Codebase list cyrus-sasl2 / 04318e5
Imported Upstream version 2.1.24~rc1.dfsg1 Ondřej Surý 12 years ago
149 changed file(s) with 4533 addition(s) and 1317 deletion(s). Raw diff Collapse all Expand all
1212
1313 Leandro Santi <lesanti@sinectis.com.ar> added Courier authdaemon support.
1414
15 Alexey Melnikov <mel@isode.com> wrote the first pass of the
15 Alexey Melnikov <alexey.melnikov@isode.com> wrote the first pass of the
1616 DIGEST-MD5 plugin and continues to work on it. He also wrote
1717 a good deal of the current Windows support.
1818
4343 which is based on the IPv6 code written by KIKUCHI Takahiro
4444 <kick@kyoto.wide.ad.jp>
4545
46 $Id: AUTHORS,v 1.17 2004/01/08 15:30:25 ken3 Exp $
46 $Id: AUTHORS,v 1.18 2006/12/01 17:34:58 mel Exp $
0 2009-04-27 Ken Murchison <murch@andrew.cmu.edu>
1 * Ready for 2.1.23
0 2009-08-14 Alexey Melnikov <alexey.melnikov@isode.com>
1 * saslauthd/auth_shadow.c: Rolled back the previous commit
2 (#define _XOPEN_SOURCE before including unistd.h),
3 as this seems to break Solaris 8 build. Note that crypt.h
4 should be present on a Solaris 8 machine, as well is on Debian,
5 so this shouldn't be a problem.
6
7 2009-08-04 Alexey Melnikov <alexey.melnikov@isode.com>
8 * plugins/gssapi.c: Properly set serveroutlen to 0 in one place.
9 Don't send empty challenge once server context establishment is done,
10 as this is in violation of the RFC 2222 and its successor.
11
12 2009-07-24 Alexey Melnikov <alexey.melnikov@isode.com>
13 * plugins/gssapi.c: Don't send maxbuf, if no security layer
14 can be established. Added additional checks for buffer lengths.
15
16 2009-05-20 Ken Murchison <murch@andrew.cmu.edu>
17 * configure.in, cmulocal/sasl2.m4,
18 config/kerberos_v4.m4, config/plain.m4, config/sasldb.m4,
19 lib/Makefile.am: Fixes to allow static libs to be built in the
20 CMU build environment
21
22 2009-05-07 Ken Murchison <murch@andrew.cmu.edu>
23 * configure.in, include/sasl.h, lib/Makefile.am,
24 plugins/Makefile.am, saslauthd/configure.in, sasldb/Makefile.am,
25 win32/common.mak, win32/include/config.h: 2.1.24
26
27 2009-05-03 Alexey Melnikov <alexey.melnikov@isode.com>
28 * sample/sample-client.c, sample/sample-server.c, utils/smtptest.c:
29 Fixed bug # 2895 (passing LF to sasl_decode64)
30
31 2009-05-03 Alexey Melnikov <alexey.melnikov@isode.com>
32 * lib/NTMakefile: Disabled annoying warnings about use of
33 deprecated standard C library functions, enabled
34 warnings about Windows64 portability
35
36 2009-05-03 Alexey Melnikov <alexey.melnikov@isode.com>
37 * configure.in: Added support for SQLite3
38 (patch by Maxim Gorbachyov)
239
340 2009-04-27 Ken Murchison <murch@andrew.cmu.edu>
441 * lib/saslutil.c: Fixed CERT VU#238019 (make sure sasl_encode64()
542 always NUL terminates output or returns SASL_BUFOVER).
43
44 2009-04-11 Alexey Melnikov <alexey.melnikov@isode.com>
45 * plugins/sql.c: Fixed SQLite lookup function.
46 Also fixed SASL PLAIN authentication when used with
47 SQLite auxprop backend.
48
49 2009-04-11 Alexey Melnikov <alexey.melnikov@isode.com>
50 * lib/dlopen.c: Updated to use .plugin extension on MacOS
51
52 2009-04-08 Alexey Melnikov <alexey.melnikov@isode.com>
53 * lib/client.c, lib/server.c: Removed unused mutexes
54 (bug # 3141)
55
56 2009-03-10 Alexey Melnikov <alexey.melnikov@isode.com>
57 * include/sasl.h, include/saslplug.h, lib/canonusr.c,
58 lib/checkpw.c, plugins/sasldb.c, plugins/sql.c:
59 Added direct support for hashed password to auxprop API
60
61 2009-03-10 Alexey Melnikov <alexey.melnikov@isode.com>
62 * include/sasl.h, lib/canonusr.c, lib/external.c,
63 plugins/gssapi.c, plugins/kerberos4.c: Make auxprop lookup
64 calls in SASL GSSAPI/EXTERNAL optional
65
66 2009-03-10 Alexey Melnikov <alexey.melnikov@isode.com>
67 * plugins/sasldb.c: A better fix for spurious 'user not found'
68 errors caused by an attempt to delete a non-existent property
69
70 2009-02-21 Alexey Melnikov <alexey.melnikov@isode.com>
71 * include/saslutil.h, lib/saslint.h: Made sasl_config_init public
72
73 2009-02-20 Alexey Melnikov <alexey.melnikov@isode.com>
74 * lib/saslint.h, lib/client.c, lib/common.c, lib/server.c:
75 Make sure that sasl_set_alloc() has no effect once sasl_client_init()
76 or sasl_server_init() is called [patch from Debian by
77 fabbe@debian.org]
78
79 2009-02-20 Alexey Melnikov <alexey.melnikov@isode.com>
80 * plugins/digestmd5.c: GCC 4.4 requires that the #elif
81 preprocessor directive have a test condition [patch from Debian by
82 fabbe@paniq.net]
83
84 2009-02-20 Alexey Melnikov <alexey.melnikov@isode.com>
85 * saslauthd/lak.c: Define LDAP_DEPRECATED so that ldap_get_values
86 is properly defined when compiling [patch from Debian by
87 Dann Frazier <dannf@debian.org>]
88
89 2009-02-20 Alexey Melnikov <alexey.melnikov@isode.com>
90 * saslauthd/auth_sasldb.c: pid_file_lock is created with a mask
91 of 644 instead of 0644 [patch from Debian by Sam Hocevar <sam@zoy.org>]
92
93 2009-02-20 Alexey Melnikov <alexey.melnikov@isode.com>
94 * saslauthd/auth_sasldb.c: Include config.h so that MAXHOSTNAMELEN
95 is available when building on hurd-i386 [patch from Debian
96 by mbanck@debian.org]
97
98 2009-02-20 Alexey Melnikov <alexey.melnikov@isode.com>
99 * saslauthd/auth_shadow.c: Define _XOPEN_SOURCE before including
100 unistd.h, so that crypt is correctly defined [patch from Debian
101 by dannf@debian.org]
102
103 2009-02-14 Alexey Melnikov <alexey.melnikov@isode.com>
104 * utils/pluginviewer.c: Code cleanup, improved human readable messages
105
106 2009-02-14 Alexey Melnikov <alexey.melnikov@isode.com>
107 * lib/config.c: Strip trailing spaces from config file option
108 values (bug # 3139, bug # 3041)
109
110 2009-02-14 Alexey Melnikov <alexey.melnikov@isode.com>
111 * plugins/otp.c: Don't use a stack variable for an OTP prompt
112 (bug # 2822)
113
114 2009-02-13 Alexey Melnikov <alexey.melnikov@isode.com>
115 * saslauthd/auth_getpwent.c: Fixed Solaris build (patch by Leena
116 Heino for bug # 2666)
117
118 2009-02-13 Alexey Melnikov <alexey.melnikov@isode.com>
119 * include/saslplug.h, lib/server.c, plugins/anonymous.c,
120 plugins/gssapi.c, plugins/otp.c: Partial support for the
121 SASL_FEAT_DONTUSE_USERPASSWD feature
122
123 2009-01-28 Alexey Melnikov <alexey.melnikov@isode.com>
124 * include/sasl.h, lib/auxprop.c, lib/common.c, lib/server.c:
125 Don't treat a constraint violation as an error to store an auxprop
126 property
127
128 2009-01-28 Alexey Melnikov <alexey.melnikov@isode.com>
129 * include/sasl.h, lib/server.c: Extended libsasl (auxprop) to support
130 user deletion
131
132 2009-01-28 Alexey Melnikov <alexey.melnikov@isode.com>
133 * plugins/otp.c: Downgrade the failure to store OTP secret to debug level
134
135 2009-01-25 Alexey Melnikov <alexey.melnikov@isode.com>
136 * lib/windlopen.c: Free handles of shared libraries on Windows
137 that were loaded but are not SASL plugins (patch by Petr Prazak)
138 [Bug # 2089].
