1 /* saslint.h - internal SASL library definitions
4 * $Id: saslint.h,v 1.60 2006/04/18 20:25:45 mel Exp $
7 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. The name "Carnegie Mellon University" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For permission or any other legal
24 * details, please contact
25 * Office of Technology Transfer
26 * Carnegie Mellon University
28 * Pittsburgh, PA 15213-3890
29 * (412) 268-4387, fax: (412) 268-7395
30 * tech-transfer@andrew.cmu.edu
32 * 4. Redistributions of any form whatsoever must retain the following
34 * "This product includes software developed by Computing Services
35 * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
37 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
38 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
39 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
40 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
41 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
42 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
43 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
55 /* #define'd constants */
56 #define CANON_BUF_SIZE 1024
58 /* Error Handling Foo */
60 * -Error strings are set as soon as possible (first function in stack trace
61 * with a pointer to the sasl_conn_t.
62 * -Error codes are set as late as possible (only in the sasl api functions),
63 * though "as often as possible" also comes to mind to ensure correctness
64 * -Errors from calls to _buf_alloc, _sasl_strdup, etc are assumed to be
66 * -Only errors (error codes < SASL_OK) should be remembered
68 #define RETURN(conn, val) { if(conn && (val) < SASL_OK) \
69 (conn)->error_code = (val); \
71 #define MEMERROR(conn) {\
72 if(conn) sasl_seterror( (conn), 0, \
73 "Out of Memory in " __FILE__ " near line %d", __LINE__ ); \
74 RETURN(conn, SASL_NOMEM) }
75 #define PARAMERROR(conn) {\
76 if(conn) sasl_seterror( (conn), SASL_NOLOG, \
77 "Parameter error in " __FILE__ " near line %d", __LINE__ ); \
78 RETURN(conn, SASL_BADPARAM) }
79 #define INTERROR(conn, val) {\
80 if(conn) sasl_seterror( (conn), 0, \
81 "Internal Error %d in " __FILE__ " near line %d", (val),\
87 # define PATH_MAX MAX_PATH
89 # ifdef _POSIX_PATH_MAX
90 # define PATH_MAX _POSIX_PATH_MAX
92 # define PATH_MAX 1024 /* arbitrary; probably big enough.
93 * will probably only be 256+64 on
94 * pre-posix machines */
95 # endif /* _POSIX_PATH_MAX */
99 /* : Define directory delimiter in SASL_PATH/SASL_CONF_PATH variables */
101 #define PATHS_DELIMITER ';'
103 #define PATHS_DELIMITER ':'
106 /* Datatype Definitions */
108 const sasl_callback_t *callbacks;
110 } sasl_global_callbacks_t;
112 extern sasl_global_callbacks_t global_callbacks;
114 typedef struct _sasl_external_properties
118 } _sasl_external_properties_t;
120 typedef struct sasl_string_list
123 struct sasl_string_list *next;
124 } sasl_string_list_t;
126 typedef struct buffer_info
133 typedef int add_plugin_t(const char *, void *);
135 typedef struct add_plugin_list
137 const char *entryname;
138 add_plugin_t *add_plugin;
141 enum Sasl_conn_type { SASL_CONN_UNKNOWN = 0,
142 SASL_CONN_SERVER = 1,
143 SASL_CONN_CLIENT = 2 };
146 enum Sasl_conn_type type;
148 void (*destroy_conn)(sasl_conn_t *); /* destroy function */
152 unsigned int flags; /* flags passed to sasl_*_new */
154 /* IP information. A buffer of size 52 is adequate for this in its
155 longest format (see sasl.h) */
156 int got_ip_local, got_ip_remote;
157 char iplocalport[NI_MAXHOST + NI_MAXSERV];
158 char ipremoteport[NI_MAXHOST + NI_MAXSERV];
161 sasl_out_params_t oparams;
163 sasl_security_properties_t props;
164 _sasl_external_properties_t external;
166 sasl_secret_t *secret;
168 int (*idle_hook)(sasl_conn_t *conn);
169 const sasl_callback_t *callbacks;
170 const sasl_global_callbacks_t *global_callbacks; /* global callbacks
174 /* Pointers to memory that we are responsible for */
175 buffer_info_t *encode_buf;
178 char *error_buf, *errdetail_buf;
179 size_t error_buf_len, errdetail_buf_len;
