From: Timo Sirainen Date: Wed, 3 Feb 2016 10:26:10 +0000 (+0200) Subject: lib-sasl: Added support for EXTERNAL SASL mechanism X-Git-Tag: 2.2.22.rc1~219 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=405d5f230d6beded2de44f0f0b038d27c1c7c30e;p=thirdparty%2Fdovecot%2Fcore.git lib-sasl: Added support for EXTERNAL SASL mechanism --- diff --git a/src/lib-sasl/Makefile.am b/src/lib-sasl/Makefile.am index 98b49dd95a..dd6d37377b 100644 --- a/src/lib-sasl/Makefile.am +++ b/src/lib-sasl/Makefile.am @@ -4,6 +4,7 @@ AM_CPPFLAGS = \ -I$(top_srcdir)/src/lib libsasl_la_SOURCES = \ + mech-external.c \ mech-login.c \ mech-plain.c \ dsasl-client.c diff --git a/src/lib-sasl/dsasl-client-private.h b/src/lib-sasl/dsasl-client-private.h index 851a11200b..a7295819cc 100644 --- a/src/lib-sasl/dsasl-client-private.h +++ b/src/lib-sasl/dsasl-client-private.h @@ -25,6 +25,7 @@ struct dsasl_client_mech { void (*free)(struct dsasl_client *client); }; +extern const struct dsasl_client_mech dsasl_client_mech_external; extern const struct dsasl_client_mech dsasl_client_mech_login; void dsasl_client_mech_register(const struct dsasl_client_mech *mech); diff --git a/src/lib-sasl/dsasl-client.c b/src/lib-sasl/dsasl-client.c index 4406918400..13338991b4 100644 --- a/src/lib-sasl/dsasl-client.c +++ b/src/lib-sasl/dsasl-client.c @@ -104,6 +104,7 @@ void dsasl_clients_init(void) return; i_array_init(&dsasl_mechanisms, 8); + dsasl_client_mech_register(&dsasl_client_mech_external); dsasl_client_mech_register(&dsasl_client_mech_plain); dsasl_client_mech_register(&dsasl_client_mech_login); } diff --git a/src/lib-sasl/mech-external.c b/src/lib-sasl/mech-external.c new file mode 100644 index 0000000000..faf753a59b --- /dev/null +++ b/src/lib-sasl/mech-external.c @@ -0,0 +1,64 @@ +/* Copyright (c) 2016 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "dsasl-client-private.h" + +struct external_dsasl_client { + struct dsasl_client client; + bool output_sent; +}; + +static int +mech_external_input(struct dsasl_client *_client, + const unsigned char *input ATTR_UNUSED, unsigned int input_len, + const char **error_r) +{ + struct external_dsasl_client *client = + (struct external_dsasl_client *)_client; + + if (!client->output_sent) { + if (input_len > 0) { + *error_r = "Server sent non-empty initial response"; + return -1; + } + } else { + *error_r = "Server didn't finish authentication"; + return -1; + } + return 0; +} + +static int +mech_external_output(struct dsasl_client *_client, + const unsigned char **output_r, unsigned int *output_len_r, + const char **error_r) +{ + struct external_dsasl_client *client = + (struct external_dsasl_client *)_client; + const char *username; + + if (_client->set.authid == NULL) { + *error_r = "authid not set"; + return -1; + } + + if (_client->set.authzid != NULL) + username = _client->set.authzid; + else if (_client->set.authid != NULL) + username = _client->set.authid; + else + username = ""; + + *output_r = (const void *)username; + *output_len_r = strlen(username); + client->output_sent = TRUE; + return 0; +} + +const struct dsasl_client_mech dsasl_client_mech_external = { + .name = "EXTERNAL", + .struct_size = sizeof(struct external_dsasl_client), + + .input = mech_external_input, + .output = mech_external_output +};