lib-sasl: sasl-common - Add definitions for SASL mechanism names and use them

diff --git a/src/auth/auth-sasl-mech-oauth2.c b/src/auth/auth-sasl-mech-oauth2.c
index e9b81055f85624f09588fcc8ee01e50c60e9ab4c..c6a42d9fd5b58400cba13aa3cea69589d6c35945 100644 (file)
--- a/src/auth/auth-sasl-mech-oauth2.c
+++ b/src/auth/auth-sasl-mech-oauth2.c
@@ -173,8 +173,8 @@ void auth_sasl_oauth2_initialize(void)
 {
        const char *mech, *error;
        array_foreach_elem(&global_auth_settings->mechanisms, mech) {
-               if (strcasecmp(mech, mech_xoauth2.name) == 0 ||
-                   strcasecmp(mech, mech_oauthbearer.name) == 0) {
+               if (strcasecmp(mech, SASL_MECH_NAME_OAUTHBEARER) == 0 ||
+                   strcasecmp(mech, SASL_MECH_NAME_XOAUTH2) == 0) {
                        if (db_oauth2_init(auth_event, FALSE,
                                           &db_oauth2, &error) < 0)
                                i_fatal("Cannot initialize oauth2: %s", error);

diff --git a/src/auth/auth-sasl.c b/src/auth/auth-sasl.c
index cc0eb14f64cb795b0edddaecf22d732b6f8fd82e..cb5999fb65e3cf79a7bca6d20dbb14dead7967e6 100644 (file)
--- a/src/auth/auth-sasl.c
+++ b/src/auth/auth-sasl.c
@@ -424,7 +424,7 @@ mech_register_init(const struct auth_settings *set)
        array_foreach_elem(&set->mechanisms, name) {
                name = t_str_ucase(name);
 
-               if (strcmp(name, "ANONYMOUS") == 0) {
+               if (strcmp(name, SASL_MECH_NAME_ANONYMOUS) == 0) {
                        if (*set->anonymous_username == '\0') {
                                i_fatal("ANONYMOUS listed in mechanisms, "
                                        "but anonymous_username not set");

diff --git a/src/auth/sasl-server-mech-anonymous.c b/src/auth/sasl-server-mech-anonymous.c
index 60a1825d1e8aea7c88667edb16e00bed5291bd18..95c776f34c9215537e3804f1fc6fab2756c20b4e 100644 (file)
--- a/src/auth/sasl-server-mech-anonymous.c
+++ b/src/auth/sasl-server-mech-anonymous.c
@@ -25,7 +25,7 @@ static const struct sasl_server_mech_funcs mech_anonymous_funcs = {
 };
 
 const struct sasl_server_mech_def mech_anonymous = {
-       .name = "ANONYMOUS",
+       .name = SASL_MECH_NAME_ANONYMOUS,
 
        .flags = SASL_MECH_SEC_ANONYMOUS | SASL_MECH_SEC_ALLOW_NULS,
        .passdb_need = SASL_MECH_PASSDB_NEED_NOTHING,

diff --git a/src/auth/sasl-server-mech-cram-md5.c b/src/auth/sasl-server-mech-cram-md5.c
index ee71c273aadfdb7456317e91f5a9360c10c499fa..f609b46293dfbfd19e14afef4e6a4b89fa25513c 100644 (file)
--- a/src/auth/sasl-server-mech-cram-md5.c
+++ b/src/auth/sasl-server-mech-cram-md5.c
@@ -180,7 +180,7 @@ static const struct sasl_server_mech_funcs mech_cram_md5_funcs = {
 };
 
 const struct sasl_server_mech_def mech_cram_md5 = {
-       .name = "CRAM-MD5",
+       .name = SASL_MECH_NAME_CRAM_MD5,
 