139
140 2008-11-23 Alexey Melnikov <alexey.melnikov@isode.com>
141 * plugins/NTMakefile, win32/common.mak: Added support for building
142 SQLite3 on Windows.
143
144 2008-11-23 Alexey Melnikov <alexey.melnikov@isode.com>
145 * plugins/ldapdb.c: Updated LDAPDB lookup function to match auxprop
146 API changes
147
148 2008-11-15 Alexey Melnikov <alexey.melnikov@isode.com>
149 * plugins/sql.c: Added SQLITE3 support (patch by Maxim Gorbachyov)
150
151 2008-10-31 Ken Murchison <murch@andrew.cmu.edu>
152 * lib/saslint.h, lib/server.c: order advertised mechanisms
153 per the specified 'mech_list' option or by relative "strength"
154
155 2008-10-30 Alexey Melnikov <alexey.melnikov@isode.com>
156 * plugins/digestmd5.c: Fixed more portability warnings.
157 Fixed some rare memory leaks. More detailed error reporting.
158
159 2008-10-30 Alexey Melnikov <alexey.melnikov@isode.com>
160 * win32/include/config.h, lib/canonusr.c, lib/config.c,
161 sasldb/allockey.c, utils/saslpasswd.c, utils/testsuite.c,
162 sample/sample-server.c, plugins/anonymous.c, plugins/digestmd5.c,
163 plugins/login.c, plugins/ntlm.c, plugins/otp.c:
164 Fixed Windows 64 portability and other types of warnings
165
166 2008-10-29 Alexey Melnikov <alexey.melnikov@isode.com>
167 * win32/common.mak: Added support for building libraries.
168 Added support for Windows64.
169
170 2008-10-29 Alexey Melnikov <alexey.melnikov@isode.com>
171 * lib/common.c: Prevent freeing of common state on a subsequent
172 call to _sasl_common_init. Make sure that the last global callback
173 always wins.
174
175 2008-10-29 Alexey Melnikov <alexey.melnikov@isode.com>
176 * lib/saslint.h, lib/canonusr.c, lib/checkpw.c, lib/client.c,
177 lib/server.c: Further fixes to auxprop lookup and _sasl_canon_user
178 cleanup
179
180 2008-10-29 Alexey Melnikov <alexey.melnikov@isode.com>
181 * include/saslplug.h, lib/auxprop.c, lib/canonusr.c, lib/saslint.h,
182 plugins/sasldb.c, plugins/sql.c:
183 Extended SASL auxprop_lookup to return error code
184
185 2008-10-29 Alexey Melnikov <alexey.melnikov@isode.com>
186 * lib/saslutil.c: Fixed Mac OS X 10.3 build.
187
188 2008-10-29 Alexey Melnikov <alexey.melnikov@isode.com>
189 * plugins/sql.c: Uninitialized variables cause crash when
190 the searched user is not found (patch from
191 Maxim Gorbachyov <maxim.gorbachyov@gmail.com>)
192
193 2008-10-23 Alexey Melnikov <alexey.melnikov@isode.com>
194 * sasldb/db_berkeley.c: Return SASL_NOUSER instead of SASL_FAIL
195 when the database file doesn't exist
196
197 2008-10-23 Alexey Melnikov <alexey.melnikov@isode.com>
198 * lib/checkpw.c: Updated sasl_user_exists so that it can handle
199 passwordless accounts (e.g. disabled)
200
201 2008-10-23 Alexey Melnikov <alexey.melnikov@isode.com>
202 * include/saslutil.h, lib/saslint.h, lib/client.c, lib/common.c,
203 lib/saslutil.c, lib/server.c: Added hostname canonicalization
204
205 2008-10-22 Alexey Melnikov <alexey.melnikov@isode.com>
206 * lib/NTMakefile, utils/NTMakefile, sample/NTMakefile,
207 plugins/NTMakefile: Updated to build with VC 8.0 (VC++ 2005)
208
209 2008-10-22 Alexey Melnikov <alexey.melnikov@isode.com>
210 * lib/NTMakefile: Don't install .exp and .manifest files.
211 Updated build dependencies.
212
213 2008-10-21 Alexey Melnikov <alexey.melnikov@isode.com>
214 * lib/saslint.h, lib/client.c, lib/common.c, lib/server.c:
215 Implemented sasl_client_done/sasl_server_done
216
217 2008-10-19 Alexey Melnikov <alexey.melnikov@isode.com>
218 * plugins/login.c, plugins/plain.c: Advertise
219 SASL_SEC_PASS_CREDENTIALS feature in PLAIN and LOGIN
220
221 2008-10-02 Ken Murchison <murch@andrew.cmu.edu>
222 * lib/checkpw.c: Fixed potential buffer overflow in
223 saslautd_verify_password().
