diff options
Diffstat (limited to 'src/lib-sasl')
| -rw-r--r-- | src/lib-sasl/Makefile.am | 40 | ||||
| -rw-r--r-- | src/lib-sasl/Makefile.in | 870 | ||||
| -rw-r--r-- | src/lib-sasl/dsasl-client-private.h | 45 | ||||
| -rw-r--r-- | src/lib-sasl/dsasl-client.c | 152 | ||||
| -rw-r--r-- | src/lib-sasl/dsasl-client.h | 50 | ||||
| -rw-r--r-- | src/lib-sasl/mech-external.c | 59 | ||||
| -rw-r--r-- | src/lib-sasl/mech-login.c | 75 | ||||
| -rw-r--r-- | src/lib-sasl/mech-oauthbearer.c | 201 | ||||
| -rw-r--r-- | src/lib-sasl/mech-plain.c | 70 | ||||
| -rw-r--r-- | src/lib-sasl/test-sasl-client.c | 419 |
10 files changed, 1981 insertions, 0 deletions
diff --git a/src/lib-sasl/Makefile.am b/src/lib-sasl/Makefile.am new file mode 100644 index 0000000..5017bb9 --- /dev/null +++ b/src/lib-sasl/Makefile.am @@ -0,0 +1,40 @@ +noinst_LTLIBRARIES = libsasl.la + +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/lib \ + -I$(top_srcdir)/src/lib-test + +libsasl_la_SOURCES = \ + mech-external.c \ + mech-login.c \ + mech-plain.c \ + mech-oauthbearer.c \ + dsasl-client.c + +headers = \ + dsasl-client.h \ + dsasl-client-private.h + +pkginc_libdir=$(pkgincludedir) +pkginc_lib_HEADERS = $(headers) + +test_programs = \ + test-sasl-client + +noinst_PROGRAMS = $(test_programs) + +test_libs = \ + $(noinst_LTLIBRARIES) \ + ../lib-test/libtest.la \ + ../lib/liblib.la + +test_deps = $(test_libs) + +test_sasl_client_SOURCES = test-sasl-client.c +test_sasl_client_LDADD = $(test_libs) +test_sasl_client_DEPENDENCIES = $(test_deps) + +check-local: + for bin in $(test_programs); do \ + if ! $(RUN_TEST) ./$$bin; then exit 1; fi; \ + done diff --git a/src/lib-sasl/Makefile.in b/src/lib-sasl/Makefile.in new file mode 100644 index 0000000..8c3493a --- /dev/null +++ b/src/lib-sasl/Makefile.in @@ -0,0 +1,870 @@ +# Makefile.in generated by automake 1.16.3 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2020 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + + + +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +noinst_PROGRAMS = $(am__EXEEXT_1) +subdir = src/lib-sasl +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/ac_checktype2.m4 \ + $(top_srcdir)/m4/ac_typeof.m4 $(top_srcdir)/m4/arc4random.m4 \ + $(top_srcdir)/m4/blockdev.m4 $(top_srcdir)/m4/c99_vsnprintf.m4 \ + $(top_srcdir)/m4/clock_gettime.m4 $(top_srcdir)/m4/crypt.m4 \ + $(top_srcdir)/m4/crypt_xpg6.m4 $(top_srcdir)/m4/dbqlk.m4 \ + $(top_srcdir)/m4/dirent_dtype.m4 $(top_srcdir)/m4/dovecot.m4 \ + $(top_srcdir)/m4/fd_passing.m4 $(top_srcdir)/m4/fdatasync.m4 \ + $(top_srcdir)/m4/flexible_array_member.m4 \ + $(top_srcdir)/m4/glibc.m4 $(top_srcdir)/m4/gmtime_max.m4 \ + $(top_srcdir)/m4/gmtime_tm_gmtoff.m4 \ + $(top_srcdir)/m4/ioloop.m4 $(top_srcdir)/m4/iovec.m4 \ + $(top_srcdir)/m4/ipv6.m4 $(top_srcdir)/m4/libcap.m4 \ + $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/libwrap.m4 \ + $(top_srcdir)/m4/linux_mremap.m4 $(top_srcdir)/m4/ltoptions.m4 \ + $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ + $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/mmap_write.m4 \ + $(top_srcdir)/m4/mntctl.m4 $(top_srcdir)/m4/modules.m4 \ + $(top_srcdir)/m4/notify.m4 $(top_srcdir)/m4/nsl.m4 \ + $(top_srcdir)/m4/off_t_max.m4 $(top_srcdir)/m4/pkg.m4 \ + $(top_srcdir)/m4/pr_set_dumpable.m4 \ + $(top_srcdir)/m4/q_quotactl.m4 $(top_srcdir)/m4/quota.m4 \ + $(top_srcdir)/m4/random.m4 $(top_srcdir)/m4/rlimit.m4 \ + $(top_srcdir)/m4/sendfile.m4 $(top_srcdir)/m4/size_t_signed.m4 \ + $(top_srcdir)/m4/sockpeercred.m4 $(top_srcdir)/m4/sql.m4 \ + $(top_srcdir)/m4/ssl.m4 $(top_srcdir)/m4/st_tim.m4 \ + $(top_srcdir)/m4/static_array.m4 $(top_srcdir)/m4/test_with.m4 \ + $(top_srcdir)/m4/time_t.m4 $(top_srcdir)/m4/typeof.m4 \ + $(top_srcdir)/m4/typeof_dev_t.m4 \ + $(top_srcdir)/m4/uoff_t_max.m4 $(top_srcdir)/m4/vararg.m4 \ + $(top_srcdir)/m4/want_apparmor.m4 \ + $(top_srcdir)/m4/want_bsdauth.m4 \ + $(top_srcdir)/m4/want_bzlib.m4 \ + $(top_srcdir)/m4/want_cassandra.m4 \ + $(top_srcdir)/m4/want_cdb.m4 \ + $(top_srcdir)/m4/want_checkpassword.m4 \ + $(top_srcdir)/m4/want_clucene.m4 $(top_srcdir)/m4/want_db.m4 \ + $(top_srcdir)/m4/want_gssapi.m4 $(top_srcdir)/m4/want_icu.m4 \ + $(top_srcdir)/m4/want_ldap.m4 $(top_srcdir)/m4/want_lua.m4 \ + $(top_srcdir)/m4/want_lz4.m4 $(top_srcdir)/m4/want_lzma.m4 \ + $(top_srcdir)/m4/want_mysql.m4 $(top_srcdir)/m4/want_pam.m4 \ + $(top_srcdir)/m4/want_passwd.m4 $(top_srcdir)/m4/want_pgsql.m4 \ + $(top_srcdir)/m4/want_prefetch.m4 \ + $(top_srcdir)/m4/want_shadow.m4 \ + $(top_srcdir)/m4/want_sodium.m4 $(top_srcdir)/m4/want_solr.m4 \ + $(top_srcdir)/m4/want_sqlite.m4 \ + $(top_srcdir)/m4/want_stemmer.m4 \ + $(top_srcdir)/m4/want_systemd.m4 \ + $(top_srcdir)/m4/want_textcat.m4 \ + $(top_srcdir)/m4/want_unwind.m4 $(top_srcdir)/m4/want_zlib.m4 \ + $(top_srcdir)/m4/want_zstd.m4 $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(pkginc_lib_HEADERS) \ + $(am__DIST_COMMON) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__EXEEXT_1 = test-sasl-client$(EXEEXT) +PROGRAMS = $(noinst_PROGRAMS) +LTLIBRARIES = $(noinst_LTLIBRARIES) +libsasl_la_LIBADD = +am_libsasl_la_OBJECTS = mech-external.lo mech-login.lo mech-plain.lo \ + mech-oauthbearer.lo dsasl-client.lo +libsasl_la_OBJECTS = $(am_libsasl_la_OBJECTS) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +am_test_sasl_client_OBJECTS = test-sasl-client.