        .flags = SASL_MECH_SEC_DICTIONARY | SASL_MECH_SEC_ACTIVE,
        .passdb_need = SASL_MECH_PASSDB_NEED_VERIFY_RESPONSE,

diff --git a/src/auth/sasl-server-mech-digest-md5.c b/src/auth/sasl-server-mech-digest-md5.c
index ef6b24ec7ac721635a74efef3a0b8496b0fff004..37ca46a3e902665b735ebd5ac4c8e4f00831bab0 100644 (file)
--- a/src/auth/sasl-server-mech-digest-md5.c
+++ b/src/auth/sasl-server-mech-digest-md5.c
@@ -611,7 +611,7 @@ static const struct sasl_server_mech_funcs mech_digest_md5_funcs = {
 };
 
 const struct sasl_server_mech_def mech_digest_md5 = {
-       .name = "DIGEST-MD5",
+       .name = SASL_MECH_NAME_DIGEST_MD5,
 
        .flags = SASL_MECH_SEC_DICTIONARY | SASL_MECH_SEC_ACTIVE |
                 SASL_MECH_SEC_MUTUAL_AUTH,

diff --git a/src/auth/sasl-server-mech-external.c b/src/auth/sasl-server-mech-external.c
index 2a7ac27154c173ccab908376e32847e5a9852f5f..34548552307f8c7ca578692868bb73625e347590 100644 (file)
--- a/src/auth/sasl-server-mech-external.c
+++ b/src/auth/sasl-server-mech-external.c
@@ -34,7 +34,7 @@ static const struct sasl_server_mech_funcs mech_external_funcs = {
 };
 
 const struct sasl_server_mech_def mech_external = {
-       .name = "EXTERNAL",
+       .name = SASL_MECH_NAME_EXTERNAL,
 
        .flags = 0,
        .passdb_need = SASL_MECH_PASSDB_NEED_VERIFY_PLAIN,

diff --git a/src/auth/sasl-server-mech-gssapi.c b/src/auth/sasl-server-mech-gssapi.c
index d15cf08456eafe86755878bbf9c6934f827f77d6..07091fe4fca78a7e109b1effa77628c7e233c896 100644 (file)
--- a/src/auth/sasl-server-mech-gssapi.c
+++ b/src/auth/sasl-server-mech-gssapi.c
@@ -680,7 +680,7 @@ static const struct sasl_server_mech_funcs mech_gssapi_funcs = {
 };
 
 const struct sasl_server_mech_def mech_gssapi = {
-       .name = "GSSAPI",
+       .name = SASL_MECH_NAME_GSSAPI,
 
        .flags = SASL_MECH_SEC_ALLOW_NULS,
        .passdb_need = SASL_MECH_PASSDB_NEED_NOTHING,
@@ -692,7 +692,7 @@ const struct sasl_server_mech_def mech_gssapi = {
    internally. Nothing else needs to be done here. Note, however, that this does
    not support SPNEGO when the only available credential is NTLM. */
 const struct sasl_server_mech_def mech_gssapi_spnego = {
-       .name = "GSS-SPNEGO",
+       .name = SASL_MECH_NAME_GSS_SPNEGO,
 
        .flags = SASL_MECH_SEC_ALLOW_NULS,
        .passdb_need = SASL_MECH_PASSDB_NEED_NOTHING,

diff --git a/src/auth/sasl-server-mech-login.c b/src/auth/sasl-server-mech-login.c
index 58fb246c0f6468b7348f80187f0cd95d05ea1444..873be0e383bab4fd30e17cd1f4a81b7100eade3c 100644 (file)
--- a/src/auth/sasl-server-mech-login.c
+++ b/src/auth/sasl-server-mech-login.c
@@ -57,7 +57,7 @@ static const struct sasl_server_mech_funcs mech_login_funcs = {
 };
 
 const struct sasl_server_mech_def mech_login = {
-       .name = "LOGIN",
+       .name = SASL_MECH_NAME_LOGIN,
 