224
225 2008-09-30 Alexey Melnikov <alexey.melnikov@isode.com>
226 * lib/common.c: Fixed sasl_set_mutex() to disallow changing
227 mutex management functions once sasl_server_init/
228 sasl_client_init is called. Failure to do this is causing
229 a crash while locking mutexes. [Bug # 3083]
230
231 2008-01-24 Ken Murchison <murch@andrew.cmu.edu>
232 * plugins/ntlm.c: Fixed crash in calculating NTv2 reponse
233 (patch from Tim Costen from Isode)
234
235 2008-01-23 Ken Murchison <murch@andrew.cmu.edu>
236 * plugins/ntlm.c, doc/options.html: allow a comma separated
237 list of servernames in 'ntlm_server' option
238 (patch from Enrico Persiani <enrico@ninfea-soft.org>)
239
240 2008-01-23 Ken Murchison <murch@andrew.cmu.edu>
241 * plugins/ldapdb.c, plugins/makeinit.sh, doc/options.html:
242 Added code to extend ldapdb into a canon_user plugin
243 in addition to its existing auxprop plugin functionality
244 (patch from Howard Chu <hyc@symas.com>
245 and Torsten Schlabach <tschlabach@gmx.net>)
246
247 2008-01-23 Ken Murchison <murch@andrew.cmu.edu>
248 * saslauthd/auth_rimap.c: fixed bug counting double-quotes in
249 username/password. Also fixed bug zeroing password.
250 (patch from Robert Sanderson <rwsiv1@gmail.com>)
251
252 2008-01-23 Ken Murchison <murch@andrew.cmu.edu>
253 * saslauthd/auth_krb.c: improved diagnostic in the
254 k5support_verify_tgt() function. Now, detailed krb5 error
255 information will be given out in the LOG_DEBUG syslog
256 channel (based on patch from Enrico Scholz
257 <enrico.scholz@informatik.tu-chemnitz.de>)
258
259 2007-06-13 Alexey Melnikov <alexey.melnikov@isode.com>
260 * lib/dlopen.c: 64bit HP-UX uses .so for shared libraries
261 (patch by Nathan Kinder <nkinder@redhat.com>).
262
263 2007-06-13 Alexey Melnikov <alexey.melnikov@isode.com>
264 * plugins/digestmd5.c: Fixed a memory leak in the DIGEST-MD5
265 security layer (based on patch from Nathan Kinder
266 <nkinder@redhat.com>).
267
268 2007-05-14 Alexey Melnikov <alexey.melnikov@isode.com>
269 * man/*: updated to reference RFC 4422 instead of
270 RFC 2222.
271
272 2007-03-02 Alexey Melnikov <alexey.melnikov@isode.com>
273 * plugins/sasldb.c, plugins/sql.c: Ignore properties
274 starting with '*' in the auxprop store function.
275
276 2007-02-14 Alexey Melnikov <alexey.melnikov@isode.com>
277 * plugins/digestmd5.c: Fixed parsing of challenges/
278 responses with extra commas.
279
280 2007-01-29 Alexey Melnikov <alexey.melnikov@isode.com>
281 * plugins/gssapi.c: Check that params->serverFQDN is
282 not NULL before using strlen on it (reported by
283 Steven Simon <simon.s@apple.com>)
284
285 2006-12-01 Alexey Melnikov <alexey.melnikov@isode.com>
286 * lib/common.c: Typecast iov_base to (char *),
287 in case it is defined as "void *" on a platform
288 like HPUX (Olaf Flebbe).
289
290 2006-11-27 Alexey Melnikov <alexey.melnikov@isode.com>
291 * plugins/digestmd5.c: Cleaned up comments and
292 some error messages.
293
294 2006-08-24 Alexey Melnikov <alexey.melnikov@isode.com>
295 * lib/dlopen.c: Fixed segfault in dlclose on HPUX,
296 based on feedback from <biswatosh2001@yahoo.com>.
297
298 2006-07-16 Alexey Melnikov <alexey.melnikov@isode.com>
299 * win32/common.mak: Abstracted out compiler command
300 line options for exception handling.
301
302 2006-07-04 Alexey Melnikov <alexey.melnikov@isode.com>
303 * saslauthd/auth_shadow.c: Include crypt.h, so that crypt()
304 is defined. This fixes crash on x64 Suse where
305 sizeof(int) != sizeof(char *). Based on patch from
306 rhafer@suse.de.
307
308 2006-06-26 Alexey Melnikov <alexey.melnikov@isode.com>
309 * plugins/digestmd5.c: Allow for multiple qop options
310 from the server and require a single qop option
311 from the client.
6312
7313 2006-05-19 Ken Murchison <murch@andrew.cmu.edu>
8314 * Makefile.am: include INSTALL.TXT in distro
8888 LIB_PGSQL = @LIB_PGSQL@
8989 LIB_SOCKET = @LIB_SOCKET@
9090 LIB_SQLITE = @LIB_SQLITE@
91 LIB_SQLITE3 = @LIB_SQLITE3@
9192 LN_S = @LN_S@
9293 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
9394 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
0 New in 2.1.24
1 -------------
2
3 * Order advertised server-side SASL mechanisms per the specified 'mech_list'
4 option or by relative "strength"
5 * Make sure that sasl_set_alloc() has no effect once sasl_client_init()
6 or sasl_server_init() is called
7 * Fixed sasl_set_mutex() to disallow changing mutex management functions
8 once sasl_server_init()/sasl_client_init() is called (bug # 3083)
9 * Removed unused mutexes in lib/client.c and lib/server.c (bug # 3141)
10 * Added direct support for hashed password to auxprop API
11 * Don't treat a constraint violation as an error to store an auxprop property
12 * Extended libsasl (auxprop) to support user deletion
13 * Extended SASL auxprop_lookup to return error code
14 * Updated sasl_user_exists() so that it can handle passwordless accounts (e.g. disabled)
15 * (Windows) Free handles of shared libraries on Windows that were loaded
16 but are not SASL plugins (bug # 2089)
17 * Prevent freeing of common state on a subsequent call to _sasl_common_init.
18 Make sure that the last global callback always wins.
19 * Implemented sasl_client_done()/sasl_server_done()
20 * Added automatic hostname canonicalization inside libsasl
21 * Made sasl_config_init() public
22 * Strip trailing spaces from server config file option values (bug # 3139, bug # 3041)
23 * Fixed potential buffer overflow in saslautd_verify_password().
24 * Fixed segfault in dlclose() on HPUX
25 * Various bugfixes for 64bit platforms
26 * Fixed bug # 2895 (passing LF to sasl_decode64) in sample/sample-client.c,
27 sample/sample-server.c, utils/smtptest.c
28 * pluginviewer: Code cleanup, improved human readable messages
29 * Build:
30 - (Windows) Updated makefiles to build with VC 8.0 (VC++ 2005)
31 - (Windows) Added Windows64 build
32 - Updated to use .plugin extension on MacOS
33 - Changed 64bit HP-UX build to use .so for shared libraries
34 * saslauthd:
35 - Fixed bug counting double-quotes in username/password in
36 auth_rimap.c. Also fixed bug zeroing password.
37 - auth_krb.c: improved diagnostic in the k5support_verify_tgt() function.