$(OBJEXT) +test_sasl_client_OBJECTS = $(am_test_sasl_client_OBJECTS) +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__maybe_remake_depfiles = depfiles +am__depfiles_remade = ./$(DEPDIR)/dsasl-client.Plo \ + ./$(DEPDIR)/mech-external.Plo ./$(DEPDIR)/mech-login.Plo \ + ./$(DEPDIR)/mech-oauthbearer.Plo ./$(DEPDIR)/mech-plain.Plo \ + ./$(DEPDIR)/test-sasl-client.Po +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(libsasl_la_SOURCES) $(test_sasl_client_SOURCES) +DIST_SOURCES = $(libsasl_la_SOURCES) $(test_sasl_client_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +am__installdirs = "$(DESTDIR)$(pkginc_libdir)" +HEADERS = $(pkginc_lib_HEADERS) +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +ACLOCAL_AMFLAGS = @ACLOCAL_AMFLAGS@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +APPARMOR_LIBS = @APPARMOR_LIBS@ +AR = @AR@ +AUTH_CFLAGS = @AUTH_CFLAGS@ +AUTH_LIBS = @AUTH_LIBS@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BINARY_CFLAGS = @BINARY_CFLAGS@ +BINARY_LDFLAGS = @BINARY_LDFLAGS@ +BISON = @BISON@ +CASSANDRA_CFLAGS = @CASSANDRA_CFLAGS@ +CASSANDRA_LIBS = @CASSANDRA_LIBS@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CDB_LIBS = @CDB_LIBS@ +CFLAGS = @CFLAGS@ +CLUCENE_CFLAGS = @CLUCENE_CFLAGS@ +CLUCENE_LIBS = @CLUCENE_LIBS@ +COMPRESS_LIBS = @COMPRESS_LIBS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CRYPT_LIBS = @CRYPT_LIBS@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +CXXDEPMODE = @CXXDEPMODE@ +CXXFLAGS = @CXXFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DICT_LIBS = @DICT_LIBS@ +DLLIB = @DLLIB@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +FLEX = @FLEX@ +FUZZER_CPPFLAGS = @FUZZER_CPPFLAGS@ +FUZZER_LDFLAGS = @FUZZER_LDFLAGS@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +KRB5CONFIG = @KRB5CONFIG@ +KRB5_CFLAGS = @KRB5_CFLAGS@ +KRB5_LIBS = @KRB5_LIBS@ +LD = @LD@ +LDAP_LIBS = @LDAP_LIBS@ +LDFLAGS = @LDFLAGS@ +LD_NO_WHOLE_ARCHIVE = @LD_NO_WHOLE_ARCHIVE@ +LD_WHOLE_ARCHIVE = @LD_WHOLE_ARCHIVE@ +LIBCAP = @LIBCAP@ +LIBDOVECOT = @LIBDOVECOT@ +LIBDOVECOT_COMPRESS = @LIBDOVECOT_COMPRESS@ +LIBDOVECOT_DEPS = @LIBDOVECOT_DEPS@ +LIBDOVECOT_DSYNC = @LIBDOVECOT_DSYNC@ +LIBDOVECOT_LA_LIBS = @LIBDOVECOT_LA_LIBS@ +LIBDOVECOT_LDA = @LIBDOVECOT_LDA@ +LIBDOVECOT_LDAP = @LIBDOVECOT_LDAP@ +LIBDOVECOT_LIBFTS = @LIBDOVECOT_LIBFTS@ +LIBDOVECOT_LIBFTS_DEPS = @LIBDOVECOT_LIBFTS_DEPS@ +LIBDOVECOT_LOGIN = @LIBDOVECOT_LOGIN@ +LIBDOVECOT_LUA = @LIBDOVECOT_LUA@ +LIBDOVECOT_LUA_DEPS = @LIBDOVECOT_LUA_DEPS@ +LIBDOVECOT_SQL = @LIBDOVECOT_SQL@ +LIBDOVECOT_STORAGE = @LIBDOVECOT_STORAGE@ +LIBDOVECOT_STORAGE_DEPS = @LIBDOVECOT_STORAGE_DEPS@ +LIBEXTTEXTCAT_CFLAGS = @LIBEXTTEXTCAT_CFLAGS@ +LIBEXTTEXTCAT_LIBS = @LIBEXTTEXTCAT_LIBS@ +LIBICONV = @LIBICONV@ +LIBICU_CFLAGS = @LIBICU_CFLAGS@ +LIBICU_LIBS = @LIBICU_LIBS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBSODIUM_CFLAGS = @LIBSODIUM_CFLAGS@ +LIBSODIUM_LIBS = @LIBSODIUM_LIBS@ +LIBTIRPC_CFLAGS = @LIBTIRPC_CFLAGS@ +LIBTIRPC_LIBS = @LIBTIRPC_LIBS@ +LIBTOOL = @LIBTOOL@ +LIBUNWIND_CFLAGS = @LIBUNWIND_CFLAGS@ +LIBUNWIND_LIBS = @LIBUNWIND_LIBS@ +LIBWRAP_LIBS = @LIBWRAP_LIBS@ +LINKED_STORAGE_LDADD = @LINKED_STORAGE_LDADD@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBICONV = @LTLIBICONV@ +LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ +LUA_CFLAGS = @LUA_CFLAGS@ +LUA_LIBS = @LUA_LIBS@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MODULE_LIBS = @MODULE_LIBS@ +MODULE_SUFFIX = @MODULE_SUFFIX@ +MYSQL_CFLAGS = @MYSQL_CFLAGS@ +MYSQL_CONFIG = @MYSQL_CONFIG@ +MYSQL_LIBS = @MYSQL_LIBS@ +NM = @NM@ +NMEDIT = @NMEDIT@ +NOPLUGIN_LDFLAGS = @NOPLUGIN_LDFLAGS@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PANDOC = @PANDOC@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PGSQL_CFLAGS = @PGSQL_CFLAGS@ +PGSQL_LIBS = @PGSQL_LIBS@ +PG_CONFIG = @PG_CONFIG@ +PIE_CFLAGS = @PIE_CFLAGS@ +PIE_LDFLAGS = @PIE_LDFLAGS@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +QUOTA_LIBS = @QUOTA_LIBS@ +RANLIB = @RANLIB@ +RELRO_LDFLAGS = @RELRO_LDFLAGS@ +RPCGEN = @RPCGEN@ +RUN_TEST = @RUN_TEST@ +SED = @SED@ +SETTING_FILES = @SETTING_FILES@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SQLITE_CFLAGS = @SQLITE_CFLAGS@ +SQLITE_LIBS = @SQLITE_LIBS@ +SQL_CFLAGS = @SQL_CFLAGS@ +SQL_LIBS = @SQL_LIBS@ +SSL_CFLAGS = @SSL_CFLAGS@ +SSL_LIBS = @SSL_LIBS@ +STRIP = @STRIP@ +SYSTEMD_CFLAGS = @SYSTEMD_CFLAGS@ +SYSTEMD_LIBS = @SYSTEMD_LIBS@ +VALGRIND = @VALGRIND@ +VERSION = @VERSION@ +ZSTD_CFLAGS = @ZSTD_CFLAGS@ +ZSTD_LIBS = @ZSTD_LIBS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_CXX = @ac_ct_CXX@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +dict_drivers = @dict_drivers@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +moduledir = @moduledir@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +rundir = @rundir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sql_drivers = @sql_drivers@ +srcdir = @srcdir@ +ssldir = @ssldir@ +statedir = @statedir@ +sysconfdir = @sysconfdir@ +systemdservicetype = @systemdservicetype@ +systemdsystemunitdir = @systemdsystemunitdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +noinst_LTLIBRARIES = libsasl.la +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/lib \ + -I$(top_srcdir)/src/lib-test + +libsasl_la_SOURCES = \ + mech-external.c \ + mech-login.c \ + mech-plain.c \ + mech-oauthbearer.c \ + dsasl-client.c + +headers = \ + dsasl-client.h \ + dsasl-client-private.h + +pkginc_libdir = $(pkgincludedir) +pkginc_lib_HEADERS = $(headers) +test_programs = \ + test-sasl-client + +test_libs = \ + $(noinst_LTLIBRARIES) \ + ../lib-test/libtest.la \ + ../lib/liblib.la + +test_deps = $(test_libs) +test_sasl_client_SOURCES = test-sasl-client.c +test_sasl_client_LDADD = $(test_libs) +test_sasl_client_DEPENDENCIES = $(test_deps) +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/lib-sasl/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/lib-sasl/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstPROGRAMS: + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +libsasl.la: $(libsasl_la_OBJECTS) $(libsasl_la_DEPENDENCIES) $(EXTRA_libsasl_la_DEPENDENCIES) + $(AM_V_CCLD)$(LINK) $(libsasl_la_OBJECTS) $(libsasl_la_LIBADD) $(LIBS) + +test-sasl-client$(EXEEXT): $(test_sasl_client_OBJECTS) $(test_sasl_client_DEPENDENCIES) $(EXTRA_test_sasl_client_DEPENDENCIES) + @rm -f test-sasl-client$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(test_sasl_client_OBJECTS) $(test_sasl_client_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dsasl-client.