summaryrefslogtreecommitdiffstats
path: root/src/lib-auth/auth-client-interface.h
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 09:51:24 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 09:51:24 +0000
commitf7548d6d28c313cf80e6f3ef89aed16a19815df1 (patch)
treea3f6f2a3f247293bee59ecd28e8cd8ceb6ca064a /src/lib-auth/auth-client-interface.h
parentInitial commit. (diff)
downloaddovecot-f7548d6d28c313cf80e6f3ef89aed16a19815df1.tar.xz
dovecot-f7548d6d28c313cf80e6f3ef89aed16a19815df1.zip
Adding upstream version 1:2.3.19.1+dfsg1.upstream/1%2.3.19.1+dfsg1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/lib-auth/auth-client-interface.h')
-rw-r--r--src/lib-auth/auth-client-interface.h43
1 files changed, 43 insertions, 0 deletions
diff --git a/src/lib-auth/auth-client-interface.h b/src/lib-auth/auth-client-interface.h
new file mode 100644
index 0000000..2367a00
--- /dev/null
+++ b/src/lib-auth/auth-client-interface.h
@@ -0,0 +1,43 @@
+#ifndef AUTH_CLIENT_INTERFACE_H
+#define AUTH_CLIENT_INTERFACE_H
+
+/* Major version changes are not backwards compatible,
+ minor version numbers can be ignored. */
+#define AUTH_CLIENT_PROTOCOL_MAJOR_VERSION 1
+#define AUTH_CLIENT_PROTOCOL_MINOR_VERSION 2
+
+/* GSSAPI can use quite large packets */
+#define AUTH_CLIENT_MAX_LINE_LENGTH 16384
+
+enum mech_security_flags {
+ /* Don't advertise this as available SASL mechanism (eg. APOP) */
+ MECH_SEC_PRIVATE = 0x0001,
+ /* Anonymous authentication */
+ MECH_SEC_ANONYMOUS = 0x0002,
+ /* Transfers plaintext passwords */
+ MECH_SEC_PLAINTEXT = 0x0004,
+ /* Subject to passive (dictionary) attack */
+ MECH_SEC_DICTIONARY = 0x0008,
+ /* Subject to active (non-dictionary) attack */
+ MECH_SEC_ACTIVE = 0x0010,
+ /* Provides forward secrecy between sessions */
+ MECH_SEC_FORWARD_SECRECY = 0x0020,
+ /* Provides mutual authentication */
+ MECH_SEC_MUTUAL_AUTH = 0x0040,
+ /* Allow NULs in input data */
+ MECH_SEC_ALLOW_NULS = 0x0080,
+};
+
+/* auth failure codes */
+#define AUTH_CLIENT_FAIL_CODE_AUTHZFAILED "authz_fail"
+#define AUTH_CLIENT_FAIL_CODE_TEMPFAIL "temp_fail"
+#define AUTH_CLIENT_FAIL_CODE_USER_DISABLED "user_disabled"
+#define AUTH_CLIENT_FAIL_CODE_PASS_EXPIRED "pass_expired"
+#define AUTH_CLIENT_FAIL_CODE_INVALID_BASE64 "invalid_base64"
+
+/* not actually returned from auth service */
+#define AUTH_CLIENT_FAIL_CODE_MECH_INVALID "auth_mech_invalid"
+#define AUTH_CLIENT_FAIL_CODE_MECH_SSL_REQUIRED "auth_mech_ssl_required"
+#define AUTH_CLIENT_FAIL_CODE_ANONYMOUS_DENIED "anonymous_denied"
+
+#endif