38 - auth_sasldb.c: pid_file_lock is created with a mask of 644 instead of 0644
39 - auth_shadow.c: Define _XOPEN_SOURCE before including unistd.h,
40 so that crypt is correctly defined
41 - auth_getpwent.c: Fixed Solaris build
42 * SASLDB plugin:
43 - Fixed spurious 'user not found' errors caused by an attempt
44 to delete a non-existent property
45 - Added direct support for hashed password to auxprop API
46 - Sleepycat driver: Return SASL_NOUSER instead of SASL_FAIL when the database
47 file doesn't exist
48 - Ignore properties starting with '*' in the auxprop store function
49 * SQL plugin:
50 - Added support for SQLITE3
51 - Uninitialized variables can cause crash when the searched user is not found
52 - Added direct support for hashed password
53 - Ignore properties starting with '*' in the auxprop store function
54 * LDAPDB plugin:
55 - Added code to extend LDAPDB into a canon_user plugin in addition
56 to its existing auxprop plugin functionality
57 * PLAIN plugin:
58 - Advertise SASL_SEC_PASS_CREDENTIALS feature
59 * LOGIN plugin:
60 - Advertise SASL_SEC_PASS_CREDENTIALS feature
61 * DIGEST-MD5 plugin:
62 - Fixed a memory leak in the DIGEST-MD5 security layer
63 - Fixed memory leaks in client-side reauth and other places
64 - More detailed error reporting.
65 - Fixed parsing of challenges/responses with extra commas.
66 - Allow for multiple qop options from the server and require
67 a single qop option from the client.
68 * GSSAPI plugin:
69 - Check that params->serverFQDN is not NULL before using strlen on it
70 - Make auxprop lookup calls optional
71 * EXTERNAL plugin:
72 - Make auxprop lookup calls optional
73 * NTLM plugin:
74 - allow a comma separated list of servernames in 'ntlm_server' option
75 - Fixed crash in calculating NTv2 reponse
76 * OTP plugin:
77 - Don't use a stack variable for an OTP prompt (bug # 2822)
78 - Downgrade the failure to store OTP secret to debug level
79 * KERBEROS_V4 plugin:
80 - Make auxprop lookup calls optional
81
082 New in 2.1.23
183 -------------
284 * Fixed CERT VU#238019 (make sure sasl_encode64() always NUL
0 $Id: README,v 1.32 2002/04/06 03:44:52 rjs3 Exp $
0 $Id: README,v 1.33 2008/01/25 01:57:40 murch Exp $
11
22 This is the Cyrus SASL API implentation. It can be used on the client
33 or server side to provide authentication and authorization services.
4 See RFC 2222 for more information.
4 See RFC 4422 for more information.
55
66 The latest version is available at:
77 ftp://ftp.andrew.cmu.edu/pub/cyrus-mail
842842 ])
843843
844844 dnl
845 dnl $Id: c-attribute.m4,v 1.3 2003/10/08 20:35:24 rjs3 Exp $
845 dnl $Id: c-attribute.m4,v 1.4 2007/08/30 16:57:55 murch Exp $
846846 dnl
847847
848848 dnl
854854 AC_CACHE_VAL(ac_cv___attribute__, [
855855 AC_TRY_COMPILE([
856856 #include <stdlib.h>
857 ],
858 [
859857 static void foo(void) __attribute__ ((noreturn));
860858
861859 static void
864862 exit(1);
865863 }
866864 ],
865 [
866 ],
867867 ac_cv___attribute__=yes,
868868 ac_cv___attribute__=no)])
869869 if test "$ac_cv___attribute__" = "yes"; then
875875
876876 dnl
877877 dnl Additional macros for configure.in packaged up for easier theft.
878 dnl $Id: cyrus.m4,v 1.4 2003/10/08 20:35:24 rjs3 Exp $
878 dnl $Id: cyrus.m4,v 1.5 2009/03/31 04:09:47 brong Exp $
879879 dnl tjs@andrew.cmu.edu 6-may-1998
880880 dnl
881881
886886 dnl (so the runpath for shared libraries is set).
887887 AC_DEFUN([CMU_ADD_LIBPATH], [
888888 # this is CMU ADD LIBPATH
889 if test "$andrew_runpath_switch" = "none" ; then
889 if test "$andrew_cv_runpath_switch" = "none" ; then
890890 LDFLAGS="-L$1 ${LDFLAGS}"
891891 else
892 LDFLAGS="-L$1 $andrew_runpath_switch$1 ${LDFLAGS}"
892 LDFLAGS="-L$1 $andrew_cv_runpath_switch$1 ${LDFLAGS}"
893893 fi
894894 ])
895895
897897 dnl (so the runpath for shared libraries is set).
898898 AC_DEFUN([CMU_ADD_LIBPATH_TO], [
899899 # this is CMU ADD LIBPATH TO
900 if test "$andrew_runpath_switch" = "none" ; then
900 if test "$andrew_cv_runpath_switch" = "none" ; then
901901 $2="-L$1 ${$2}"
902902 else
903 $2="-L$1 ${$2} $andrew_runpath_switch$1"
903 $2="-L$1 ${$2} $andrew_cv_runpath_switch$1"
904904 fi
905905 ])
906906
907907 dnl runpath initialization
908908 AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [
909909 # CMU GUESS RUNPATH SWITCH
910 AC_CACHE_CHECK(for runpath switch, andrew_runpath_switch, [
910 AC_CACHE_CHECK(for runpath switch, andrew_cv_runpath_switch, [
911911 # first, try -R
912912 SAVE_LDFLAGS="${LDFLAGS}"
913913 LDFLAGS="-R /usr/lib"
914 AC_TRY_LINK([],[],[andrew_runpath_switch="-R"], [
914 AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-R"], [
915915 LDFLAGS="-Wl,-rpath,/usr/lib"
916 AC_TRY_LINK([],[],[andrew_runpath_switch="-Wl,-rpath,"],
917 [andrew_runpath_switch="none"])
916 AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-Wl,-rpath,"],
917 [andrew_cv_runpath_switch="none"])
918918 ])
919919 LDFLAGS="${SAVE_LDFLAGS}"
920920 ])])
14671467
14681468 SASL_DB_BACKEND="db_${dblib}.lo"
14691469 SASL_DB_BACKEND_STATIC="db_${dblib}.o allockey.o"
1470 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_${dblib}.c ../sasldb/allockey.c"
1470 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_${dblib}.c \$(top_srcdir)/sasldb/allockey.c"
14711471 SASL_DB_UTILS="saslpasswd2 sasldblistusers2"
14721472 SASL_DB_MANS="saslpasswd2.8 sasldblistusers2.8"
14731473
14901490 dnl will just fail to load anyway.