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mech-external.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mech-login.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mech-oauthbearer.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mech-plain.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test-sasl-client.Po@am__quote@ # am--include-marker + +$(am__depfiles_remade): + @$(MKDIR_P) $(@D) + @echo '# dummy' >$@-t && $(am__mv) $@-t $@ + +am--depfiles: $(am__depfiles_remade) + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-pkginc_libHEADERS: $(pkginc_lib_HEADERS) + @$(NORMAL_INSTALL) + @list='$(pkginc_lib_HEADERS)'; test -n "$(pkginc_libdir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(pkginc_libdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(pkginc_libdir)" || exit 1; \ + fi; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(pkginc_libdir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(pkginc_libdir)" || exit $$?; \ + done + +uninstall-pkginc_libHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(pkginc_lib_HEADERS)'; test -n "$(pkginc_libdir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + dir='$(DESTDIR)$(pkginc_libdir)'; $(am__uninstall_files_from_dir) + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) distdir-am + +distdir-am: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +all-am: Makefile $(PROGRAMS) $(LTLIBRARIES) $(HEADERS) +installdirs: + for dir in "$(DESTDIR)$(pkginc_libdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-noinstPROGRAMS mostlyclean-am + +distclean: distclean-am + -rm -f ./$(DEPDIR)/dsasl-client.Plo + -rm -f ./$(DEPDIR)/mech-external.Plo + -rm -f ./$(DEPDIR)/mech-login.Plo + -rm -f ./$(DEPDIR)/mech-oauthbearer.Plo + -rm -f ./$(DEPDIR)/mech-plain.Plo + -rm -f ./$(DEPDIR)/test-sasl-client.Po + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-pkginc_libHEADERS + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -f ./$(DEPDIR)/dsasl-client.Plo + -rm -f ./$(DEPDIR)/mech-external.Plo + -rm -f ./$(DEPDIR)/mech-login.Plo + -rm -f ./$(DEPDIR)/mech-oauthbearer.Plo + -rm -f ./$(DEPDIR)/mech-plain.Plo + -rm -f ./$(DEPDIR)/test-sasl-client.Po + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pkginc_libHEADERS + +.MAKE: check-am install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am \ + check-local clean clean-generic clean-libtool \ + clean-noinstLTLIBRARIES clean-noinstPROGRAMS cscopelist-am \ + ctags ctags-am distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-pkginc_libHEADERS install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \ + uninstall-pkginc_libHEADERS + +.PRECIOUS: Makefile + + +check-local: + for bin in $(test_programs); do \ + if ! $(RUN_TEST) ./$$bin; then exit 1; fi; \ + done + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/lib-sasl/dsasl-client-private.h b/src/lib-sasl/dsasl-client-private.h new file mode 100644 index 0000000..65b86f7 --- /dev/null +++ b/src/lib-sasl/dsasl-client-private.h @@ -0,0 +1,45 @@ +#ifndef DSASL_CLIENT_PRIVATE_H +#define DSASL_CLIENT_PRIVATE_H + +#include "dsasl-client.h" + +enum dsasl_mech_security_flags { + DSASL_MECH_SEC_ALLOW_NULS = 0x0001, +}; + +struct dsasl_client { + pool_t pool; + struct dsasl_client_settings set; + char *password; + const struct dsasl_client_mech *mech; +}; + +struct dsasl_client_mech { + const char *name; + size_t struct_size; + enum dsasl_mech_security_flags flags; + + int (*input)(struct dsasl_client *client, + const unsigned char *input, size_t input_len, + const char **error_r); + int (*output)(struct dsasl_client *client, + const unsigned char **output_r, size_t *output_len_r, + const char **error_r); + int (*set_parameter)(struct dsasl_client *client, + const char *key, const char *value, + const char **error_r); + int (*get_result)(struct dsasl_client *client, + const char *key, const char **value_r, + const char **error_r); + void (*free)(struct dsasl_client *client); +}; + +extern const struct dsasl_client_mech dsasl_client_mech_external; +extern const struct dsasl_client_mech dsasl_client_mech_login; +extern const struct dsasl_client_mech dsasl_client_mech_oauthbearer; +extern const struct dsasl_client_mech dsasl_client_mech_xoauth2; + +void dsasl_client_mech_register(const struct dsasl_client_mech *mech); +void dsasl_client_mech_unregister(const struct dsasl_client_mech *mech); + +#endif diff --git a/src/lib-sasl/dsasl-client.c b/src/lib-sasl/dsasl-client.c new file mode 100644 index 0000000..bf11d5c --- /dev/null +++ b/src/lib-sasl/dsasl-client.c @@ -0,0 +1,152 @@ +/* Copyright (c) 2013-2018 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "array.h" +#include "safe-memset.h" +#include "dsasl-client-private.h" + +static int init_refcount = 0; +static ARRAY(const struct dsasl_client_mech *) dsasl_mechanisms = ARRAY_INIT; + +static const struct dsasl_client_mech * +dsasl_client_mech_find_idx(const char *name, unsigned int *idx_r) +{ + const struct dsasl_client_mech *const *mechp; + + array_foreach(&dsasl_mechanisms, mechp) { + if (strcasecmp((*mechp)->name, name) == 0) { + *idx_r = array_foreach_idx(&dsasl_mechanisms, mechp); + return *mechp; + } + } + return NULL; +} + +const struct dsasl_client_mech *dsasl_client_mech_find(const char *name) +{ + unsigned int idx; + + return dsasl_client_mech_find_idx(name, &idx); +} + +const