        .flags = SASL_MECH_SEC_PLAINTEXT,
        .passdb_need = SASL_MECH_PASSDB_NEED_VERIFY_PLAIN,

diff --git a/src/auth/sasl-server-mech-oauth2.c b/src/auth/sasl-server-mech-oauth2.c
index 711a0fdf942dc3834a8af51a3b680e7f9c2b79d0..c8b6b3b7de9b88bf2835328d6d8bfe5a098a9053 100644 (file)
--- a/src/auth/sasl-server-mech-oauth2.c
+++ b/src/auth/sasl-server-mech-oauth2.c
@@ -320,7 +320,7 @@ static const struct sasl_server_mech_funcs mech_oauthbearer_funcs = {
 };
 
 const struct sasl_server_mech_def mech_oauthbearer = {
-       .name = "OAUTHBEARER",
+       .name = SASL_MECH_NAME_OAUTHBEARER,
 
        /* while this does not transfer plaintext password,
           the token is still considered as password */
@@ -337,7 +337,7 @@ static const struct sasl_server_mech_funcs mech_xoauth2_funcs = {
 };
 
 const struct sasl_server_mech_def mech_xoauth2 = {
-       .name = "XOAUTH2",
+       .name = SASL_MECH_NAME_XOAUTH2,
 
        .flags = SASL_MECH_SEC_PLAINTEXT,
        .passdb_need = 0,

diff --git a/src/auth/sasl-server-mech-otp.c b/src/auth/sasl-server-mech-otp.c
index 182ac212956a44f0b610d69210ce1826b1b1e514..c726d6f5f3db23252be02d9628fea86bbb02fab2 100644 (file)
--- a/src/auth/sasl-server-mech-otp.c
+++ b/src/auth/sasl-server-mech-otp.c
@@ -319,7 +319,7 @@ static const struct sasl_server_mech_funcs mech_otp_funcs = {
 };
 
 const struct sasl_server_mech_def mech_otp = {
-       .name = "OTP",
+       .name = SASL_MECH_NAME_OTP,
 
        .flags = SASL_MECH_SEC_DICTIONARY | SASL_MECH_SEC_ACTIVE |
                 SASL_MECH_SEC_ALLOW_NULS,

diff --git a/src/auth/sasl-server-mech-plain.c b/src/auth/sasl-server-mech-plain.c
index ecee61e251a7d56f972cb96479f3545b831c1834..2959ab8d494909f9475e08041cf7ee221f9076bc 100644 (file)
--- a/src/auth/sasl-server-mech-plain.c
+++ b/src/auth/sasl-server-mech-plain.c
@@ -68,7 +68,7 @@ static const struct sasl_server_mech_funcs mech_plain_funcs = {
 };
 
 const struct sasl_server_mech_def mech_plain = {
-       .name = "PLAIN",
+       .name = SASL_MECH_NAME_PLAIN,
 
        .flags = SASL_MECH_SEC_PLAINTEXT | SASL_MECH_SEC_ALLOW_NULS,
        .passdb_need = SASL_MECH_PASSDB_NEED_VERIFY_PLAIN,

diff --git a/src/auth/sasl-server-mech-scram.c b/src/auth/sasl-server-mech-scram.c
index a94fc0702d6b5f52a3ce504b902169beb23efd67..6a54483804bcc3da687217fe5a440778f768c0e2 100644 (file)
--- a/src/auth/sasl-server-mech-scram.c
+++ b/src/auth/sasl-server-mech-scram.c
@@ -239,7 +239,7 @@ static const struct sasl_server_mech_funcs mech_scram_sha1_funcs = {
 };
 
 const struct sasl_server_mech_def mech_scram_sha1 = {
-       .name = "SCRAM-SHA-1",
+       .name = SASL_MECH_NAME_SCRAM_SHA_1,
 
        .flags = SASL_MECH_SEC_MUTUAL_AUTH,
        .passdb_need = SASL_MECH_PASSDB_NEED_LOOKUP_CREDENTIALS,
@@ -248,7 +248,7 @@ const struct sasl_server_mech_def mech_scram_sha1 = {
 };
 
 const struct sasl_server_mech_def mech_scram_sha1_plus = {
-       .name = "SCRAM-SHA-1-PLUS",
+       .name = SASL_MECH_NAME_SCRAM_SHA_1_PLUS,
 