14911491 SASL_DB_BACKEND="db_none.lo"
14921492 SASL_DB_BACKEND_STATIC="db_none.o"
1493 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_none.c"
1493 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_none.c"
14941494 SASL_DB_UTILS=""
14951495 SASL_DB_MANS=""
14961496 SASL_DB_LIB=""
14991499
15001500 if test "$enable_static" = yes; then
15011501 if test "$dblib" != "none"; then
1502 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
1502 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
15031503 SASL_STATIC_OBJS="$SASL_STATIC_OBJS sasldb.o $SASL_DB_BACKEND_STATIC"
15041504 AC_DEFINE(STATIC_SASLDB,[],[Link SASLdb Staticly])
15051505 else
15251525 AC_MSG_RESULT($dbpath)
15261526 AC_DEFINE_UNQUOTED(SASL_DB_PATH, "$dbpath", [Path to default SASLdb database])])
15271527
1528 dnl $Id: berkdb.m4,v 1.20 2005/04/26 19:14:07 shadow Exp $
1528 dnl $Id: berkdb.m4,v 1.22 2007/08/15 17:18:01 murch Exp $
15291529
15301530 AC_DEFUN([CMU_DB_INC_WHERE1], [
15311531 saved_CPPFLAGS=$CPPFLAGS
17401740 fi
17411741
17421742 saved_LIBS=$LIBS
1743 for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
1743 for dbname in ${with_bdb} db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
17441744 do
17451745 LIBS="$saved_LIBS -l$dbname"
1746 AC_TRY_LINK([#include <db.h>],
1746 AC_TRY_LINK([#include <stdio.h>
1747 #include <db.h>],
17471748 [db_create(NULL, NULL, 0);],
17481749 BDB_LIBADD="$BDB_LIBADD -l$dbname"; dblib="berkeley"; dbname=db,
17491750 dblib="no")
17511752 done
17521753 if test "$dblib" = "no"; then
17531754 LIBS="$saved_LIBS -ldb"
1754 AC_TRY_LINK([#include <db.h>],
1755 AC_TRY_LINK([#include <stdio.h>
1756 #include <db.h>],
17551757 [db_open(NULL, 0, 0, 0, NULL, NULL, NULL);],
17561758 BDB_LIBADD="$BDB_LIBADD -ldb"; dblib="berkeley"; dbname=db,
17571759 dblib="no")
28022804 if test "$krb4" != no; then
28032805 AC_MSG_RESULT(enabled)
28042806 SASL_MECHS="$SASL_MECHS libkerberos4.la"
2805 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/kerberos4.c"
2807 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/kerberos4.c"
28062808 SASL_STATIC_OBJS="$SASL_STATIC_OBJS kerberos4.o"
28072809 AC_DEFINE(STATIC_KERBEROS4,[],[User KERBEROS_V4 Staticly])
28082810 AC_DEFINE(HAVE_KRB,[],[Do we have Kerberos 4 Support?])
28162818
28172819 # sasl2.m4--sasl2 libraries and includes
28182820 # Rob Siemborski
2819 # $Id: sasl2.m4,v 1.52 2006/05/18 19:25:00 murch Exp $
2821 # $Id: sasl2.m4,v 1.54 2009/05/20 12:24:48 murch Exp $
28202822
28212823 # SASL2_CRYPT_CHK
28222824 # ---------------
28782880 fi
28792881 fi
28802882 fi
2881 AC_CHECK_HEADER([gssapi.h],
2882 [AC_DEFINE(HAVE_GSSAPI_H,,
2883 [Define if you have the gssapi.h header file])],
2883 AC_CHECK_HEADER([gssapi.h],,
28842884 [AC_CHECK_HEADER([gssapi/gssapi.h],,
28852885 [AC_WARN([Disabling GSSAPI - no include files found]); gssapi=no])])
28862886
28892889 fi
28902890
28912891 if test "$gssapi" != no; then
2892 if test "$ac_cv_header_gssapi_h" = "yes" -o "$ac_cv_header_gssapi_gssapi_h" = "yes"; then
2893 AC_DEFINE(HAVE_GSSAPI_H,,[Define if you have the gssapi.h header file])
2894 fi
2895
28922896 # We need to find out which gssapi implementation we are
28932897 # using. Supported alternatives are: MIT Kerberos 5,
28942898 # Heimdal Kerberos 5 (http://www.pdc.kth.se/heimdal),
30663070 AC_CHECK_LIB(resolv,res_search,GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lresolv")
30673071 SASL_MECHS="$SASL_MECHS libgssapiv2.la"
30683072 SASL_STATIC_OBJS="$SASL_STATIC_OBJS gssapi.o"
3069 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/gssapi.c"
3073 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/gssapi.c"
30703074
30713075 cmu_save_LIBS="$LIBS"
30723076 LIBS="$LIBS $GSSAPIBASE_LIBS"
33093313 SASL_MECHS="$SASL_MECHS libplain.la"
33103314 if test "$enable_static" = yes; then
33113315 SASL_STATIC_OBJS="$SASL_STATIC_OBJS plain.o"
3312 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/plain.c"
3316 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/plain.c"
33133317 AC_DEFINE(STATIC_PLAIN,[],[Link PLAIN Staticly])
33143318 fi
33153319 else
0 Copyright 1998 by Carnegie Mellon University
10
2 All Rights Reserved
1 Copyright (c) 1994-2008 Carnegie Mellon University. All rights reserved.
32
4 Permission to use, copy, modify, and distribute this software and its
5 documentation for any purpose and without fee is hereby granted,
6 provided that the above copyright notice appear in all copies and that
7 both that copyright notice and this permission notice appear in
8 supporting documentation, and that the name of Carnegie Mellon University
9 not be used in advertising or publicity pertaining to distribution of the
10 software without specific, written prior permission.
3 Redistribution and use in source and binary forms, with or without
4 modification, are permitted provided that the following conditions
5 are met:
116
12 CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS
13 SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS,
14 IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE FOR ANY SPECIAL,
15 INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
16 LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
17 OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
18 PERFORMANCE OF THIS SOFTWARE.
7 1. Redistributions of source code must retain the above copyright
8 notice, this list of conditions and the following disclaimer.
199
10 2. Redistributions in binary form must reproduce the above copyright
11 notice, this list of conditions and the following disclaimer in
12 the documentation and/or other materials provided with the
13 distribution.
14
15 3. The name "Carnegie Mellon University" must not be used to
16 endorse or promote products derived from this software without
17 prior written permission. For permission or any legal
18 details, please contact
19 Carnegie Mellon University
20 Center for Technology Transfer and Enterprise Creation
21 4615 Forbes Avenue
22 Suite 302
23 Pittsburgh, PA 15213
24 (412) 268-7393, fax: (412) 268-7395
25 innovation@andrew.cmu.edu
26
27 4. Redistributions of any form whatsoever must retain the following
28 acknowledgment:
29 "This product includes software developed by Computing Services
30 at Carnegie Mellon University (http://www.cmu.edu/computing/)."
