X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=include%2Fsaslplug.h;h=bd50367eb3fb06d866e9ead17470d41e777cf70e;hb=755d9d20aadc1a140d01583b586f5a6d29c3a670;hp=c114cb605e520b0bd0d7065c0811e464e074d048;hpb=3fb011c8cebc0e9a3aa03503351f394919686441;p=cyrus-sasl.git diff --git a/include/saslplug.h b/include/saslplug.h index c114cb6..bd50367 100755 --- a/include/saslplug.h +++ b/include/saslplug.h @@ -193,12 +193,12 @@ typedef struct sasl_out_params { void *client_creds; /* for additions which don't require a version upgrade; set to 0 */ - void *gss_peer_name; - void *gss_local_name; - void *spare_ptr4; + const void *gss_peer_name; + const void *gss_local_name; + const char *cbindingname; /* channel binding name from packet */ int (*spare_fptr1)(); int (*spare_fptr2)(); - int chanbindingflag; + unsigned int cbindingdisp; /* channel binding disposition from client */ int spare_int2; int spare_int3; int spare_int4; @@ -219,7 +219,21 @@ typedef enum { SASL_INFO_LIST_END } sasl_info_callback_stage_t; +/****************************** + * Channel binding macros ** + ******************************/ + +typedef enum { + SASL_CB_DISP_NONE = 0, /* client did not support CB */ + SASL_CB_DISP_USED, /* client supports and used CB */ + SASL_CB_DISP_WANT /* client supports CB, thinks server does not */ +} sasl_cbinding_disp_t; +/* TRUE if channel binding is non-NULL */ +#define SASL_CB_PRESENT(params) ((params)->cbinding != NULL) +/* TRUE if channel binding is marked critical */ +#define SASL_CB_CRITICAL(params) (SASL_CB_PRESENT(params) && \ + (params)->cbinding->critical) /****************************** * Client Mechanism Functions * @@ -254,9 +268,9 @@ typedef struct sasl_client_params { sasl_ssf_t external_ssf; /* external SSF active */ /* for additions which don't require a version upgrade; set to 0 */ - void *gss_creds; - void *chanbindingtype; - void *chanbindingdata; + const void *gss_creds; /* GSS credential handle */ + const sasl_channel_binding_t *cbinding; /* client channel binding */ + void *spare_ptr3; void *spare_ptr4; /* Canonicalize a user name from on-wire to internal format @@ -289,13 +303,8 @@ typedef struct sasl_client_params { int (*spare_fptr1)(); -#define SASL_CB_FLAG_NONE 0x00 /* client did not support CB */ -#define SASL_CB_FLAG_USED 0x01 /* client supports CB, thinks server does not */ -#define SASL_CB_FLAG_WANT 0x02 /* client supports and used CB */ -#define SASL_CB_FLAG_CRIT 0x10 /* client requires CB */ - int chanbindingflags; -#define SASL_CB_PRESENT(params) ((params)->chanbindingtype != NULL && (params)->chanbindinglen) - int chanbindinglen; + unsigned int cbindingdisp; + unsigned int spare_int2; int spare_int3; /* flags field as passed to sasl_client_new */ @@ -334,11 +343,17 @@ typedef struct sasl_client_params { /* This plugin allows proxying */ #define SASL_FEAT_ALLOWS_PROXY 0x0020 +/* server plugin needs old password in order to change password */ +#define SASL_FEAT_NEED_OLD_PASSWD 0x0040 + +/* server plugin don't use cleartext userPassword attribute */ +#define SASL_FEAT_DONTUSE_USERPASSWD 0x0080 + /* Underlying mechanism uses GSS framing */ -#define SASL_FEAT_GSS_FRAMING 0x0040 +#define SASL_FEAT_GSS_FRAMING 0x0100 /* Underlying mechanism supports channel binding */ -#define SASL_FEAT_CHANNEL_BINDING 0x0080 +#define SASL_FEAT_CHANNEL_BINDING 0x0200 /* client plug-in features */ #define SASL_FEAT_NEEDSERVERFQDN 0x0001 @@ -561,14 +576,14 @@ typedef struct sasl_server_params { struct propctx *propctx; /* for additions which don't require a version upgrade; set to 0 */ - void *gss_creds; - void *chanbindingtype; - void *chanbindingdata; + const void *gss_creds; /* GSS credential handle */ + const sasl_channel_binding_t *cbinding; /* server channel binding */ + void *spare_ptr3; void *spare_ptr4; int (*spare_fptr1)(); int (*spare_fptr2)(); - int chanbindinglen; - int chanbindingcrit; + int spare_int1; + int spare_int2; int spare_int3; /* flags field as passed to sasl_server_new */