> Mostly a matter of time/testing. I committed the auth plugins I could
> test or at least read through (I'm not immediately familiar with the
> checkpassword protocol). If some other people can test the plugin and
> confirm that it at least basically works, I don't have any problem
> committing...
Actually the checkpassword interface is absolutely simple, it all comes
down to the following central lines of my plugin (which has only 29 lines
in total!):
open(CPW,"|$untainted 3<&0");
printf(CPW "%s\0%s\0Y123456\0",$user,$passClear);
close(CPW);
my $status = $?;
One just executes the checkpassword binary and sends the user name,
the password and i belive some token to file descriptor 3. I think
the token is used with md5 passwords, but my plugin only supports
the auth types plain and login so the token can be static as shown.
As said, the plugin is only 29 lines in total. I don't think this
leaves much room for big errors. One code to check is:
my $binary = $self->qp->config("smtpauth-checkpassword")
or return (DECLINED);
return(DECLINED) if ( ! -x $binary );
my ($untainted) = $binary =~ /^(.*)$/;
I'm not sure if my untainting is real secure, but i think that the
config file 'smtpauth-checkpassword' should be writable only by
root. Also the '-x' check makes sure that the path to a binary is
given and not some shell escape laden string.
Regards
Michael
--
It's an insane world, but i'm proud to be a part of it. -- Bill Hicks
