login-common: sasl-server - Turn private argument of sasl_server_auth_begin() into...

diff --git a/src/login-common/client-common-auth.c b/src/login-common/client-common-auth.c
index fe72c297dde748e2cd980d3a2046854137e5729a..394da525dca60b94302eb4d0465ed9f72ea96e38 100644 (file)
--- a/src/login-common/client-common-auth.c
+++ b/src/login-common/client-common-auth.c
@@ -841,7 +841,8 @@ sasl_callback(struct client *client, enum sasl_server_reply sasl_reply,
 
 static int
 client_auth_begin_common(struct client *client, const char *mech_name,
-                        bool private, const char *init_resp)
+                        enum sasl_server_auth_flags auth_flags,
+                        const char *init_resp)
 {
        if (!client->secured && strcmp(client->ssl_set->ssl, "required") == 0) {
                if (client->set->auth_verbose) {
@@ -858,7 +859,7 @@ client_auth_begin_common(struct client *client, const char *mech_name,
        client_ref(client);
        client->auth_initializing = TRUE;
        sasl_server_auth_begin(client, login_binary->protocol, mech_name,
-                              private, init_resp, sasl_callback);
+                              auth_flags, init_resp, sasl_callback);
        client->auth_initializing = FALSE;
        if (!client->authenticating)
                return 1;
@@ -872,13 +873,15 @@ client_auth_begin_common(struct client *client, const char *mech_name,
 int client_auth_begin(struct client *client, const char *mech_name,
                      const char *init_resp)
 {
-       return client_auth_begin_common(client, mech_name, FALSE, init_resp);
+       return client_auth_begin_common(client, mech_name, 0, init_resp);
 }
 
 int client_auth_begin_private(struct client *client, const char *mech_name,
                              const char *init_resp)
 {
-       return client_auth_begin_common(client, mech_name, TRUE, init_resp);
+       return client_auth_begin_common(client, mech_name,
+                                       SASL_SERVER_AUTH_FLAG_PRIVATE,
+                                       init_resp);
 }
 
 bool client_check_plaintext_auth(struct client *client, bool pass_sent)

diff --git a/src/login-common/client-common.h b/src/login-common/client-common.h
index 84e116dbb8e6c66f6ae6cd712fb55944c4faf6ce..064cba6aaea24a33edaacb0e97b48e4b25d8b9b8 100644 (file)
--- a/src/login-common/client-common.h
+++ b/src/login-common/client-common.h
@@ -200,6 +200,7 @@ struct client {
        unsigned int proxy_ttl;
 
        char *auth_mech_name;
+       enum sasl_server_auth_flags auth_flags;
        struct auth_client_request *auth_request;
        string_t *auth_response;
        time_t auth_first_started, auth_finished;
@@ -346,6 +347,8 @@ int client_auth_begin(struct client *client, const char *mech_name,
                      const char *init_resp);
 int client_auth_begin_private(struct client *client, const char *mech_name,
                              const char *init_resp);
+int client_auth_begin_implicit(struct client *client, const char *mech_name,
+                              const char *init_resp);
 bool client_check_plaintext_auth(struct client *client, bool pass_sent);
 int client_auth_read_line(struct client *client);
 

diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
index bfa420943ededd3f9d8087b5b338221fff5a58a2..3adf5e982a5b20c18c3ec29f71f6ef29048eed27 100644 (file)
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -434,11 +434,13 @@ static bool get_cert_username(struct client *client, const char **username_r,
 
 void sasl_server_auth_begin(struct client *client,
                            const char *service, const char *mech_name,
-                           bool private, const char *initial_resp_base64,
+                           enum sasl_server_auth_flags flags,
+                           const char *initial_resp_base64,
                            sasl_server_callback_t *callback)
 {
        struct auth_request_info info;
        const struct auth_mech_desc *mech;
+       bool private = HAS_ALL_BITS(flags, SASL_SERVER_AUTH_FLAG_PRIVATE);
        const char *error;
 
        i_assert(auth_client_is_connected(auth_client));
@@ -451,6 +453,7 @@ void sasl_server_auth_begin(struct client *client,
        i_free(client->auth_mech_name);
        client->auth_mech_name = str_ucase(i_strdup(mech_name));
        client->auth_anonymous = FALSE;
+       client->auth_flags = flags;
        client->sasl_callback = callback;
 
        mech = sasl_server_find_available_mech(client, mech_name);

diff --git a/src/login-common/sasl-server.h b/src/login-common/sasl-server.h
index 84098bf2bb5259446f8100e56b08e88cc8ec045e..912dccdd6359481927d8058bad518730687ff9ca 100644 (file)
--- a/src/login-common/sasl-server.h
+++ b/src/login-common/sasl-server.h
@@ -11,6 +11,11 @@ enum sasl_server_reply {
        SASL_SERVER_REPLY_CONTINUE
 };
 
+enum sasl_server_auth_flags {
+       /* Allow the use of private mechanism */
+       SASL_SERVER_AUTH_FLAG_PRIVATE = BIT(0),
+};
+
 typedef void sasl_server_callback_t(struct client *client,
                                    enum sasl_server_reply reply,
                                    const char *data, const char *const *args);
@@ -22,7 +27,8 @@ sasl_server_find_available_mech(struct client *client, const char *name);
 
 void sasl_server_auth_begin(struct client *client,
                            const char *service, const char *mech_name,
-                           bool private, const char *initial_resp_base64,
+                           enum sasl_server_auth_flags flags,
+                           const char *initial_resp_base64,
                            sasl_server_callback_t *callback);
 void sasl_server_auth_failed(struct client *client, const char *reason,
        const char *code) ATTR_NULL(3);