        .flags = SASL_MECH_SEC_MUTUAL_AUTH | SASL_MECH_SEC_CHANNEL_BINDING,
        .passdb_need = SASL_MECH_PASSDB_NEED_LOOKUP_CREDENTIALS,
@@ -264,7 +264,7 @@ static const struct sasl_server_mech_funcs mech_scram_sha256_funcs = {
 };
 
 const struct sasl_server_mech_def mech_scram_sha256 = {
-       .name = "SCRAM-SHA-256",
+       .name = SASL_MECH_NAME_SCRAM_SHA_256,
 
        .flags = SASL_MECH_SEC_MUTUAL_AUTH,
        .passdb_need = SASL_MECH_PASSDB_NEED_LOOKUP_CREDENTIALS,
@@ -273,7 +273,7 @@ const struct sasl_server_mech_def mech_scram_sha256 = {
 };
 
 const struct sasl_server_mech_def mech_scram_sha256_plus = {
-       .name = "SCRAM-SHA-256-PLUS",
+       .name = SASL_MECH_NAME_SCRAM_SHA_256_PLUS,
 
        .flags = SASL_MECH_SEC_MUTUAL_AUTH | SASL_MECH_SEC_CHANNEL_BINDING,
        .passdb_need = SASL_MECH_PASSDB_NEED_LOOKUP_CREDENTIALS,

diff --git a/src/auth/sasl-server-mech-winbind.c b/src/auth/sasl-server-mech-winbind.c
index 509cb887360c8b098c5aaa23b82837fbd85abc62..5d84cfcbec108854c109fa45d4aedc97a956ea8d 100644 (file)
--- a/src/auth/sasl-server-mech-winbind.c
+++ b/src/auth/sasl-server-mech-winbind.c
@@ -346,7 +346,7 @@ static const struct sasl_server_mech_funcs mech_winbind_ntlm_funcs = {
 };
 
 const struct sasl_server_mech_def mech_winbind_ntlm = {
-       .name = "NTLM",
+       .name = SASL_MECH_NAME_NTLM,
 
        .flags = SASL_MECH_SEC_DICTIONARY | SASL_MECH_SEC_ACTIVE |
                 SASL_MECH_SEC_ALLOW_NULS,
@@ -362,7 +362,7 @@ static const struct sasl_server_mech_funcs mech_winbind_spnego_funcs = {
 };
 
 const struct sasl_server_mech_def mech_winbind_spnego = {
-       .name = "GSS-SPNEGO",
+       .name = SASL_MECH_NAME_GSS_SPNEGO,
 
        .flags = SASL_MECH_SEC_ALLOW_NULS,
        .passdb_need = SASL_MECH_PASSDB_NEED_NOTHING,

diff --git a/src/auth/test-auth-request-fields.c b/src/auth/test-auth-request-fields.c
index 25096d280f105321589fa90e0fc10737cb4124a5..e9c77585398c7855261a2002dbcaa42c3cba3de4 100644 (file)
--- a/src/auth/test-auth-request-fields.c
+++ b/src/auth/test-auth-request-fields.c
@@ -144,16 +144,20 @@ static void test_auth_request_fields_secured(void)
 
 static void test_auth_request_export_import(void)
 {
-       struct auth_request *request_a = test_auth_request_init(mech_module_find("PLAIN"));
+       struct auth_request *request_a =
+               test_auth_request_init(mech_module_find(SASL_MECH_NAME_PLAIN));
        string_t *exported_a = t_str_new(128);
        string_t *exported_b = t_str_new(128);
        request_a->passdb_success = TRUE;
-       auth_request_set_field(request_a, "event_brand with fun = \" values", "this = has _ fun \t values \"", "PLAIN");
+       auth_request_set_field(request_a, "event_brand with fun = \" values",
+                              "this = has _ fun \t values \"",
+                              SASL_MECH_NAME_PLAIN);
        auth_request_export(request_a, exported_a);
        test_auth_request_deinit(request_a);
 