char *dsasl_client_mech_get_name(const struct dsasl_client_mech *mech) +{ + return mech->name; +} + +void dsasl_client_mech_register(const struct dsasl_client_mech *mech) +{ + unsigned int idx; + + if (dsasl_client_mech_find_idx(mech->name, &idx) != NULL) { + /* allow plugins to override the default mechanisms */ + array_delete(&dsasl_mechanisms, idx, 1); + } + array_push_back(&dsasl_mechanisms, &mech); +} + +void dsasl_client_mech_unregister(const struct dsasl_client_mech *mech) +{ + unsigned int idx; + + if (dsasl_client_mech_find_idx(mech->name, &idx) == NULL) + i_panic("SASL mechanism not registered: %s", mech->name); + array_delete(&dsasl_mechanisms, idx, 1); +} + +struct dsasl_client *dsasl_client_new(const struct dsasl_client_mech *mech, + const struct dsasl_client_settings *set) +{ + struct dsasl_client *client; + pool_t pool = pool_alloconly_create("sasl client", 512); + + client = p_malloc(pool, mech->struct_size); + client->pool = pool; + client->mech = mech; + client->set.authid = p_strdup(pool, set->authid); + client->set.authzid = p_strdup(pool, set->authzid); + client->password = p_strdup(pool, set->password); + client->set.password = client->password; + return client; +} + +void dsasl_client_free(struct dsasl_client **_client) +{ + struct dsasl_client *client = *_client; + + if (client == NULL) + return; + *_client = NULL; + + if (client->mech->free != NULL) + client->mech->free(client); + if (client->password != NULL) + safe_memset(client->password, 0, strlen(client->password)); + pool_unref(&client->pool); +} + +int dsasl_client_input(struct dsasl_client *client, + const unsigned char *input, size_t input_len, + const char **error_r) +{ + if ((client->mech->flags & DSASL_MECH_SEC_ALLOW_NULS) == 0 && + memchr(input, '\0', input_len) != NULL) { + *error_r = "Unexpected NUL in input data"; + return -1; + } + return client->mech->input(client, input, input_len, error_r); +} + +int dsasl_client_output(struct dsasl_client *client, + const unsigned char **output_r, size_t *output_len_r, + const char **error_r) +{ + return client->mech->output(client, output_r, output_len_r, error_r); +} + +int dsasl_client_set_parameter(struct dsasl_client *client, + const char *param, const char *value, + const char **error_r) +{ + if (client->mech->set_parameter != NULL) { + int ret = client->mech->set_parameter(client, param, + value, error_r); + i_assert(ret >= 0 || *error_r != NULL); + return ret; + } else + return 0; +} + +int dsasl_client_get_result(struct dsasl_client *client, + const char *key, const char **value_r, + const char **error_r) +{ + if (client->mech->get_result != NULL) { + int ret = + client->mech->get_result(client, key, value_r, error_r); + i_assert(ret <= 0 || *value_r != NULL); + i_assert(ret >= 0 || *error_r != NULL); + return ret; + } else + return 0; +} + +void dsasl_clients_init(void) +{ + if (init_refcount++ > 0) + return; + + i_array_init(&dsasl_mechanisms, 8); + dsasl_client_mech_register(&dsasl_client_mech_external); + dsasl_client_mech_register(&dsasl_client_mech_plain); + dsasl_client_mech_register(&dsasl_client_mech_login); + dsasl_client_mech_register(&dsasl_client_mech_oauthbearer); + dsasl_client_mech_register(&dsasl_client_mech_xoauth2); +} + +void dsasl_clients_deinit(void) +{ + if (--init_refcount > 0) + return; + array_free(&dsasl_mechanisms); +} diff --git a/src/lib-sasl/dsasl-client.h b/src/lib-sasl/dsasl-client.h new file mode 100644 index 0000000..999008d --- /dev/null +++ b/src/lib-sasl/dsasl-client.h @@ -0,0 +1,50 @@ +#ifndef DSASL_CLIENT_H +#define DSASL_CLIENT_H + +struct dsasl_client_settings { + /* authentication ID - must be set with most mechanisms */ + const char *authid; + /* authorization ID (who to log in as, if authentication ID is a + master user) */ + const char *authzid; + /* password - must be set with most mechanisms */ + const char *password; +}; + +/* PLAIN mechanism always exists and can be accessed directly via this. */ +extern const struct dsasl_client_mech dsasl_client_mech_plain; + +const struct dsasl_client_mech *dsasl_client_mech_find(const char *name); +const char *dsasl_client_mech_get_name(const struct dsasl_client_mech *mech); + +struct dsasl_client *dsasl_client_new(const struct dsasl_client_mech *mech, + const struct dsasl_client_settings *set); +void dsasl_client_free(struct dsasl_client **client); + +/* Call for server input. */ +int dsasl_client_input(struct dsasl_client *client, + const unsigned char *input, size_t input_len, + const char **error_r); +/* Call for getting server output. Also used to get the initial SASL response + if supported by the protocol. */ +int dsasl_client_output(struct dsasl_client *client, + const unsigned char **output_r, size_t *output_len_r, + const char **error_r); + +/* Call for setting extra parameters for authentication, these are mechanism + dependent. -1 = error, 0 = not found, 1 = ok + value can be NULL. */ +int dsasl_client_set_parameter(struct dsasl_client *client, + const char *param, const char *value, + const char **error_r) ATTR_NULL(3); + +/* Call for getting extra result information. + -1 = error, 0 = not found, 1 = ok */ +int dsasl_client_get_result(struct dsasl_client *client, + const char *key, const char **value_r, + const char **error_r); + +void dsasl_clients_init(void); +void dsasl_clients_deinit(void); + +#endif diff --git a/src/lib-sasl/mech-external.c b/src/lib-sasl/mech-external.c new file mode 100644 index 0000000..7df94b4 --- /dev/null +++ b/src/lib-sasl/mech-external.c @@ -0,0 +1,59 @@ +/* Copyright (c) 2016-2018 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "dsasl-client-private.h" + +struct external_dsasl_client { + struct dsasl_client client; + bool