/* initialize the SASL client drivers
* callbacks -- base callbacks for all client connections
* returns:
- * SASL_OK -- Success
+ * SASL_OK -- Success
* SASL_NOMEM -- Not enough memory
* SASL_BADVERS -- Mechanism version mismatch
* SASL_BADPARAM -- error in config file
if (list == NULL)
return SASL_NOMEM;
+ /* xxx confirm this with rfc 2222
+ * SASL mechanism allowable characters are "AZaz-_"
+ * seperators can be any other characters and of any length
+ * even variable lengths between
+ *
+ * Apps should be encouraged to simply use space or comma space
+ * though
+ */
+#define ismechchar(c) (isalnum((c)) || (c) == '_' || (c) == '-')
do {
for (start = p = mechs, i = 0; *p != '\0'; p++) {
- if (isspace(*p) || p[1] == '\0') {
+ if (!ismechchar(*p) || p[1] == '\0') {
size_t len = p - start;
if (p[1] == '\0')
/* select a mechanism for a connection
* mechlist -- mechanisms server has available (punctuation ignored)
- * secret -- optional secret from previous session
+ * secret -- optional secret from previous session
* output:
* prompt_need -- on SASL_INTERACT, list of prompts needed to continue
* clientout -- the initial client response to send to the server
- * mech -- set to mechanism name
+ * mech -- set to mechanism name
*
* Returns:
* SASL_OK -- success
* SASL_INTERACT -- user interaction needed to fill in prompt_need list
*/
-/* xxx confirm this with rfc 2222
- * SASL mechanism allowable characters are "AZaz-_"
- * seperators can be any other characters and of any length
- * even variable lengths between
- *
- * Apps should be encouraged to simply use space or comma space
- * though
- */
int sasl_client_start(sasl_conn_t *conn,
const char *mechlist,
sasl_interact_t **prompt_need,
size_t i, list_len;
sasl_ssf_t bestssf = 0, minssf = 0;
int result, server_can_cb = 0;
- unsigned int cbindingdisp = 0;
+ unsigned int cbindingdisp;
if(_sasl_client_active==0) return SASL_NOTINIT;
if (SASL_CB_PRESENT(c_conn->cparams)) {
if (server_can_cb == 0 && SASL_CB_CRITICAL(c_conn->cparams)) {
- result = SASL_NOMECH;
+ result = SASL_BADBINDING;
goto done;
} else {
cbindingdisp = SASL_CB_DISP_WANT;
/* do a step -- but only if we can do a client-send-first */
dostep:
if(clientout) {
- if(c_conn->mech->m.plug->features & SASL_FEAT_SERVER_FIRST) {
- *clientout = NULL;
- *clientoutlen = 0;
- result = SASL_CONTINUE;
- } else {
- result = sasl_client_step(conn, NULL, 0, prompt_need,
- clientout, clientoutlen);
- }
+ if(c_conn->mech->m.plug->features & SASL_FEAT_SERVER_FIRST) {
+ *clientout = NULL;
+ *clientoutlen = 0;
+ result = SASL_CONTINUE;
+ } else {
+ result = sasl_client_step(conn, NULL, 0, prompt_need,
+ clientout, clientoutlen);
+ }
}
else
result = SASL_CONTINUE;
/* do a single authentication step.
* serverin -- the server message received by the client, MUST have a NUL
- * sentinel, not counted by serverinlen
+ * sentinel, not counted by serverinlen
* output:
* prompt_need -- on SASL_INTERACT, list of prompts needed to continue
* clientout -- the client response to send to the server
*
* returns:
- * SASL_OK -- success
+ * SASL_OK -- success
* SASL_INTERACT -- user interaction needed to fill in prompt_need list
* SASL_BADPROT -- server protocol incorrect/cancelled
* SASL_BADSERV -- server failed mutual auth
m = m->next;
}
} else {
- mech_list = strdup (c_mech_list);
+ mech_list = strdup (c_mech_list);
cur_mech = mech_list;
cur_mech = p;
}
- free (mech_list);
+ free (mech_list);
}
info_cb (NULL, SASL_INFO_LIST_END, info_cb_rock);