        /* then import it */
-       struct auth_request *request_b = test_auth_request_init(mech_module_find("PLAIN"));
+       struct auth_request *request_b =
+               test_auth_request_init(mech_module_find(SASL_MECH_NAME_PLAIN));
        const char *const *args = t_strsplit_tabescaped(str_c(exported_a));
        for (; *args != NULL; args++) {
                const char *value = strchr(*args, '=');

diff --git a/src/imap-login/client-authenticate.c b/src/imap-login/client-authenticate.c
index c063f1bf079fbce1e2750274f82eaf193ac60869..c45b558ac7c451b5aadc8d02919fd646bfa9fef3 100644 (file)
--- a/src/imap-login/client-authenticate.c
+++ b/src/imap-login/client-authenticate.c
@@ -214,5 +214,6 @@ int cmd_login(struct imap_client *imap_client, const struct imap_arg *args)
 
        base64 = t_buffer_create(MAX_BASE64_ENCODED_SIZE(plain_login->used));
        base64_encode(plain_login->data, plain_login->used, base64);
-       return imap_client_auth_begin(imap_client, "PLAIN", str_c(base64));
+       return imap_client_auth_begin(imap_client, SASL_MECH_NAME_PLAIN,
+                                     str_c(base64));
 }

diff --git a/src/imap-login/imap-login-client.c b/src/imap-login/imap-login-client.c
index 4e89ec0ae895c98a4df9ceb346e3b7fe47288d4e..83c65f32e32d713cf31ad3165bc013173a998680 100644 (file)
--- a/src/imap-login/imap-login-client.c
+++ b/src/imap-login/imap-login-client.c
@@ -77,7 +77,8 @@ bool client_handle_parser_error(struct imap_client *client,
 static bool is_login_cmd_disabled(struct client *client)
 {
        if (client->connection_secured) {
-               if (sasl_server_find_available_mech(client, "PLAIN") == NULL) {
+               if (sasl_server_find_available_mech(
+                               client, SASL_MECH_NAME_PLAIN) == NULL) {
                        /* no PLAIN authentication, can't use LOGIN command */
                        return TRUE;
                }

diff --git a/src/lib-auth-client/auth-client-connection.c b/src/lib-auth-client/auth-client-connection.c
index 8e6bb8ab18350b88bc6c3a6c0ee398c39cc6ede6..500d1fec7c4fa5d7cf99ec9417870f63352b58db 100644 (file)
--- a/src/lib-auth-client/auth-client-connection.c
+++ b/src/lib-auth-client/auth-client-connection.c
@@ -73,7 +73,7 @@ auth_server_input_mech(struct auth_client_connection *conn,
        i_zero(&mech_desc);
        mech_desc.name = p_strdup(conn->pool, args[0]);
 
-       if (strcmp(mech_desc.name, "PLAIN") == 0)
+       if (strcmp(mech_desc.name, SASL_MECH_NAME_PLAIN) == 0)
                conn->has_plain_mech = TRUE;
 
        for (args++; *args != NULL; args++) {

diff --git a/src/lib-sasl/dsasl-client-private.h b/src/lib-sasl/dsasl-client-private.h
index fc3982ea0f983b25b453b732340e284d6a11a345..4bdc16cedbf89ef7f284698292a628174fad2fad 100644 (file)
--- a/src/lib-sasl/dsasl-client-private.h
+++ b/src/lib-sasl/dsasl-client-private.h
@@ -1,6 +1,7 @@
 #ifndef DSASL_CLIENT_PRIVATE_H
 #define DSASL_CLIENT_PRIVATE_H
 