31
32 CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
33 THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
34 AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
35 FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
36 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
37 AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
38 OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
0 dnl $Id: berkdb.m4,v 1.20 2005/04/26 19:14:07 shadow Exp $
0 dnl $Id: berkdb.m4,v 1.22 2007/08/15 17:18:01 murch Exp $
11
22 AC_DEFUN([CMU_DB_INC_WHERE1], [
33 saved_CPPFLAGS=$CPPFLAGS
212212 fi
213213
214214 saved_LIBS=$LIBS
215 for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
215 for dbname in ${with_bdb} db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
216216 do
217217 LIBS="$saved_LIBS -l$dbname"
218 AC_TRY_LINK([#include <db.h>],
218 AC_TRY_LINK([#include <stdio.h>
219 #include <db.h>],
219220 [db_create(NULL, NULL, 0);],
220221 BDB_LIBADD="$BDB_LIBADD -l$dbname"; dblib="berkeley"; dbname=db,
221222 dblib="no")
223224 done
224225 if test "$dblib" = "no"; then
225226 LIBS="$saved_LIBS -ldb"
226 AC_TRY_LINK([#include <db.h>],
227 AC_TRY_LINK([#include <stdio.h>
228 #include <db.h>],
227229 [db_open(NULL, 0, 0, 0, NULL, NULL, NULL);],
228230 BDB_LIBADD="$BDB_LIBADD -ldb"; dblib="berkeley"; dbname=db,
229231 dblib="no")
00 dnl
1 dnl $Id: c-attribute.m4,v 1.3 2003/10/08 20:35:24 rjs3 Exp $
1 dnl $Id: c-attribute.m4,v 1.4 2007/08/30 16:57:55 murch Exp $
22 dnl
33
44 dnl
1010 AC_CACHE_VAL(ac_cv___attribute__, [
1111 AC_TRY_COMPILE([
1212 #include <stdlib.h>
13 ],
14 [
1513 static void foo(void) __attribute__ ((noreturn));
1614
1715 static void
1917 {
2018 exit(1);
2119 }
20 ],
21 [
2222 ],
2323 ac_cv___attribute__=yes,
2424 ac_cv___attribute__=no)])
00 dnl
1 dnl $Id: c-fpic.m4,v 1.2 2003/10/08 20:35:24 rjs3 Exp $
1 dnl $Id: c-fpic.m4,v 1.3 2007/08/30 16:57:55 murch Exp $
22 dnl
33
44 dnl
1212 CFLAGS="${CFLAGS} -fPIC"
1313 AC_TRY_COMPILE([
1414 #include <stdlib.h>
15 ],
16 [
1715 static void
1816 foo(void)
1917 {
2018 exit(1);
2119 }
20 ],
21 [
2222 ],
2323 ac_cv_fpic=yes,
2424 ac_cv_fpic=no)
00 dnl
11 dnl Additional macros for configure.in packaged up for easier theft.
2 dnl $Id: cyrus.m4,v 1.4 2003/10/08 20:35:24 rjs3 Exp $
2 dnl $Id: cyrus.m4,v 1.5 2009/03/31 04:09:47 brong Exp $
33 dnl tjs@andrew.cmu.edu 6-may-1998
44 dnl
55
1010 dnl (so the runpath for shared libraries is set).
1111 AC_DEFUN([CMU_ADD_LIBPATH], [
1212 # this is CMU ADD LIBPATH
13 if test "$andrew_runpath_switch" = "none" ; then
13 if test "$andrew_cv_runpath_switch" = "none" ; then
1414 LDFLAGS="-L$1 ${LDFLAGS}"
1515 else
16 LDFLAGS="-L$1 $andrew_runpath_switch$1 ${LDFLAGS}"
16 LDFLAGS="-L$1 $andrew_cv_runpath_switch$1 ${LDFLAGS}"
1717 fi
1818 ])
1919
2121 dnl (so the runpath for shared libraries is set).
2222 AC_DEFUN([CMU_ADD_LIBPATH_TO], [
2323 # this is CMU ADD LIBPATH TO
24 if test "$andrew_runpath_switch" = "none" ; then
24 if test "$andrew_cv_runpath_switch" = "none" ; then
2525 $2="-L$1 ${$2}"
2626 else
27 $2="-L$1 ${$2} $andrew_runpath_switch$1"
27 $2="-L$1 ${$2} $andrew_cv_runpath_switch$1"
2828 fi
2929 ])
3030
3131 dnl runpath initialization
3232 AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [
3333 # CMU GUESS RUNPATH SWITCH
34 AC_CACHE_CHECK(for runpath switch, andrew_runpath_switch, [
34 AC_CACHE_CHECK(for runpath switch, andrew_cv_runpath_switch, [
3535 # first, try -R
3636 SAVE_LDFLAGS="${LDFLAGS}"
3737 LDFLAGS="-R /usr/lib"
38 AC_TRY_LINK([],[],[andrew_runpath_switch="-R"], [
38 AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-R"], [
3939 LDFLAGS="-Wl,-rpath,/usr/lib"
40 AC_TRY_LINK([],[],[andrew_runpath_switch="-Wl,-rpath,"],
41 [andrew_runpath_switch="none"])
40 AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-Wl,-rpath,"],
41 [andrew_cv_runpath_switch="none"])
4242 ])
4343 LDFLAGS="${SAVE_LDFLAGS}"
4444 ])])
00 # sasl2.m4--sasl2 libraries and includes
11 # Rob Siemborski
2 # $Id: sasl2.m4,v 1.52 2006/05/18 19:25:00 murch Exp $
2 # $Id: sasl2.m4,v 1.54 2009/05/20 12:24:48 murch Exp $
33
44 # SASL2_CRYPT_CHK
55 # ---------------
6464 fi
6565 fi
6666 fi
67 AC_CHECK_HEADER([gssapi.h],
68 [AC_DEFINE(HAVE_GSSAPI_H,,
69 [Define if you have the gssapi.h header file])],
67 AC_CHECK_HEADER([gssapi.h],,
7068 [AC_CHECK_HEADER([gssapi/gssapi.h],,
7169 [AC_WARN([Disabling GSSAPI - no include files found]); gssapi=no])])
7270
7573 fi
7674
7775 if test "$gssapi" != no; then
76 if test "$ac_cv_header_gssapi_h" = "yes" -o "$ac_cv_header_gssapi_gssapi_h" = "yes"; then
77 AC_DEFINE(HAVE_GSSAPI_H,,[Define if you have the gssapi.h header file])
78 fi
79
7880 # We need to find out which gssapi implementation we are
7981 # using. Supported alternatives are: MIT Kerberos 5,
8082 # Heimdal Kerberos 5 (http://www.pdc.kth.se/heimdal),
252254 AC_CHECK_LIB(resolv,res_search,GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lresolv")
253255 SASL_MECHS="$SASL_MECHS libgssapiv2.la"
254256 SASL_STATIC_OBJS="$SASL_STATIC_OBJS gssapi.o"
255 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/gssapi.c"
257 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/gssapi.c"
256258
257259 cmu_save_LIBS="$LIBS"
258260 LIBS="$LIBS $GSSAPIBASE_LIBS"
0 dnl
1 dnl macros for configure.in to detect zlib
2 dnl $Id: zlib.m4,v 1.3 2009/05/06 13:48:04 murch Exp $
3 dnl
4
5 AC_DEFUN([CMU_HAVE_ZLIB], [
6 AC_REQUIRE([CMU_FIND_LIB_SUBDIR])
7 AC_ARG_WITH(zlib,[ --with-zlib=PATH use zlib from PATH],
8 with_zlib=$withval, with_zlib="yes")
9
10 save_CPPFLAGS=$CPPFLAGS
11 save_LDFLAGS=$LDFLAGS
12
13 if test -d $with_zlib; then
14 CPPFLAGS="${CPPFLAGS} -I${with_lib}/include"
15 CMU_ADD_LIBPATH(${with_zlib}/$CMU_LIB_SUBDIR)
16 fi
17
18 ZLIB=""
19 case "$with_zlib" in
20 no)
21 with_zlib="no";;
22 *)
23 AC_CHECK_HEADER(zlib.h, [
24 AC_CHECK_LIB(z, deflate,
25 LIBS="${LIBS} -lz"; with_zlib="yes",
26 with_zlib="no",)],
27 with_zlib=no)
28 ;;
