dovecot: Dovecot authentication package

This patch adds a new package which implements two basic primitives for
authenticating against dovecot ("user exists", and "check password").

It is still experimental/work in progress.

cmd/dovecot-auth-cli/.gitignore

@@ -0,0 +1,2 @@
+*.log
+dovecot-auth-cli

cmd/dovecot-auth-cli/dovecot-auth-cli.go

@@ -0,0 +1,36 @@
+// CLI used for testing the dovecot authentication package.
+//
+// NOT for production use.
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"blitiri.com.ar/go/chasquid/internal/dovecot"
+)
+
+func main() {
+	a := dovecot.NewAuth(os.Args[1]+"-userdb", os.Args[1]+"-client")
+
+	var ok bool
+	var err error
+
+	switch os.Args[2] {
+	case "exists":
+		ok, err = a.Exists(os.Args[3])
+	case "auth":
+		ok, err = a.Authenticate(os.Args[3], os.Args[4])
+	default:
+		fmt.Printf("unknown subcommand\n")
+		os.Exit(1)
+	}
+
+	if ok {
+		fmt.Printf("yes\n")
+		return
+	}
+
+	fmt.Printf("no: %v\n", err)
+	os.Exit(1)
+}

cmd/dovecot-auth-cli/test.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+set -e
+. $(dirname ${0})/../../test/util/lib.sh
+
+init
+
+# Build the binary once, so we can use it and launch it in chamuyero scripts.
+# Otherwise, we not only spend time rebuilding it over and over, but also "go
+# run" masks the exit code, which is something we care about.
+go build dovecot-auth-cli.go
+
+for i in *.cmy; do
+	if ! chamuyero $i > $i.log 2>&1 ; then
+		echo "# Test $i failed, log follows"
+		cat $i.log
+		exit 1
+	fi
+done
+
+success

cmd/dovecot-auth-cli/test_auth_error.cmy

@@ -0,0 +1,21 @@
+
+client unix_listen .dovecot-client
+
+c = ./dovecot-auth-cli .dovecot auth username password
+
+client -> VERSION	1	1
+client -> SPID	12345
+client -> CUID	12345
+client -> COOKIE	lovelycookie
+client -> MECH	PLAIN
+client -> MECH	LOGIN
+client -> DONE
+
+client <- VERSION	1	1
+client <~ CPID	
+
+client <- AUTH	1	PLAIN	service=smtp	secured	no-penalty	nologin	resp=dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ=
+client -> OTHER
+
+c <~ no: invalid response
+c wait 1

cmd/dovecot-auth-cli/test_auth_no.cmy

@@ -0,0 +1,21 @@
+
+client unix_listen .dovecot-client
+
+c = ./dovecot-auth-cli .dovecot auth username password
+
+client -> VERSION	1	1
+client -> SPID	12345
+client -> CUID	12345
+client -> COOKIE	lovelycookie
+client -> MECH	PLAIN
+client -> MECH	LOGIN
+client -> DONE
+
+client <- VERSION	1	1
+client <~ CPID	
+
+client <- AUTH	1	PLAIN	service=smtp	secured	no-penalty	nologin	resp=dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ=
+client -> FAIL	1
+
+c <- no: <nil>
+c wait 1

cmd/dovecot-auth-cli/test_auth_yes.cmy

@@ -0,0 +1,21 @@
+
+client unix_listen .dovecot-client
+
+c = ./dovecot-auth-cli .dovecot auth username password
+
+client -> VERSION	1	1
+client -> SPID	12345
+client -> CUID	12345
+client -> COOKIE	lovelycookie
+client -> MECH	PLAIN
+client -> MECH	LOGIN
+client -> DONE
+
+client <- VERSION	1	1
+client <~ CPID	
+
+client <- AUTH	1	PLAIN	service=smtp	secured	no-penalty	nologin	resp=dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ=
+client -> OK	1
+
+c <- yes
+c wait 0

cmd/dovecot-auth-cli/test_exists_notfound.cmy

@@ -0,0 +1,16 @@
+
+userdb unix_listen .dovecot-userdb
+
+c = ./dovecot-auth-cli .dovecot exists username
+
+userdb -> VERSION	1	1
+userdb -> SPID	12345
+
+userdb <- VERSION	1	1
+userdb <- USER	1	username	service=smtp
+
+userdb -> NOTFOUND	1
+
+c wait 1
+
+c <- no: <nil>

cmd/dovecot-auth-cli/test_exists_yes.cmy

@@ -0,0 +1,15 @@
+
+userdb unix_listen .dovecot-userdb
+
+c = ./dovecot-auth-cli .dovecot exists username
+
+userdb -> VERSION	1	1
+userdb -> SPID	12345
+
+userdb <- VERSION	1	1
+userdb <- USER	1	username	service=smtp
+
+userdb -> USER	1	username	system_groups_user=blah uid=10  gid=10
+
+c <- yes
+c wait 0

cmd/dovecot-auth-cli/test_missing_socket.cmy

@@ -0,0 +1,8 @@
+
+c = ./dovecot-auth-cli .missingsocket exists username
+c <~ no: dial unix .missingsocket-userdb
+c wait 1
+
+c = ./dovecot-auth-cli .missingsocket auth username password
+c <~ no: dial unix .missingsocket-client
+c wait 1