From: Stephan Bosch Date: Wed, 22 Mar 2023 14:59:09 +0000 (+0100) Subject: auth: sasl-server - Group request callbacks in struct sasl_server_request_funcs X-Git-Tag: 2.4.2~236 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ce720aca0ce1750ccc617dbd95653d56f72b8b61;p=thirdparty%2Fdovecot%2Fcore.git auth: sasl-server - Group request callbacks in struct sasl_server_request_funcs --- diff --git a/src/auth/auth-sasl.c b/src/auth/auth-sasl.c index 3bc271acae..e7e740b9bb 100644 --- a/src/auth/auth-sasl.c +++ b/src/auth/auth-sasl.c @@ -15,7 +15,7 @@ struct sasl_server *auth_sasl_server; * Request */ -bool +static bool auth_sasl_request_set_authid(struct sasl_server_req_ctx *rctx, enum sasl_server_authid_type authid_type, const char *authid) @@ -65,7 +65,7 @@ auth_sasl_request_set_authid(struct sasl_server_req_ctx *rctx, i_unreached(); } -bool +static bool auth_sasl_request_set_authzid(struct sasl_server_req_ctx *rctx, const char *authzid) { @@ -80,7 +80,7 @@ auth_sasl_request_set_authzid(struct sasl_server_req_ctx *rctx, return TRUE; } -void +static void auth_sasl_request_set_realm(struct sasl_server_req_ctx *rctx, const char *realm) { @@ -90,7 +90,7 @@ auth_sasl_request_set_realm(struct sasl_server_req_ctx *rctx, auth_request_set_realm(request, realm); } -bool +static bool auth_sasl_request_get_extra_field(struct sasl_server_req_ctx *rctx, const char *name, const char **field_r) { @@ -106,7 +106,7 @@ auth_sasl_request_get_extra_field(struct sasl_server_req_ctx *rctx, return TRUE; } -void +static void auth_sasl_request_start_channel_binding(struct sasl_server_req_ctx *rctx, const char *type) { @@ -116,7 +116,7 @@ auth_sasl_request_start_channel_binding(struct sasl_server_req_ctx *rctx, auth_request_start_channel_binding(request, type); } -int +static int auth_sasl_request_accept_channel_binding(struct sasl_server_req_ctx *rctx, buffer_t **data_r) { @@ -126,7 +126,7 @@ auth_sasl_request_accept_channel_binding(struct sasl_server_req_ctx *rctx, return auth_request_accept_channel_binding(request, data_r); } -void +static void auth_sasl_request_output(struct sasl_server_req_ctx *rctx, const struct sasl_server_output *output) { @@ -182,7 +182,7 @@ verify_plain_callback(enum passdb_result status, struct auth_request *request) request->sasl.passdb_callback(&request->sasl.req, &result); } -void +static void auth_sasl_request_verify_plain(struct sasl_server_req_ctx *rctx, const char *password, sasl_server_passdb_callback_t *callback) @@ -209,7 +209,7 @@ lookup_credentials_callback(enum passdb_result status, request->sasl.passdb_callback(&request->sasl.req, &result); } -void +static void auth_sasl_request_lookup_credentials(struct sasl_server_req_ctx *rctx, const char *scheme, sasl_server_passdb_callback_t *callback) @@ -233,7 +233,7 @@ set_credentials_callback(bool success, struct auth_request *request) request->sasl.passdb_callback(&request->sasl.req, &result); } -void +static void auth_sasl_request_set_credentials(struct sasl_server_req_ctx *rctx, const char *scheme, const char *data, sasl_server_passdb_callback_t *callback) @@ -246,6 +246,25 @@ auth_sasl_request_set_credentials(struct sasl_server_req_ctx *rctx, set_credentials_callback); } +static const struct sasl_server_request_funcs auth_sasl_request_funcs = { + .request_set_authid = auth_sasl_request_set_authid, + .request_set_authzid = auth_sasl_request_set_authzid, + .request_set_realm = auth_sasl_request_set_realm, + + .request_get_extra_field = auth_sasl_request_get_extra_field, + + .request_start_channel_binding = + auth_sasl_request_start_channel_binding, + .request_accept_channel_binding = + auth_sasl_request_accept_channel_binding, + + .request_output = auth_sasl_request_output, + + .request_verify_plain = auth_sasl_request_verify_plain, + .request_lookup_credentials = auth_sasl_request_lookup_credentials, + .request_set_credentials = auth_sasl_request_set_credentials, +}; + static const char * auth_sasl_translate_protocol_name(struct auth_request *request) { @@ -357,7 +376,8 @@ auth_sasl_mech_module_find(const char *name) void auth_sasl_preinit(void) { auth_sasl_oauth2_initialize(); - auth_sasl_server = sasl_server_init(auth_event); + auth_sasl_server = sasl_server_init(auth_event, + &auth_sasl_request_funcs); } void auth_sasl_init(void) diff --git a/src/auth/auth-sasl.h b/src/auth/auth-sasl.h index a654041f59..727f4429e1 100644 --- a/src/auth/auth-sasl.h +++ b/src/auth/auth-sasl.h @@ -18,49 +18,6 @@ extern struct sasl_server *auth_sasl_server; * Request */ -bool -auth_sasl_request_set_authid(struct sasl_server_req_ctx *rctx, - enum sasl_server_authid_type authid_type, - const char *authid); - -bool -auth_sasl_request_set_authzid(struct sasl_server_req_ctx *rctx, - const char *authzid); - -void -auth_sasl_request_set_realm(struct sasl_server_req_ctx *rctx, - const char *realm); - -bool -auth_sasl_request_get_extra_field(struct sasl_server_req_ctx *rctx, - const char *name, const char **field_r); - -void -auth_sasl_request_start_channel_binding(struct sasl_server_req_ctx *rctx, - const char *type); -int -auth_sasl_request_accept_channel_binding(struct sasl_server_req_ctx *rctx, - buffer_t **data_r); - -void -auth_sasl_request_output(struct sasl_server_req_ctx *rctx, - const struct sasl_server_output *output); - -void -auth_sasl_request_verify_plain(struct sasl_server_req_ctx *rctx, - const char *password, - sasl_server_passdb_callback_t *callback); - -void -auth_sasl_request_lookup_credentials(struct sasl_server_req_ctx *rctx, - const char *scheme, - sasl_server_passdb_callback_t *callback); - -void -auth_sasl_request_set_credentials(struct sasl_server_req_ctx *rctx, - const char *scheme, const char *data, - sasl_server_passdb_callback_t *callback); - void auth_sasl_request_init(struct auth_request *request, const struct sasl_server_mech_def *mech); void auth_sasl_request_deinit(struct auth_request *request); diff --git a/src/auth/sasl-server-private.h b/src/auth/sasl-server-private.h index 20ffcc0516..feac242ee8 100644 --- a/src/auth/sasl-server-private.h +++ b/src/auth/sasl-server-private.h @@ -22,6 +22,7 @@ struct sasl_server_request { struct sasl_server { pool_t pool; struct event *event; + const struct sasl_server_request_funcs *funcs; unsigned int requests; }; diff --git a/src/auth/sasl-server-request.c b/src/auth/sasl-server-request.c index 8e1abdd5fc..0c469ad8f8 100644 --- a/src/auth/sasl-server-request.c +++ b/src/auth/sasl-server-request.c @@ -120,24 +120,33 @@ bool sasl_server_request_set_authid(struct sasl_server_mech_request *mreq, const char *authid) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; - return auth_sasl_request_set_authid(req->rctx, authid_type, authid); + i_assert(funcs->request_set_authid != NULL); + return funcs->request_set_authid(req->rctx, authid_type, authid); } bool sasl_server_request_set_authzid(struct sasl_server_mech_request *mreq, const char *authzid) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; - return auth_sasl_request_set_authzid(req->rctx, authzid); + i_assert(funcs->request_set_authzid != NULL); + return funcs->request_set_authzid(req->rctx, authzid); } void sasl_server_request_set_realm(struct sasl_server_mech_request *mreq, const char *realm) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; - auth_sasl_request_set_realm(req->rctx, realm); + i_assert(funcs->request_set_realm != NULL); + funcs->request_set_realm(req->rctx, realm); } bool sasl_server_request_get_extra_field(struct sasl_server_mech_request *mreq, @@ -145,50 +154,68 @@ bool sasl_server_request_get_extra_field(struct sasl_server_mech_request *mreq, const char **field_r) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; - return auth_sasl_request_get_extra_field(req->rctx, name, field_r); + if (funcs->request_get_extra_field == NULL) { + *field_r = NULL; + return FALSE; + } + return funcs->request_get_extra_field(req->rctx, name, field_r); } void sasl_server_request_start_channel_binding( struct sasl_server_mech_request *mreq, const char *type) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; - auth_sasl_request_start_channel_binding(req->rctx, type); + i_assert(funcs->request_start_channel_binding != NULL); + funcs->request_start_channel_binding(req->rctx, type); } int sasl_server_request_accept_channel_binding( struct sasl_server_mech_request *mreq, buffer_t **data_r) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; - return auth_sasl_request_accept_channel_binding(req->rctx, data_r); + i_assert(funcs->request_accept_channel_binding != NULL); + return funcs->request_accept_channel_binding(req->rctx, data_r); } void sasl_server_request_output(struct sasl_server_mech_request *mreq, const void *data, size_t data_size) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; const struct sasl_server_output output = { .status = SASL_SERVER_OUTPUT_CONTINUE, .data = data, .data_size = data_size, }; - auth_sasl_request_output(req->rctx, &output); + i_assert(funcs->request_output != NULL); + funcs->request_output(req->rctx, &output); } void sasl_server_request_success(struct sasl_server_mech_request *mreq, const void *data, size_t data_size) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; const struct sasl_server_output output = { .status = SASL_SERVER_OUTPUT_SUCCESS, .data = data, .data_size = data_size, }; - auth_sasl_request_output(req->rctx, &output); + i_assert(funcs->request_output != NULL); + funcs->request_output(req->rctx, &output); } static void @@ -197,13 +224,16 @@ sasl_server_request_failure_common(struct