29 esac
30
31 if test "$with_zlib" != "no"; then
32 AC_DEFINE(HAVE_ZLIB,[],[Do we have zlib?])
33 ZLIB="-lz"
34 else
35 CPPFLAGS=$save_CPPFLAGS
36 LDFLAGS=$save_LDFLAGS
37 fi
38 ])
139139 if test "$krb4" != no; then
140140 AC_MSG_RESULT(enabled)
141141 SASL_MECHS="$SASL_MECHS libkerberos4.la"
142 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/kerberos4.c"
142 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/kerberos4.c"
143143 SASL_STATIC_OBJS="$SASL_STATIC_OBJS kerberos4.o"
144144 AC_DEFINE(STATIC_KERBEROS4,[],[User KERBEROS_V4 Staticly])
145145 AC_DEFINE(HAVE_KRB,[],[Do we have Kerberos 4 Support?])
2222 SASL_MECHS="$SASL_MECHS libplain.la"
2323 if test "$enable_static" = yes; then
2424 SASL_STATIC_OBJS="$SASL_STATIC_OBJS plain.o"
25 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/plain.c"
25 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/plain.c"
2626 AC_DEFINE(STATIC_PLAIN,[],[Link PLAIN Staticly])
2727 fi
2828 else
9696
9797 SASL_DB_BACKEND="db_${dblib}.lo"
9898 SASL_DB_BACKEND_STATIC="db_${dblib}.o allockey.o"
99 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_${dblib}.c ../sasldb/allockey.c"
99 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_${dblib}.c \$(top_srcdir)/sasldb/allockey.c"
100100 SASL_DB_UTILS="saslpasswd2 sasldblistusers2"
101101 SASL_DB_MANS="saslpasswd2.8 sasldblistusers2.8"
102102
119119 dnl will just fail to load anyway.
120120 SASL_DB_BACKEND="db_none.lo"
121121 SASL_DB_BACKEND_STATIC="db_none.o"
122 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_none.c"
122 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_none.c"
123123 SASL_DB_UTILS=""
124124 SASL_DB_MANS=""
125125 SASL_DB_LIB=""
128128
129129 if test "$enable_static" = yes; then
130130 if test "$dblib" != "none"; then
131 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
131 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
132132 SASL_STATIC_OBJS="$SASL_STATIC_OBJS sasldb.o $SASL_DB_BACKEND_STATIC"
133133 AC_DEFINE(STATIC_SASLDB,[],[Link SASLdb Staticly])
134134 else
100100 /* Do we have a getnameinfo() function? */
101101 #undef HAVE_GETNAMEINFO
102102
103 /* Define to 1 if you have the `getpassphrase' function. */
104 #undef HAVE_GETPASSPHRASE
105
103106 /* Define to 1 if you have the `getpwnam' function. */
104107 #undef HAVE_GETPWNAM
105108
211214
212215 /* Do we have SQLite support? */
213216 #undef HAVE_SQLITE
217
218 /* Do we have SQLite3 support? */
219 #undef HAVE_SQLITE3
214220
215221 /* Is there an ss_family in sockaddr_storage? */
216222 #undef HAVE_SS_FAMILY
308308 #endif"
309309
310310 ac_subdirs_all="$ac_subdirs_all saslauthd"
311 ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO AMTAR install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM AWK SET_MAKE am__leading_dot CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE CPP LN_S RANLIB ac_ct_RANLIB LIBTOOL PURECOV PURIFY JAVAC JAVAH JAVADOC JAVA_TRUE JAVA_FALSE JAVA_INCLUDES JAVAROOT SAMPLE_TRUE SAMPLE_FALSE LIB_SOCKET EGREP SASL_DB_UTILS SASL_DB_MANS SASL_DB_BACKEND SASL_DB_BACKEND_STATIC SASL_DB_INC SASL_DB_LIB NO_SASL_DB_MANS_TRUE NO_SASL_DB_MANS_FALSE SASL_DL_LIB NM SASLAUTHD_TRUE SASLAUTHD_FALSE PWCHECKMETH PWCHECK_TRUE PWCHECK_FALSE IPCTYPE LIB_DOOR CMU_LIB_SUBDIR LIB_DES OTP_LIBS SRP_LIBS SASL_KRB_LIB LIB_CRYPT GSSAPI_LIBS GSSAPIBASE_LIBS PLAIN_LIBS NTLM_LIBS PASSDSS_LIBS LIB_MYSQL LIB_PGSQL LIB_SQLITE LIB_LDAP SASL_MECHS SASL_STATIC_SRCS SASL_STATIC_OBJS SASL_STATIC_LIBS plugindir configdir MACOSX_TRUE MACOSX_FALSE DMALLOC_LIBS SFIO_INC_FLAGS SFIO_LIB_FLAGS SMTPTEST_PROGRAM SASL_UTIL_LIBS_EXTRA SASL_UTIL_HEADERS_EXTRA LIBOBJS GETSUBOPT SNPRINTFOBJS LTSNPRINTFOBJS GETADDRINFOOBJS LTGETADDRINFOOBJS GETNAMEINFOOBJS LTGETNAMEINFOOBJS LTLIBOBJS DIRS subdirs'
311 ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO AMTAR install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM AWK SET_MAKE am__leading_dot CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE CPP LN_S RANLIB ac_ct_RANLIB LIBTOOL PURECOV PURIFY JAVAC JAVAH JAVADOC JAVA_TRUE JAVA_FALSE JAVA_INCLUDES JAVAROOT SAMPLE_TRUE SAMPLE_FALSE LIB_SOCKET EGREP SASL_DB_UTILS SASL_DB_MANS SASL_DB_BACKEND SASL_DB_BACKEND_STATIC SASL_DB_INC SASL_DB_LIB NO_SASL_DB_MANS_TRUE NO_SASL_DB_MANS_FALSE SASL_DL_LIB NM SASLAUTHD_TRUE SASLAUTHD_FALSE PWCHECKMETH PWCHECK_TRUE PWCHECK_FALSE IPCTYPE LIB_DOOR CMU_LIB_SUBDIR LIB_DES OTP_LIBS SRP_LIBS SASL_KRB_LIB LIB_CRYPT GSSAPI_LIBS GSSAPIBASE_LIBS PLAIN_LIBS NTLM_LIBS PASSDSS_LIBS LIB_MYSQL LIB_PGSQL LIB_SQLITE LIB_SQLITE3 LIB_LDAP SASL_MECHS SASL_STATIC_SRCS SASL_STATIC_OBJS SASL_STATIC_LIBS plugindir configdir MACOSX_TRUE MACOSX_FALSE DMALLOC_LIBS SFIO_INC_FLAGS SFIO_LIB_FLAGS SMTPTEST_PROGRAM SASL_UTIL_LIBS_EXTRA SASL_UTIL_HEADERS_EXTRA LIBOBJS GETSUBOPT SNPRINTFOBJS LTSNPRINTFOBJS GETADDRINFOOBJS LTGETADDRINFOOBJS GETNAMEINFOOBJS LTGETNAMEINFOOBJS LTLIBOBJS DIRS subdirs'
312312 ac_subst_files=''
313313
314314 # Initialize some variables set by options.