181 size_t mechlist_buf_len;
185 char user_buf[CANON_BUF_SIZE+1], authid_buf[CANON_BUF_SIZE+1];
187 /* Allocated by sasl_encodev if the output contains multiple SASL packet. */
188 buffer_info_t multipacket_encoded_data;
191 /* Server Conn Type Information */
193 typedef struct mechanism
195 server_sasl_mechanism_t m;
196 struct mechanism *next;
199 typedef struct mech_list {
200 const sasl_utils_t *utils; /* gotten from plug_init */
202 void *mutex; /* mutex for this data */
203 mechanism_t *mech_list; /* list of mechanisms */
204 int mech_length; /* number of mechanisms */
207 typedef struct context_list
210 void *context; /* if NULL, this mech is disabled for this connection
211 * otherwise, use this context instead of a call
213 struct context_list *next;
216 typedef struct sasl_server_conn {
217 sasl_conn_t base; /* parts common to server + client */
219 char *appname; /* application name buffer (for sparams) */
220 char *user_realm; /* domain the user authenticating is in */
221 int sent_last; /* Have we already done the last send? */
223 mechanism_t *mech; /* mechanism trying to use */
224 sasl_server_params_t *sparams;
225 context_list_t *mech_contexts;
226 } sasl_server_conn_t;
228 /* Client Conn Type Information */
230 typedef struct cmechanism
232 client_sasl_mechanism_t m;
233 struct cmechanism *next;
236 typedef struct cmech_list {
237 const sasl_utils_t *utils;
239 void *mutex; /* mutex for this data */
240 cmechanism_t *mech_list; /* list of mechanisms */
241 int mech_length; /* number of mechanisms */
245 typedef struct sasl_client_conn {
246 sasl_conn_t base; /* parts common to server + client */
249 sasl_client_params_t *cparams;
253 } sasl_client_conn_t;
255 typedef struct sasl_allocation_utils {
256 sasl_malloc_t *malloc;
257 sasl_calloc_t *calloc;
258 sasl_realloc_t *realloc;
260 } sasl_allocation_utils_t;
262 typedef struct sasl_mutex_utils {
263 sasl_mutex_alloc_t *alloc;
264 sasl_mutex_lock_t *lock;
265 sasl_mutex_unlock_t *unlock;
266 sasl_mutex_free_t *free;
267 } sasl_mutex_utils_t;
269 typedef struct sasl_log_utils_s {
273 typedef int sasl_plaintext_verifier(sasl_conn_t *conn,
277 const char *user_realm);
279 struct sasl_verify_password_s {
281 sasl_plaintext_verifier *verify;
285 * globals & constants
290 LIBSASL_API const sasl_utils_t *sasl_global_utils;
292 extern int (*_sasl_client_idle_hook)(sasl_conn_t *conn);
293 extern int (*_sasl_server_idle_hook)(sasl_conn_t *conn);
295 /* These return SASL_OK if we've actually finished cleanup,
296 * SASL_NOTINIT if that part of the library isn't initialized, and
297 * SASL_CONTINUE if we need to call them again */
298 extern int (*_sasl_client_cleanup_hook)(void);
299 extern int (*_sasl_server_cleanup_hook)(void);
301 extern sasl_allocation_utils_t _sasl_allocation_utils;
302 extern sasl_mutex_utils_t _sasl_mutex_utils;
304 extern int _sasl_is_equal_mech(const char *req_mech,
305 const char *plug_mech,
311 extern struct sasl_verify_password_s _sasl_verify_password[];
316 /* (this is a function call to ensure this is read-only to the outside) */
317 extern int _is_sasl_server_active(void);
320 * Allocation and Mutex utility macros
322 #define sasl_ALLOC(__size__) (_sasl_allocation_utils.malloc((__size__)))
323 #define sasl_CALLOC(__nelem__, __size__) \
324 (_sasl_allocation_utils.calloc((__nelem__), (__size__)))
325 #define sasl_REALLOC(__ptr__, __size__) \
326 (_sasl_allocation_utils.realloc((__ptr__), (__size__)))
327 #define sasl_FREE(__ptr__) (_sasl_allocation_utils.free((__ptr__)))
329 #define sasl_MUTEX_ALLOC() (_sasl_mutex_utils.alloc())
330 #define sasl_MUTEX_LOCK(__mutex__) (_sasl_mutex_utils.lock((__mutex__)))
331 #define sasl_MUTEX_UNLOCK(__mutex__) (_sasl_mutex_utils.unlock((__mutex__)))
332 #define sasl_MUTEX_FREE(__mutex__) \
333 (_sasl_mutex_utils.free((__mutex__)))
335 /* function prototypes */
337 * dlopen.c and staticopen.c
340 * The differences here are:
341 * _sasl_load_plugins loads all plugins from all files