+#include "sasl-common.h"
 #include "dsasl-client.h"
 
 enum dsasl_mech_security_flags {

diff --git a/src/lib-sasl/mech-anonymous.c b/src/lib-sasl/mech-anonymous.c
index bab0b7f467880aca5494df6bc09463197e321c9b..3c6a791a1606356888994731cf6f591ab1fa150e 100644 (file)
--- a/src/lib-sasl/mech-anonymous.c
+++ b/src/lib-sasl/mech-anonymous.c
@@ -46,7 +46,7 @@ mech_anonymous_output(struct dsasl_client *_client,
 }
 
 const struct dsasl_client_mech dsasl_client_mech_anonymous = {
-       .name = "ANONYMOUS",
+       .name = SASL_MECH_NAME_ANONYMOUS,
        .struct_size = sizeof(struct anonymous_dsasl_client),
        .flags = DSASL_MECH_SEC_NO_PASSWORD,
 

diff --git a/src/lib-sasl/mech-external.c b/src/lib-sasl/mech-external.c
index 5606fc0d5eca9a94b4f68ce0cfe71ccc848a4a9e..b2efd07f11f29a5a5984f71d67cdc309897b1877 100644 (file)
--- a/src/lib-sasl/mech-external.c
+++ b/src/lib-sasl/mech-external.c
@@ -51,7 +51,7 @@ mech_external_output(struct dsasl_client *_client,
 }
 
 const struct dsasl_client_mech dsasl_client_mech_external = {
-       .name = "EXTERNAL",
+       .name = SASL_MECH_NAME_EXTERNAL,
        .struct_size = sizeof(struct external_dsasl_client),
        .flags = DSASL_MECH_SEC_NO_PASSWORD,
 

diff --git a/src/lib-sasl/mech-login.c b/src/lib-sasl/mech-login.c
index 1b39d809d8efc1a30cacb608f19e3dbc776bec98..9cefc835f3cd23037242627e00b10f94ade00e4d 100644 (file)
--- a/src/lib-sasl/mech-login.c
+++ b/src/lib-sasl/mech-login.c
@@ -67,7 +67,7 @@ mech_login_output(struct dsasl_client *_client,
 }
 
 const struct dsasl_client_mech dsasl_client_mech_login = {
-       .name = "LOGIN",
+       .name = SASL_MECH_NAME_LOGIN,
        .struct_size = sizeof(struct login_dsasl_client),
 
        .input = mech_login_input,

diff --git a/src/lib-sasl/mech-oauthbearer.c b/src/lib-sasl/mech-oauthbearer.c
index 9e92487962314460d2a5f3d9cebc65c5cdfbac11..6b8d81f84ab9025d238d1f0001f8384526cccadf 100644 (file)
--- a/src/lib-sasl/mech-oauthbearer.c
+++ b/src/lib-sasl/mech-oauthbearer.c
@@ -199,7 +199,7 @@ mech_oauthbearer_get_result(struct dsasl_client *_client, const char *key,
 }
 
 const struct dsasl_client_mech dsasl_client_mech_oauthbearer = {
-       .name = "OAUTHBEARER",
+       .name = SASL_MECH_NAME_OAUTHBEARER,
        .struct_size = sizeof(struct oauthbearer_dsasl_client),
 
        .input = mech_oauthbearer_input,
@@ -209,7 +209,7 @@ const struct dsasl_client_mech dsasl_client_mech_oauthbearer = {
 };
 
 const struct dsasl_client_mech dsasl_client_mech_xoauth2 = {
-       .name = "XOAUTH2",
+       .name = SASL_MECH_NAME_XOAUTH2,
        .struct_size = sizeof(struct oauthbearer_dsasl_client),
 
        .input = mech_oauthbearer_input,

diff --git a/src/lib-sasl/mech-plain.c b/src/lib-sasl/mech-plain.c
index e755fe498bd54cd049acfe929015003bc36bb49a..cdb0d331f559fd6d8056ff1c6f419968ed3d5cbc 100644 (file)
--- a/src/lib-sasl/mech-plain.c
+++ b/src/lib-sasl/mech-plain.c
@@ -62,7 +62,7 @@ mech_plain_output(struct dsasl_client *_client,
 }
 
 const struct dsasl_client_mech dsasl_client_mech_plain = {
-       .name = "PLAIN",
+       .name = SASL_MECH_NAME_PLAIN,
        .struct_size = sizeof(struct plain_dsasl_client),
 
