summaryrefslogtreecommitdiffstats
path: root/src/lib-auth/auth-client.h
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib-auth/auth-client.h124
1 files changed, 124 insertions, 0 deletions
diff --git a/src/lib-auth/auth-client.h b/src/lib-auth/auth-client.h
new file mode 100644
index 0000000..917f904
--- /dev/null
+++ b/src/lib-auth/auth-client.h
@@ -0,0 +1,124 @@
+#ifndef AUTH_CLIENT_H
+#define AUTH_CLIENT_H
+
+#include "net.h"
+#include "auth-client-interface.h"
+
+struct auth_client;
+struct auth_client_request;
+
+enum auth_request_flags {
+ AUTH_REQUEST_FLAG_SECURED = 0x01,
+ AUTH_REQUEST_FLAG_VALID_CLIENT_CERT = 0x02,
+ /* Skip penalty checks for this request */
+ AUTH_REQUEST_FLAG_NO_PENALTY = 0x04,
+ /* Support final SASL response */
+ AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP = 0x08,
+ /* Enable auth_debug=yes logging for this request */
+ AUTH_REQUEST_FLAG_DEBUG = 0x10,
+ /* If TLS was used */
+ AUTH_REQUEST_FLAG_TRANSPORT_SECURITY_TLS = 0x20,
+};
+
+enum auth_request_status {
+ AUTH_REQUEST_STATUS_ABORT = -3,
+ AUTH_REQUEST_STATUS_INTERNAL_FAIL = -2,
+ AUTH_REQUEST_STATUS_FAIL = -1,
+ AUTH_REQUEST_STATUS_CONTINUE,
+ AUTH_REQUEST_STATUS_OK
+};
+
+struct auth_mech_desc {
+ char *name;
+ enum mech_security_flags flags;
+};
+
+struct auth_connect_id {
+ unsigned int server_pid;
+ unsigned int connect_uid;
+};
+
+struct auth_request_info {
+ const char *mech;
+ const char *service;
+ const char *session_id;
+ const char *cert_username;
+ const char *local_name;
+ const char *client_id;
+ const char *forward_fields;
+ ARRAY_TYPE(const_string) extra_fields;
+
+ unsigned int ssl_cipher_bits;
+ const char *ssl_cipher;
+ const char *ssl_pfs;
+ const char *ssl_protocol;
+
+ enum auth_request_flags flags;
+
+ struct ip_addr local_ip, remote_ip, real_local_ip, real_remote_ip;
+ in_port_t local_port, remote_port, real_local_port, real_remote_port;
+
+ const char *initial_resp_base64;
+};
+
+typedef void auth_request_callback_t(struct auth_client_request *request,
+ enum auth_request_status status,
+ const char *data_base64,
+ const char *const *args, void *context);
+
+typedef void auth_connect_notify_callback_t(struct auth_client *client,
+ bool connected, void *context);
+
+/* Create new authentication client. */
+struct auth_client *
+auth_client_init(const char *auth_socket_path, unsigned int client_pid,
+ bool debug);
+void auth_client_deinit(struct auth_client **client);
+
+void auth_client_connect(struct auth_client *client);
+void auth_client_disconnect(struct auth_client *client, const char *reason);
+bool auth_client_is_connected(struct auth_client *client);
+bool auth_client_is_disconnected(struct auth_client *client);
+
+void auth_client_set_connect_timeout(struct auth_client *client,
+ unsigned int msecs);
+void auth_client_set_connect_notify(struct auth_client *client,
+ auth_connect_notify_callback_t *callback,
+ void *context) ATTR_NULL(2, 3);
+const struct auth_mech_desc *
+auth_client_get_available_mechs(struct auth_client *client,
+ unsigned int *mech_count);
+const struct auth_mech_desc *
+auth_client_find_mech(struct auth_client *client, const char *name);
+
+/* Return current connection's identifiers. */
+void auth_client_get_connect_id(struct auth_client *client,
+ unsigned int *server_pid_r,
+ unsigned int *connect_uid_r);
+
+/* Create a new authentication request. callback is called whenever something
+ happens for the request. */
+struct auth_client_request *
+auth_client_request_new(struct auth_client *client,
+ const struct auth_request_info *request_info,
+ auth_request_callback_t *callback, void *context)
+ ATTR_NULL(4);
+/* Continue authentication. Call when
+ reply->result == AUTH_CLIENT_REQUEST_CONTINUE */
+void auth_client_request_continue(struct auth_client_request *request,
+ const char *data_base64);
+/* Abort ongoing authentication request. */
+void auth_client_request_abort(struct auth_client_request **request,
+ const char *reason) ATTR_NULL(2);
+/* Return ID of this request. */
+unsigned int auth_client_request_get_id(struct auth_client_request *request);
+/* Return the PID of the server that handled this request. */
+unsigned int
+auth_client_request_get_server_pid(struct auth_client_request *request);
+/* Return cookie of the server that handled this request. */
+const char *auth_client_request_get_cookie(struct auth_client_request *request);
+
+/* Tell auth process to drop specified request from memory */
+void auth_client_send_cancel(struct auth_client *client, unsigned int id);
+
+#endif