sasl_server_mech_request *mreq, const void *data, size_t data_size) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; const struct sasl_server_output output = { .status = status, .data = data, .data_size = data_size, }; - auth_sasl_request_output(req->rctx, &output); + i_assert(funcs->request_output != NULL); + funcs->request_output(req->rctx, &output); } void sasl_server_request_failure_with_reply( @@ -242,12 +272,15 @@ void sasl_server_request_verify_plain( sasl_server_mech_passdb_callback_t *callback) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; req->passdb_type = SASL_SERVER_PASSDB_TYPE_VERIFY_PLAIN; req->passdb_callback = callback; - auth_sasl_request_verify_plain(req->rctx, password, - verify_plain_callback); + i_assert(funcs->request_verify_plain != NULL); + funcs->request_verify_plain(req->rctx, password, + verify_plain_callback); } static void @@ -266,12 +299,15 @@ void sasl_server_request_lookup_credentials( sasl_server_mech_passdb_callback_t *callback) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; req->passdb_type = SASL_SERVER_PASSDB_TYPE_LOOKUP_CREDENTIALS; req->passdb_callback = callback; - auth_sasl_request_lookup_credentials(req->rctx, scheme, - lookup_credentials_callback); + i_assert(funcs->request_lookup_credentials != NULL); + funcs->request_lookup_credentials(req->rctx, scheme, + lookup_credentials_callback); } static void @@ -290,12 +326,15 @@ void sasl_server_request_set_credentials( sasl_server_mech_passdb_callback_t *callback) { struct sasl_server_request *req = mreq->req; + struct sasl_server *server = req->server; + const struct sasl_server_request_funcs *funcs = server->funcs; req->passdb_type = SASL_SERVER_PASSDB_TYPE_SET_CREDENTIALS; req->passdb_callback = callback; - auth_sasl_request_set_credentials(req->rctx, scheme, data, - set_credentials_callback); + i_assert(funcs->request_set_credentials != NULL); + funcs->request_set_credentials(req->rctx, scheme, data, + set_credentials_callback); } struct sasl_server_mech_request * diff --git a/src/auth/sasl-server.c b/src/auth/sasl-server.c index 2edd25643a..ebd7960628 100644 --- a/src/auth/sasl-server.c +++ b/src/auth/sasl-server.c @@ -12,7 +12,9 @@ static struct event_category event_category_sasl_server = { * Server */ -struct sasl_server *sasl_server_init(struct event *event_parent) +struct sasl_server * +sasl_server_init(struct event *event_parent, + const struct sasl_server_request_funcs *funcs) { struct sasl_server *server; pool_t pool; @@ -21,6 +23,8 @@ struct sasl_server *sasl_server_init(struct event *event_parent) server = p_new(pool, struct sasl_server, 1); server->pool = pool; + server->funcs = funcs; + server->event = event_create(event_parent); event_add_category(server->event, &event_category_sasl_server); event_set_append_log_prefix(server->event, "sasl: "); diff --git a/src/auth/sasl-server.h b/src/auth/sasl-server.h index 73ef42ac8e..3538f74d06 100644 --- a/src/auth/sasl-server.h +++ b/src/auth/sasl-server.h @@ -87,6 +87,38 @@ struct sasl_server_req_ctx { struct sasl_server_request *request; }; +struct sasl_server_request_funcs { + bool (*request_set_authid)(struct sasl_server_req_ctx *rctx, + enum sasl_server_authid_type authid_type, + const char *authid); + bool (*request_set_authzid)(struct sasl_server_req_ctx *rctx, + const char *authzid); + void (*request_set_realm)(struct sasl_server_req_ctx *rctx, + const char *realm); + + bool (*request_get_extra_field)(struct sasl_server_req_ctx *rctx, + const char *name, const char **field_r); + + void (*request_start_channel_binding)(struct sasl_server_req_ctx *rctx, + const char *type); + int (*request_accept_channel_binding)(struct sasl_server_req_ctx *rctx, + buffer_t **data_r); + + void (*request_output)(struct sasl_server_req_ctx *rctx, + const struct sasl_server_output *output); + + void (*request_verify_plain)( + struct sasl_server_req_ctx *rctx, const char *password, + sasl_server_passdb_callback_t *callback); + void (*request_lookup_credentials)( + struct sasl_server_req_ctx *rctx, const char *scheme, + sasl_server_passdb_callback_t *callback); + void (*request_set_credentials)( + struct sasl_server_req_ctx *rctx, + const char *scheme, const char *data, + sasl_server_passdb_callback_t *callback); +}; + void sasl_server_request_create(struct sasl_server_req_ctx *rctx, struct sasl_server *server, const struct sasl_server_mech_def *mech, @@ -103,7 +135,9 @@ void sasl_server_request_input(struct sasl_server_req_ctx *rctx, * Server */ -struct sasl_server *sasl_server_init(struct event *event_parent); +struct sasl_server * +sasl_server_init(struct event *event_parent, + const struct sasl_server_request_funcs *funcs); void sasl_server_deinit(struct sasl_server **_server); #endif