        .input = mech_plain_input,

diff --git a/src/lib-sasl/mech-scram.c b/src/lib-sasl/mech-scram.c
index 8b89ec59ab486d0c436470b153c830d5d6579981..6024042661bd047c259d29700c15a97e9ef0d845 100644 (file)
--- a/src/lib-sasl/mech-scram.c
+++ b/src/lib-sasl/mech-scram.c
@@ -143,7 +143,7 @@ static void mech_scram_free(struct dsasl_client *client)
 }
 
 const struct dsasl_client_mech dsasl_client_mech_scram_sha_1 = {
-       .name = "SCRAM-SHA-1",
+       .name = SASL_MECH_NAME_SCRAM_SHA_1,
        .struct_size = sizeof(struct scram_dsasl_client),
 
        .input = mech_scram_input,
@@ -152,7 +152,7 @@ const struct dsasl_client_mech dsasl_client_mech_scram_sha_1 = {
 };
 
 const struct dsasl_client_mech dsasl_client_mech_scram_sha_1_plus = {
-       .name = "SCRAM-SHA-1-PLUS",
+       .name = SASL_MECH_NAME_SCRAM_SHA_1_PLUS,
        .struct_size = sizeof(struct scram_dsasl_client),
 
        .input = mech_scram_input,
@@ -161,7 +161,7 @@ const struct dsasl_client_mech dsasl_client_mech_scram_sha_1_plus = {
 };
 
 const struct dsasl_client_mech dsasl_client_mech_scram_sha_256 = {
-       .name = "SCRAM-SHA-256",
+       .name = SASL_MECH_NAME_SCRAM_SHA_256,
        .struct_size = sizeof(struct scram_dsasl_client),
 
        .input = mech_scram_input,
@@ -170,7 +170,7 @@ const struct dsasl_client_mech dsasl_client_mech_scram_sha_256 = {
 };
 
 const struct dsasl_client_mech dsasl_client_mech_scram_sha_256_plus = {
-       .name = "SCRAM-SHA-256-PLUS",
+       .name = SASL_MECH_NAME_SCRAM_SHA_256_PLUS,
        .struct_size = sizeof(struct scram_dsasl_client),
 
        .input = mech_scram_input,

diff --git a/src/lib-sasl/sasl-common.h b/src/lib-sasl/sasl-common.h
index 210dfc55c18cc6e74bcc1ee1a634e5f6b490c094..d51c7ea31b58a00c4f2b22b39e752addccd6ee29 100644 (file)
--- a/src/lib-sasl/sasl-common.h
+++ b/src/lib-sasl/sasl-common.h
@@ -1,6 +1,10 @@
 #ifndef SASL_COMMON_H
 #define SASL_COMMON_H
 
+/*
+ * Mechanism security flags
+ */
+
 enum sasl_mech_security_flags {
        /* Don't advertise this as available SASL mechanism (eg. APOP) */
        SASL_MECH_SEC_PRIVATE           = 0x0001,
@@ -22,4 +26,26 @@ enum sasl_mech_security_flags {
        SASL_MECH_SEC_CHANNEL_BINDING   = 0x0100,
 };
 