output_sent; +}; + +static int +mech_external_input(struct dsasl_client *_client, + const unsigned char *input ATTR_UNUSED, size_t input_len, + const char **error_r) +{ + struct external_dsasl_client *client = + (struct external_dsasl_client *)_client; + + if (!client->output_sent) { + if (input_len > 0) { + *error_r = "Server sent non-empty initial response"; + return -1; + } + } else { + *error_r = "Server didn't finish authentication"; + return -1; + } + return 0; +} + +static int +mech_external_output(struct dsasl_client *_client, + const unsigned char **output_r, size_t *output_len_r, + const char **error_r ATTR_UNUSED) +{ + struct external_dsasl_client *client = + (struct external_dsasl_client *)_client; + const char *username; + + if (_client->set.authzid != NULL) + username = _client->set.authzid; + else if (_client->set.authid != NULL) + username = _client->set.authid; + else + username = ""; + + *output_r = (const void *)username; + *output_len_r = strlen(username); + client->output_sent = TRUE; + return 0; +} + +const struct dsasl_client_mech dsasl_client_mech_external = { + .name = "EXTERNAL", + .struct_size = sizeof(struct external_dsasl_client), + + .input = mech_external_input, + .output = mech_external_output +}; diff --git a/src/lib-sasl/mech-login.c b/src/lib-sasl/mech-login.c new file mode 100644 index 0000000..83714f1 --- /dev/null +++ b/src/lib-sasl/mech-login.c @@ -0,0 +1,75 @@ +/* Copyright (c) 2013-2018 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "str.h" +#include "dsasl-client-private.h" + +enum login_state { + STATE_INIT = 0, + STATE_USER, + STATE_PASS +}; + +struct login_dsasl_client { + struct dsasl_client client; + enum login_state state; +}; + +static int +mech_login_input(struct dsasl_client *_client, + const unsigned char *input ATTR_UNUSED, + size_t input_len ATTR_UNUSED, + const char **error_r) +{ + struct login_dsasl_client *client = + (struct login_dsasl_client *)_client; + + if (client->state == STATE_PASS) { + *error_r = "Server didn't finish authentication"; + return -1; + } + client->state++; + return 0; +} + +static int +mech_login_output(struct dsasl_client *_client, + const unsigned char **output_r, size_t *output_len_r, + const char **error_r) +{ + struct login_dsasl_client *client = + (struct login_dsasl_client *)_client; + + if (_client->set.authid == NULL) { + *error_r = "authid not set"; + return -1; + } + if (_client->password == NULL) { + *error_r = "password not set"; + return -1; + } + + switch (client->state) { + case STATE_INIT: + *output_r = uchar_empty_ptr; + *output_len_r = 0; + return 0; + case STATE_USER: + *output_r = (const unsigned char *)_client->set.authid; + *output_len_r = strlen(_client->set.authid); + return 0; + case STATE_PASS: + *output_r = (const unsigned char *)_client->set.password; + *output_len_r = strlen(_client->set.password); + return 0; + } + i_unreached(); +} + +const struct dsasl_client_mech dsasl_client_mech_login = { + .name = "LOGIN", + .struct_size = sizeof(struct login_dsasl_client), + + .input = mech_login_input, + .output = mech_login_output +}; diff --git a/src/lib-sasl/mech-oauthbearer.c b/src/lib-sasl/mech-oauthbearer.c new file mode 100644 index 0000000..62ec6bc --- /dev/null +++ b/src/lib-sasl/mech-oauthbearer.c @@ -0,0 +1,201 @@ +/* Copyright (c) 2017-2018 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "str.h" +#include "net.h" +#include "json-parser.h" +#include "istream.h" +#include "dsasl-client-private.h" + +struct oauthbearer_dsasl_client { + struct dsasl_client client; + const char *host; + const char *status; + in_port_t port; + bool output_sent; +}; + +static int +mech_oauthbearer_input(struct dsasl_client *_client, + const unsigned char *input, size_t input_len, + const char **error_r) +{ + struct oauthbearer_dsasl_client *client = + (struct oauthbearer_dsasl_client *)_client; + + if (!client->output_sent) { + if (input_len > 0) { + *error_r = "Server sent non-empty initial response"; + return -1; + } + } else { + client->status = ""; + /* if response is empty, authentication has *SUCCEEDED* */ + if (input_len == 0) + return 0; + + /* authentication has failed, try parse status. + we are only interested in extracting status if possible + so we don't really need to much error handling. */ + struct istream *is = i_stream_create_from_data(input, input_len); + const char *status = NULL, *value; + const char *error = NULL; + enum json_type jtype; + bool found_status = FALSE; + struct json_parser *parser = json_parser_init(is); + while (json_parse_next(parser, &jtype, &value)>0) { + if (found_status && status == NULL) { + if (jtype == JSON_TYPE_STRING || + jtype == JSON_TYPE_NUMBER) + status = t_strdup(value); + break; + } else if (jtype == JSON_TYPE_OBJECT_KEY && + strcmp(value, "status") == 0) { + found_status = TRUE; + } else json_parse_skip_next(parser); + } + + /* deinitialize json parser */ + int ret = json_parser_deinit(&parser, &error); + i_stream_unref(&is); + + if (status != NULL) + client->status = p_strdup(_client->pool, status); + else { + ret = -1; + if (error == NULL) + error = "Status value missing"; + } + if (ret < 0) + *error_r = t_strdup_printf("Error parsing JSON reply: %s", + error); + else + *error_r = t_strdup_printf("Failed to authenticate: %s", + client->status); + return -1; + } + return 0; +} + +static int +mech_oauthbearer_output(struct dsasl_client *_client, + const unsigned char **output_r, size_t *output_len_r, + const char **error_r) +{ + struct oauthbearer_dsasl_client *client = + (struct oauthbearer_dsasl_client *)_client; + string_t *str; + + if (_client->set.authid == NULL) { + *error_r = "authid not set"; + return -1; + } + if (_client->password == NULL) { + *error_r = "password not set"; + return -1; + } + + str = str_new(_client->pool, 64); + + str_printfa(str, "n,a=%s,\x01", _client->set.authid); + if (client->host != NULL && *client->host != '\0') + str_printfa(str, "host=%s\x01", client->host); + if (client->port > 0) + str_printfa(str, "port=%u\x01", client->port); + str_printfa(str, "auth=Bearer %s\x01", _client->password); + str_append_c(str, '\x01'); + + *output_r = str_data(str); + *output_len_r = str_len(str); + client->output_sent = TRUE; + return 0; +} + +static int +mech_xoauth2_output(struct dsasl_client *_client, + const unsigned char **output_r, size_t *output_len_r, + const char **error_r) +{ + struct oauthbearer_dsasl_client *client = + (struct oauthbearer_dsasl_client *)_client; + string_t *str; + + if (_client->set.authid == NULL) { + *error_r = "authid not set"; + return -1; + } + if (_client->password == NULL) { + *error_r = "password not set"; + return -1; + } + + str = str_new(_client->pool, 64); + + str_printfa(str, "user=%s\x01", _client->set.authid); + str_printfa(str, "auth=Bearer %s\x01", _client->password); + str_append_c(str, '\x01'); + + *output_r = str_data(str); + *output_len_r = str_len(str); + client->output_sent = TRUE; + return 0; +} + +static int +mech_oauthbearer_set_parameter(struct dsasl_client *_client, const char *key, + const char *value, const char **error_r) +{ + struct oauthbearer_dsasl_client *client = + (struct oauthbearer_dsasl_client *)_client; + if (strcmp(key, "host") == 0) { + if (value != NULL) + client->host = p_strdup(_client->pool, value); + else + client->host = NULL; + return 1; + } else if (strcmp(key, "port") == 0) { + if (value == NULL) { + client->port = 0; + } else if (net_str2port(value, &client->port) < 0) { + *error_r = "Invalid port value"; + return -1; + } + return 1; + } + return 0; +} + +static int +mech_oauthbearer_get_result(struct dsasl_client *_client, const char *key, + const char **value_r, const char **error_r ATTR_UNUSED) +{ + struct oauthbearer_dsasl_client *client = + (struct oauthbearer_dsasl_client *)_client; + if (strcmp(key, "status") == 0) { + /* this is set to value after login attempt */ + i_assert(client->status != NULL); + *value_r = client->status; + return 1; + } + return 0; +} + +const struct dsasl_client_mech dsasl_client_mech_oauthbearer = { + .name = "OAUTHBEARER", + .struct_size = sizeof(struct oauthbearer_dsasl_client), + + .input = mech_oauthbearer_input, + .output = mech_oauthbearer_output, + .set_parameter = mech_oauthbearer_set_parameter, + .get_result = mech_oauthbearer_get_result, +}; + +const struct dsasl_client_mech dsasl_client_mech_xoauth2 = { + .name = "XOAUTH2", + .struct_size = sizeof(struct oauthbearer_dsasl_client), + + .input = mech_oauthbearer_input, + .output = mech_xoauth2_output, + .set_parameter = mech_oauthbearer_set_parameter, + .get_result = mech_oauthbearer_get_result, +}; diff --git a/src/lib-sasl/mech-plain.c b/src/lib-sasl/mech-plain.c new file mode 100644 index 0000000..432fa1f --- /dev/null +++ b/src/lib-sasl/mech-plain.c @@ -0,0 +1,70 @@ +/* Copyright (c) 2013-2018 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "str.h" +#include "dsasl-client-private.h" + +struct plain_dsasl_client { + struct dsasl_client client; + bool output_sent; +}; + +static int +mech_plain_input(struct dsasl_client *_client, + const unsigned char *input ATTR_UNUSED, size_t input_len, + const char **error_r) +{ + struct plain_dsasl_client *client = + (struct plain_dsasl_client *)_client; + + if (!client->output_sent) { + if (input_len > 0) { + *error_r = "Server sent non-empty initial response"; + return -1; + } + } else { + *error_r = "Server didn't finish authentication"; + return -1; + } + return 0; +} + +static int +mech_plain_output(struct dsasl_client *_client, + const unsigned char **output_r, size_t *output_len_r, + const char **error_r) +{ + struct plain_dsasl_client *client = + (struct plain_dsasl_client *)_client; + string_t *str; + + if (_client->set.authid == NULL) { + *error_r = "authid not set"; + return -1; + } + if (_client->password == NULL) { + *error_r = "password not set"; + return -1; + } + + str = str_new(_client->pool, 64); + if (_client->set.authzid != NULL) + str_append(str, _client->set.authzid); + str_append_c(str, '\0'); + str_append(str, _client->set.authid); + str_append_c(str, '\0'); + str_append(str, _client->password); + + *output_r = str_data(str); + *output_len_r = str_len(str); + client->output_sent = TRUE; + return 0; +} + +const struct dsasl_client_mech dsasl_client_mech_plain = { + .name = "PLAIN", + .struct_size = sizeof(struct plain_dsasl_client), + + .input = mech_plain_input, + .output = mech_plain_output +}; diff --git a/src/lib-sasl/test-sasl-client.c b/src/lib-sasl/test-sasl-client.c new file mode 100644 index 0000000..05b65f2 --- /dev/null +++ b/src/lib-sasl/test-sasl-client.c @@ -0,0 +1,419 @@ +#include "lib.h" +#include "str.h" +#include "strfuncs.h" +#include "test-common.h" +#include "dsasl-client.h" + +static const struct dsasl_client_settings sasl_empty_set = { + .authid = NULL, +}; + +static const struct dsasl_client_settings sasl_no_password_set = { + .authid = "testuser", +}; + +static const struct dsasl_client_settings sasl_set = { + .authid = "testuser", + .password = "testpassword" +}; + +static const struct dsasl_client_settings sasl_master_set = { + .authzid = "testuser", + .authid = "masteruser", + .password = "masterpassword" +}; + +static void test_sasl_client_login(void) +{ + const char *error; + test_begin("sasl client LOGIN"); + const struct dsasl_client_mech *mech = dsasl_client_mech_find("login"); + i_assert(mech != NULL); + struct dsasl_client *client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + string_t *input = t_str_new(64); + string_t *output_s = t_str_new(64); + const unsigned char *output; + size_t olen; + + /* parameters shouldn't work (test here for completeness) */ + test_assert(dsasl_client_set_parameter(client, "parameter", "value", &error) == 0); + + /* Any input is valid */ + str_append(input, "Username:"); + test_assert(dsasl_client_input(client, input->data, input->used, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + /* see what we got */ + str_append_data(output_s, output, olen); + test_assert_strcmp(str_c(output_s), "testuser"); + + str_truncate(input, 0); + str_truncate(output_s, 0); + + str_append(input, "Password:"); + test_assert(dsasl_client_input(client, input->data, input->used, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + str_append_data(output_s, output, olen); + test_assert_strcmp(str_c(output_s), "testpassword"); + + /* there should be no results to collect, we can reuse error here */ + test_assert(dsasl_client_get_result(client, "parameter", &error, &error) == 0); + + dsasl_client_free(&client); + test_assert(client == NULL); + + /* server sends input after password */ + client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == -1); + test_assert_strcmp(error, "Server didn't finish authentication"); + + dsasl_client_free(&client); + + /* missing username & password */ + client = dsasl_client_new(mech, &sasl_empty_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == -1); + test_assert_strcmp(error, "authid not set"); + dsasl_client_free(&client); + + /* missing password */ + client = dsasl_client_new(mech, &sasl_no_password_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == -1); + test_assert_strcmp(error, "password not set"); + dsasl_client_free(&client); + + /* unexpected NUL byte in input */ + client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + str_truncate(input, 0); + str_append_data(input, "unexpected\0", 11); + test_assert(dsasl_client_input(client, input->data, input->used, &error) == -1); + test_assert_strcmp(error, "Unexpected NUL in input data"); + dsasl_client_free(&client); + + test_end(); +} + +static void test_sasl_client_plain(void) +{ + const char *error; + test_begin("sasl client PLAIN"); + const struct dsasl_client_mech *mech = dsasl_client_mech_find("plain"); + i_assert(mech != NULL); + struct dsasl_client *client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + const unsigned char *output; + size_t olen; + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + const unsigned char expected[] = "\0testuser\0testpassword"; + /* there is no NUL byte at the end */ + test_assert(olen == sizeof(expected) - 1); + test_assert(memcmp(output, expected, I_MIN(sizeof(expected) - 1, olen)) == 0); + + dsasl_client_free(&client); + test_assert(client == NULL); + + client = dsasl_client_new(mech, &sasl_master_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + const unsigned char expected_master[] = + "testuser\0masteruser\0masterpassword"; + /* there is no NUL byte at the end */ + test_assert(olen == sizeof(expected_master) - 1); + test_assert(memcmp(output, expected_master, + I_MIN(sizeof(expected_master) - 1, olen)) == 0); + + dsasl_client_free(&client); + + /* unexpected initial response */ + const unsigned char input[] = "ir"; + client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + test_assert(dsasl_client_input(client, input, sizeof(input)-1, &error) == -1); + test_assert_strcmp(error, "Server sent non-empty initial response"); + + dsasl_client_free(&client); + + /* server sends input after response */ + client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == -1); + test_assert_strcmp(error, "Server didn't finish authentication"); + + dsasl_client_free(&client); + + /* missing username & password */ + client = dsasl_client_new(mech, &sasl_empty_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == -1); + test_assert_strcmp(error, "authid not set"); + dsasl_client_free(&client); + + /* missing password */ + client = dsasl_client_new(mech, &sasl_no_password_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == -1); + test_assert_strcmp(error, "password not set"); + dsasl_client_free(&client); + + /* unexpected NUL byte in input */ + client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + const unsigned char input2[] = "unexpected\0"; + test_assert(dsasl_client_input(client, input2, sizeof(input2), &error) == -1); + test_assert_strcmp(error, "Unexpected NUL in input data"); + dsasl_client_free(&client); + + test_end(); +} + +static void test_sasl_client_external(void) +{ + const char *error; + test_begin("sasl client EXTERNAL"); + const struct dsasl_client_mech *mech = dsasl_client_mech_find("external"); + i_assert(mech != NULL); + struct dsasl_client *client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + const unsigned char *output; + size_t olen; + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + const unsigned char expected[] = "testuser"; + /* there is no NUL byte at the end */ + test_assert(olen == sizeof(expected) - 1); + test_assert(memcmp(output, expected, I_MIN(sizeof(expected) - 1, olen)) == 0); + + dsasl_client_free(&client); + test_assert(client == NULL); + + client = dsasl_client_new(mech, &sasl_master_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + const unsigned char expected_master[] = "testuser"; + /* there is no NUL byte at the end */ + test_assert(olen == sizeof(expected_master) - 1); + test_assert(memcmp(output, expected_master, + I_MIN(sizeof(expected_master) - 1, olen)) == 0); + + dsasl_client_free(&client); + + /* unexpected NUL byte in input */ + client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + const unsigned char