net_hook_t * diff --git a/usermap.c b/usermap.c new file mode 100644 index 0000000..7cf012f --- /dev/null +++ b/usermap.c @@ -0,0 +1,28 @@ +/* +** Copyright (C) 2006 Thadeu Lima de Souza Cascardo +** Copyright (C) 2009 Thadeu Lima de Souza Cascardo +** +** This program is free software; you can redistribute it and/or modify +** it under the terms of the GNU General Public License as published by +** the Free Software Foundation; either version 2 of the License, or +** (at your option) any later version. +** +** This program is distributed in the hope that it will be useful, +** but WITHOUT ANY WARRANTY; without even the implied warranty of +** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +** GNU General Public License for more details. +** +** You should have received a copy of the GNU General Public License +** along with this program; if not, write to the Free Software +** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +** +*/ + +#include +#include "usermap.h" + +int +usermap_perm (char *user) +{ + return ACCESS_DENY; +} diff --git a/usermap.h b/usermap.h new file mode 100644 index 0000000..836efe1 --- /dev/null +++ b/usermap.h @@ -0,0 +1,32 @@ +/* +** Copyright (C) 2006 Thadeu Lima de Souza Cascardo +** Copyright (C) 2009 Thadeu Lima de Souza Cascardo +** +** This program is free software; you can redistribute it and/or modify +** it under the terms of the GNU General Public License as published by +** the Free Software Foundation; either version 2 of the License, or +** (at your option) any later version. +** +** This program is distributed in the hope that it will be useful, +** but WITHOUT ANY WARRANTY; without even the implied warranty of +** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +** GNU General Public License for more details. +** +** You should have received a copy of the GNU General Public License +** along with this program; if not, write to the Free Software +** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +** +*/ + +#ifndef POPPROXY_USERMAP_H +#define POPPROXY_USERMAP_H + +enum +{ + ACCESS_ALLOW, + ACCESS_DENY +}; + +int usermap_perm (char *); + +#endif -- 2.20.1