+/*
+ * Mechanism names
+ */
+
+#define SASL_MECH_NAME_ANONYMOUS               "ANONYMOUS"
+#define SASL_MECH_NAME_CRAM_MD5                        "CRAM-MD5"
+#define SASL_MECH_NAME_DIGEST_MD5              "DIGEST-MD5"
+#define SASL_MECH_NAME_EXTERNAL                        "EXTERNAL"
+#define SASL_MECH_NAME_GSSAPI                  "GSSAPI"
+#define SASL_MECH_NAME_GSS_SPNEGO              "GSS-SPNEGO"
+#define SASL_MECH_NAME_LOGIN                   "LOGIN"
+#define SASL_MECH_NAME_OAUTHBEARER             "OAUTHBEARER"
+#define SASL_MECH_NAME_OTP                     "OTP"
+#define SASL_MECH_NAME_PLAIN                   "PLAIN"
+#define SASL_MECH_NAME_SCRAM_SHA_1             "SCRAM-SHA-1"
+#define SASL_MECH_NAME_SCRAM_SHA_1_PLUS                "SCRAM-SHA-1-PLUS"
+#define SASL_MECH_NAME_SCRAM_SHA_256           "SCRAM-SHA-256"
+#define SASL_MECH_NAME_SCRAM_SHA_256_PLUS      "SCRAM-SHA-256-PLUS"
+
+#define SASL_MECH_NAME_NTLM                    "NTLM"
+#define SASL_MECH_NAME_XOAUTH2                 "XOAUTH2"
+
 #endif

diff --git a/src/login-common/client-common-auth.c b/src/login-common/client-common-auth.c
index ec110e81d92ac606c003308cafd73a7d70874db0..6741a190dfc72f1446b09b9085a973d78220c995 100644 (file)
--- a/src/login-common/client-common-auth.c
+++ b/src/login-common/client-common-auth.c
@@ -490,7 +490,7 @@ proxy_redirect_reauth(struct client *client, const char *destuser,
                t_strdup_printf("destuser=%s", str_tabescape(destuser)),
                t_strdup_printf("proxy_timeout=%u", connect_timeout_msecs),
        };
-       info.mech = "EXTERNAL";
+       info.mech = SASL_MECH_NAME_EXTERNAL;
        t_array_init(&info.extra_fields, N_ELEMENTS(extra_fields));
        array_append(&info.extra_fields, extra_fields,
                     N_ELEMENTS(extra_fields));

diff --git a/src/pop3-login/client-authenticate.c b/src/pop3-login/client-authenticate.c
index 64cf662ab397c75e566dcd34f8b4ea07d300fa04..1198cc63df2de93e1722fee9b35a21cc92fbf767 100644 (file)
--- a/src/pop3-login/client-authenticate.c
+++ b/src/pop3-login/client-authenticate.c
@@ -212,7 +212,7 @@ bool cmd_pass(struct pop3_client *pop3_client, const char *args)
        base64 = t_buffer_create(MAX_BASE64_ENCODED_SIZE(plain_login->used));
        base64_encode(plain_login->data, plain_login->used, base64);
 
-       (void)client_auth_begin(client, "PLAIN", str_c(base64));
+       (void)client_auth_begin(client, SASL_MECH_NAME_PLAIN, str_c(base64));
        return TRUE;
 }
 

diff --git a/src/submission-login/client-authenticate.c b/src/submission-login/client-authenticate.c
index 243c00d6f7cb541803ae249d051dcef91f87f771..3c21a053240f07767c9d93c51ef208661e7d1bcc 100644 (file)
--- a/src/submission-login/client-authenticate.c
+++ b/src/submission-login/client-authenticate.c
@@ -353,7 +353,8 @@ void cmd_mail(struct smtp_server_cmd_ctx *cmd, const char *params)
 
        if (HAS_NO_BITS(workarounds,
                        SUBMISSION_LOGIN_WORKAROUND_IMPLICIT_AUTH_EXTERNAL) ||
-           sasl_server_find_available_mech(client, "EXTERNAL") == NULL) {
+           sasl_server_find_available_mech(
+                       client, SASL_MECH_NAME_EXTERNAL) == NULL) {
                smtp_server_command_fail(cmd->cmd, 530, "5.7.0",
                                         "Authentication required.");
                return;
@@ -369,5 +370,5 @@ void cmd_mail(struct smtp_server_cmd_ctx *cmd, const char *params)
        i_assert(subm_client->pending_auth == NULL);
        subm_client->pending_auth = cmd;
 
-       (void)client_auth_begin_implicit(client, "EXTERNAL", "=");
+       (void)client_auth_begin_implicit(client, SASL_MECH_NAME_EXTERNAL, "=");
 }