input2[] = "unexpected\0"; + test_assert(dsasl_client_input(client, input2, sizeof(input2), &error) == -1); + test_assert_strcmp(error, "Unexpected NUL in input data"); + dsasl_client_free(&client); + + test_end(); +} + +static void test_sasl_client_oauthbearer(void) +{ + const char *error; + const char *value; + test_begin("sasl client OAUTHBEARER"); + const struct dsasl_client_mech *mech = dsasl_client_mech_find("oauthbearer"); + i_assert(mech != NULL); + struct dsasl_client *client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + string_t *input = t_str_new(64); + const unsigned char *output; + size_t olen; + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + + const unsigned char expected[] = "n,a=testuser,\1" + "auth=Bearer testpassword\1\1"; + /* there is no NUL byte at the end */ + test_assert(olen == sizeof(expected) - 1); + test_assert(memcmp(output, expected, I_MIN(sizeof(expected) - 1, olen)) == 0); + test_assert(dsasl_client_get_result(client, "status", &value, &error) == 1); + test_assert_strcmp(value, ""); + + dsasl_client_free(&client); + test_assert(client == NULL); + + /* with host & port set */ + client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + test_assert(dsasl_client_set_parameter(client, "host", "example.com", &error) == 1); + test_assert(dsasl_client_set_parameter(client, "port", "imap", &error) == -1); + test_assert_strcmp(error, "Invalid port value"); + test_assert(dsasl_client_set_parameter(client, "port", "143", &error) == 1); + test_assert(dsasl_client_set_parameter(client, "unknown", "value", &error) == 0); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + + const unsigned char expected_h_p[] = "n,a=testuser,\1" + "host=example.com\1" + "port=143\1" + "auth=Bearer testpassword\1\1"; + /* there is no NUL byte at the end */ + test_assert(olen == sizeof(expected_h_p) - 1); + test_assert(memcmp(output, expected_h_p, + I_MIN(sizeof(expected_h_p) - 1, olen)) == 0); + + dsasl_client_free(&client); + test_assert(client == NULL); + + client = dsasl_client_new(mech, &sasl_set); + /* test error response */ + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + str_append(input, "{\"status\":\"401\",\"schemes\":\"bearer\",\"scope\":\"mail\"}"); + test_assert(dsasl_client_input(client, input->data, input->used, &error) == -1); + test_assert_strcmp(error, "Failed to authenticate: 401"); + test_assert(dsasl_client_get_result(client, "status", &value, &error) == 1); + test_assert_strcmp(value, "401"); + + dsasl_client_free(&client); + + /* missing username & password */ + client = dsasl_client_new(mech, &sasl_empty_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == -1); + test_assert_strcmp(error, "authid not set"); + dsasl_client_free(&client); + + /* missing password */ + client = dsasl_client_new(mech, &sasl_no_password_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == -1); + test_assert_strcmp(error, "password not set"); + dsasl_client_free(&client); + + /* unexpected NUL byte in input */ + client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + const unsigned char input2[] = "unexpected\0"; + test_assert(dsasl_client_input(client, input2, sizeof(input2), &error) == -1); + test_assert_strcmp(error, "Unexpected NUL in input data"); + dsasl_client_free(&client); + + test_end(); +} + +static void test_sasl_client_xoauth2(void) +{ + const char *error; + test_begin("sasl client XOAUTH2"); + const struct dsasl_client_mech *mech = dsasl_client_mech_find("xoauth2"); + i_assert(mech != NULL); + struct dsasl_client *client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + string_t *input = t_str_new(64); + const unsigned char *output; + size_t olen; + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + + const unsigned char expected[] = "user=testuser\1auth=Bearer testpassword\1\1"; + /* there is no NUL byte at the end */ + test_assert(olen == sizeof(expected) - 1); + test_assert(memcmp(output, expected, I_MIN(sizeof(expected) - 1, olen)) == 0); + + dsasl_client_free(&client); + test_assert(client == NULL); + + client = dsasl_client_new(mech, &sasl_set); + /* test error response */ + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == 0); + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + str_append(input, "{\"status\":\"401\",\"schemes\":\"bearer\",\"scope\":\"mail\"}"); + test_assert(dsasl_client_input(client, input->data, input->used, &error) == -1); + test_assert_strcmp(error, "Failed to authenticate: 401"); + + dsasl_client_free(&client); + + /* missing username & password */ + client = dsasl_client_new(mech, &sasl_empty_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == -1); + test_assert_strcmp(error, "authid not set"); + dsasl_client_free(&client); + + /* missing password */ + client = dsasl_client_new(mech, &sasl_no_password_set); + i_assert(client != NULL); + + test_assert(dsasl_client_input(client, uchar_empty_ptr, 0, &error) == 0); + test_assert(dsasl_client_output(client, &output, &olen, &error) == -1); + test_assert_strcmp(error, "password not set"); + dsasl_client_free(&client); + + /* unexpected NUL byte in input */ + client = dsasl_client_new(mech, &sasl_set); + i_assert(client != NULL); + + const unsigned char input2[] = "unexpected\0"; + test_assert(dsasl_client_input(client, input2, sizeof(input2), &error) == -1); + test_assert_strcmp(error, "Unexpected NUL in input data"); + dsasl_client_free(&client); + + test_end(); +} + +int main(void) +{ + static void (*const test_functions[])(void) = { + test_sasl_client_login, + test_sasl_client_plain, + test_sasl_client_external, + test_sasl_client_oauthbearer, + test_sasl_client_xoauth2, + NULL + }; + dsasl_clients_init(); + int ret = test_run(test_functions); + dsasl_clients_deinit(); + return ret; +} |