342 * _sasl_get_plugin loads the LIBRARY for an individual file
343 * _sasl_done_with_plugins frees the LIBRARIES loaded by the above 2
344 * _sasl_locate_entry locates an entrypoint in a given library
346 extern int _sasl_load_plugins(const add_plugin_list_t *entrypoints,
347 const sasl_callback_t *getpath_callback,
348 const sasl_callback_t *verifyfile_callback);
349 extern int _sasl_get_plugin(const char *file,
350 const sasl_callback_t *verifyfile_cb,
352 extern int _sasl_locate_entry(void *library, const char *entryname,
354 extern int _sasl_done_with_plugins();
360 extern const sasl_callback_t *
361 _sasl_find_getpath_callback(const sasl_callback_t *callbacks);
363 extern const sasl_callback_t *
364 _sasl_find_getconfpath_callback(const sasl_callback_t *callbacks);
366 extern const sasl_callback_t *
367 _sasl_find_verifyfile_callback(const sasl_callback_t *callbacks);
369 extern int _sasl_common_init(sasl_global_callbacks_t *global_callbacks);
371 extern int _sasl_conn_init(sasl_conn_t *conn,
374 enum Sasl_conn_type type,
375 int (*idle_hook)(sasl_conn_t *conn),
376 const char *serverFQDN,
377 const char *iplocalport,
378 const char *ipremoteport,
379 const sasl_callback_t *callbacks,
380 const sasl_global_callbacks_t *global_callbacks);
381 extern void _sasl_conn_dispose(sasl_conn_t *conn);
383 extern sasl_utils_t *
384 _sasl_alloc_utils(sasl_conn_t *conn,
385 sasl_global_callbacks_t *global_callbacks);
386 extern int _sasl_free_utils(const sasl_utils_t ** utils);
389 _sasl_getcallback(sasl_conn_t * conn,
390 unsigned long callbackid,
395 _sasl_log(sasl_conn_t *conn,
400 void _sasl_get_errorbuf(sasl_conn_t *conn, char ***bufhdl, size_t **lenhdl);
401 int _sasl_add_string(char **out, size_t *alloclen,
402 size_t *outlen, const char *add);
404 /* More Generic Utilities in common.c */
405 extern int _sasl_strdup(const char *in, char **out, size_t *outlen);
407 /* Basically a conditional call to realloc(), if we need more */
408 int _buf_alloc(char **rwbuf, size_t *curlen, size_t newlen);
410 /* convert an iovec to a single buffer */
411 int _iovec_to_buf(const struct iovec *vec,
412 unsigned numiov, buffer_info_t **output);
414 /* Convert between string formats and sockaddr formats */
415 int _sasl_iptostring(const struct sockaddr *addr, socklen_t addrlen,
416 char *out, unsigned outlen);
417 int _sasl_ipfromstring(const char *addr, struct sockaddr *out,
421 * external plugin (external.c)
423 int external_client_plug_init(const sasl_utils_t *utils,
426 sasl_client_plug_t **pluglist,
428 int external_server_plug_init(const sasl_utils_t *utils,
431 sasl_server_plug_t **pluglist,
434 /* Mech Listing Functions */
435 int _sasl_build_mechlist(void);
436 int _sasl_server_listmech(sasl_conn_t *conn,
444 int _sasl_client_listmech(sasl_conn_t *conn,
451 /* Just create a straight list of them */
452 sasl_string_list_t *_sasl_client_mechs(void);
453 sasl_string_list_t *_sasl_server_mechs(void);
456 * config file declarations (config.c)
458 extern int sasl_config_init(const char *filename);
459 extern const char *sasl_config_getstring(const char *key,const char *def);
462 #ifdef DO_SASL_CHECKAPOP
463 extern int _sasl_auxprop_verify_apop(sasl_conn_t *conn,
465 const char *challenge,
466 const char *response,
467 const char *user_realm);
468 #endif /* DO_SASL_CHECKAPOP */
470 /* Auxprop Plugin (checkpw.c) */
471 extern int sasldb_auxprop_plug_init(const sasl_utils_t *utils,
474 sasl_auxprop_plug_t **plug,
475 const char *plugname);
480 extern int _sasl_auxprop_add_plugin(void *p, void *library);
481 extern void _sasl_auxprop_free(void);
482 extern void _sasl_auxprop_lookup(sasl_server_params_t *sparams,
484 const char *user, unsigned ulen);
489 void _sasl_canonuser_free();
490 extern int internal_canonuser_init(const sasl_utils_t *utils,
493 sasl_canonuser_plug_t **plug,
494 const char *plugname);
495 extern int _sasl_canon_user(sasl_conn_t *conn,
496 const char *user, unsigned ulen,
498 sasl_out_params_t *oparams);
500 #endif /* SASLINT_H */