/*	courierauthd.c
	John Simpson <jms1@jms1.net> 2005-11-27

	Background service to handle AUTH requests from qmail-smtpd

	Command protocol matches "vpopmaild" as closely as possible, the idea
	is that once "vpopmaild" is ready, it can replace this service if the
	user would rather use it.

	Uses courier-authlib, see http://www.courier-mta.org/authlib/

	************************************************************************

	Copyright (C) 2005 John Simpson.

	This program is free software; you can redistribute it and/or modify
	it under the terms of the GNU General Public License, version 2, as
	published by the Free Software Foundation.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program; if not, write to the Free Software
	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	or visit http://www.gnu.org/licenses/gpl.txt
*/

#include <stdarg.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>

#include <courierauth.h>

#define INPUTLEN 4096

#define MSG_OK		"+OK\r\n"
#define MSG_OKPLUS	"+OK+\r\n"
#define ERR_UNCMD	"-ERR XXX unknown command\r\n"
#define ERR_NOCMD	"-ERR XXX no command specified\r\n"
#define ERR_ARGS	"-ERR XXX invalid arguments\r\n"
#define ERR_NOAUTH	"-ERR 112 invalid login\r\n"

static const char courierauthd_c_version[] =
"$Id: courierauthd.c version 0.1 compiled " __DATE__ " " __TIME__ " jms1 $" ;

int debuglevel = 0 ;
int quit = 0 ;

/*****************************************************************************
*
* message displayed by the "help" command
*
*/

char *helpmsg =
"+OK+\r\n"
"login user@domain password\r\n"
"quit quit\r\n"
"help help\r\n"
".\r\n" ;

/*****************************************************************************
*
* functions which deal with courier-authlib
*
*/

int callback ( struct authinfo *ai , void *extra )
{
	int rv = 0 ;
	char *v ;

	if ( ai->options )
	{
		/* i'm not sure if a "disablesmtp" option exists, but if so,
		   this program will refuse to allow such an account to
		   authenticate, even if the password is correct */

		char *v = auth_getoption ( ai->options , "disablesmtp" ) ;
		if ( v )
		{
			if ( '1' == *v )
			{
				rv = -1 ;
			}
			free ( v ) ;
		}
	}

	return rv ;
}

char *auth ( const char *userid , const char *passwd )
{
	char *rv = "+OK\r\n" ;
	int z ;

	z = auth_login ( "smtp" , userid , passwd , callback , NULL ) ;

	if ( z )
	{
		rv = ERR_NOAUTH ;
		quit = 1 ;
	}

	return rv ;
}

/*****************************************************************************
*
* trim: the first '\n' or '\r' is the end of the line. this should make it
*   flexible enough to handle whatever is thrown at it.
*
*/

void trim ( char *buf )
{
	char *p = buf ;
	while ( *p )
	{
		if ( ( *p == '\n' ) || ( *p == '\r' ) )
		{
			*p = '\0' ;
			return ;
		}
		p++ ;
	}
}

/*****************************************************************************
*
* getword: call with a pointer to a pointer to the input string.
*   skips over any beginning whitespace
*   returns a pointer to the first byte of the word.
*   the first whitespace after the word will be replaced with \0
*   the pointer will be updated to point to the byte after this \0
*
*/

char *getword ( char **buf )
{
	char *z = *buf ;
	char *rv = NULL ;
	int inword = 0 ;

	while ( *z )
	{
		if ( inword )
		{
			if ( isspace ( *z ) )
			{
				*z = '\0' ;
				z ++ ;
				break ;
			}
		}
		else
		{
			if ( ! isspace ( *z ) )
			{
				rv = z ;
				inword = 1 ;
			}
		}
		z ++ ;
	}

	*buf = z ;
	return rv ;
}

/*****************************************************************************
*
* log: send a string to the log (stderr)
*
*/

void log ( char *format , ... )
{
	va_list ap ;

	if ( ! debuglevel ) return ;

	fprintf ( stderr , "%d " , getpid() ) ;

	va_start ( ap , format ) ;
	vfprintf ( stderr , format , ap ) ;
	va_end ( ap ) ;

	fflush ( stderr ) ;
}

/*****************************************************************************
*
* do_login: handle a "login" command
*
*/

char *do_login ( char **buf )
{
	char *z = *buf ;
	char *rv = ERR_ARGS ;
	char *userid ;
	char *passwd ;

	userid = getword ( &z ) ;
	passwd = getword ( &z ) ;

	if ( userid && passwd )
		rv = auth ( userid , passwd ) ;

	if ( debuglevel > 1 )
		log ( "login %s %s %s" , userid , passwd , rv ) ;
	else
		log ( "login %s * %s" , userid , rv ) ;

	*buf = z ;
	return rv ;
}

/*****************************************************************************
******************************************************************************
******************************************************************************
*
* this is where the magic happens
*
*/

int main ( int argc , char **argv )
{
	char buf[INPUTLEN] ;
	char *cmd ;
	char *userid ;
	char *passwd ;
	char *rv ;
	char *z ;
	int n ;

	for ( n=1 ; n<argc ; n++ )
	{
		if ( ! strcmp ( argv[n] , "-d" ) )
			debuglevel++ ;
	}

	fputs ( MSG_OK , stdout ) ;
	fflush ( stdout ) ;

	while ( ! quit )
	{
		memset ( buf , 0 , INPUTLEN ) ;
		z = fgets ( buf , INPUTLEN , stdin ) ;

		if ( !z )
			return 0 ;

		trim ( z ) ;

		cmd = getword ( &z ) ;

		if ( cmd )
		{
			if ( ! strcmp ( cmd , "login" ) )
			{
				rv = do_login ( &z ) ;
				fputs ( rv , stdout ) ;
			}
			else if ( ! strcmp ( cmd , "help" ) )
			{
				log ( "help\n" ) ;
				fputs ( helpmsg , stdout ) ;
			}
			else if ( ! strcmp ( cmd , "quit" ) )
			{
				log ( "quit\n" ) ;
				break ;
			}
			else
			{
				log ( "unknown command \"%s\"\n" , cmd ) ;
				fputs ( ERR_UNCMD , stdout ) ;
			}
		}
		else
		{
			log ( "no command specified\n" ) ;
			fputs ( ERR_NOCMD , stdout ) ;
		}

		fflush ( stdout ) ;
	}

	return 0 ;
}