908908 --with-mysql=PATH use MySQL from PATH
909909 --with-pgsql=PATH use PostgreSQL from PATH
910910 --with-sqlite=PATH use SQLite from PATH
911 --with-sqlite3=PATH use SQLite3 from PATH
911912 --with-plugindir=DIR set the directory where plugins will
912913 be found [/usr/lib/sasl2]
913914 --with-configdir=DIR set the directory where config files will
17101711
17111712 # Define the identity of the package.
17121713 PACKAGE=cyrus-sasl
1713 VERSION=2.1.23
1714 VERSION=2.1.24
17141715
17151716
17161717 cat >>confdefs.h <<_ACEOF
33033304 /* end confdefs.h. */
33043305
33053306 #include <stdlib.h>
3306
3307 int
3308 main ()
3309 {
3310
33113307 static void foo(void) __attribute__ ((noreturn));
33123308
33133309 static void
33163312 exit(1);
33173313 }
33183314
3315 int
3316 main ()
3317 {
3318
3319
33193320 ;
33203321 return 0;
33213322 }
33573358 # CMU GUESS RUNPATH SWITCH
33583359 echo "$as_me:$LINENO: checking for runpath switch" >&5
33593360 echo $ECHO_N "checking for runpath switch... $ECHO_C" >&6
3360 if test "${andrew_runpath_switch+set}" = set; then
3361 if test "${andrew_cv_runpath_switch+set}" = set; then
33613362 echo $ECHO_N "(cached) $ECHO_C" >&6
33623363 else
33633364
33923393 ac_status=$?
33933394 echo "$as_me:$LINENO: \$? = $ac_status" >&5
33943395 (exit $ac_status); }; }; then
3395 andrew_runpath_switch="-R"
3396 andrew_cv_runpath_switch="-R"
33963397 else
33973398 echo "$as_me: failed program was:" >&5
33983399 sed 's/^/| /' conftest.$ac_ext >&5
34273428 ac_status=$?
34283429 echo "$as_me:$LINENO: \$? = $ac_status" >&5
34293430 (exit $ac_status); }; }; then
3430 andrew_runpath_switch="-Wl,-rpath,"
3431 andrew_cv_runpath_switch="-Wl,-rpath,"
34313432 else
34323433 echo "$as_me: failed program was:" >&5
34333434 sed 's/^/| /' conftest.$ac_ext >&5
34343435
3435 andrew_runpath_switch="none"
3436 andrew_cv_runpath_switch="none"
34363437 fi
34373438 rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
34383439
34413442 LDFLAGS="${SAVE_LDFLAGS}"
34423443
34433444 fi
3444 echo "$as_me:$LINENO: result: $andrew_runpath_switch" >&5
3445 echo "${ECHO_T}$andrew_runpath_switch" >&6
3445 echo "$as_me:$LINENO: result: $andrew_cv_runpath_switch" >&5
3446 echo "${ECHO_T}$andrew_cv_runpath_switch" >&6
34463447
34473448
34483449 # Check whether --with-staticsasl or --without-staticsasl was given.
37653766 case "$lt_target" in
37663767 *-*-irix6*)
37673768 # Find out which ABI we are using.
3768 echo '#line 3769 "configure"' > conftest.$ac_ext
3769 echo '#line 3770 "configure"' > conftest.$ac_ext
37693770 if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
37703771 (eval $ac_compile) 2>&5
37713772 ac_status=$?
51275128 if test -d $with_bdb_lib; then
51285129
51295130 # this is CMU ADD LIBPATH TO
5130 if test "$andrew_runpath_switch" = "none" ; then
5131 if test "$andrew_cv_runpath_switch" = "none" ; then
51315132 LDFLAGS="-L$with_bdb_lib ${LDFLAGS}"
51325133 else
5133 LDFLAGS="-L$with_bdb_lib ${LDFLAGS} $andrew_runpath_switch$with_bdb_lib"
5134 LDFLAGS="-L$with_bdb_lib ${LDFLAGS} $andrew_cv_runpath_switch$with_bdb_lib"
51345135 fi
51355136
51365137
51375138 # this is CMU ADD LIBPATH TO
5138 if test "$andrew_runpath_switch" = "none" ; then
5139 if test "$andrew_cv_runpath_switch" = "none" ; then
51395140 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD}"
51405141 else
5141 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD} $andrew_runpath_switch$with_bdb_lib"
5142 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD} $andrew_cv_runpath_switch$with_bdb_lib"
51425143 fi
51435144
51445145 else
51465147 fi
51475148
51485149 saved_LIBS=$LIBS
5149 for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
5150 for dbname in ${with_bdb} db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
51505151 do
51515152 LIBS="$saved_LIBS -l$dbname"
51525153 cat >conftest.$ac_ext <<_ACEOF
51565157 cat confdefs.h >>conftest.$ac_ext
51575158 cat >>conftest.$ac_ext <<_ACEOF
51585159 /* end confdefs.h. */
5160 #include <stdio.h>
51595161 #include <db.h>
51605162 int
51615163 main ()
51965198 cat confdefs.h >>conftest.$ac_ext
51975199 cat >>conftest.$ac_ext <<_ACEOF
51985200 /* end confdefs.h. */
5201 #include <stdio.h>
51995202 #include <db.h>
52005203 int
52015204 main ()
58845887 if test -d $with_bdb_lib; then
58855888
58865889 # this is CMU ADD LIBPATH TO
5887 if test "$andrew_runpath_switch" = "none" ; then
5890 if test "$andrew_cv_runpath_switch" = "none" ; then
58885891 LDFLAGS="-L$with_bdb_lib ${LDFLAGS}"
58895892 else
5890 LDFLAGS="-L$with_bdb_lib ${LDFLAGS} $andrew_runpath_switch$with_bdb_lib"
5893 LDFLAGS="-L$with_bdb_lib ${LDFLAGS} $andrew_cv_runpath_switch$with_bdb_lib"
58915894 fi
58925895
58935896
58945897 # this is CMU ADD LIBPATH TO
5895 if test "$andrew_runpath_switch" = "none" ; then
5898 if test "$andrew_cv_runpath_switch" = "none" ; then
58965899 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD}"
58975900 else
5898 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD} $andrew_runpath_switch$with_bdb_lib"
5901 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD} $andrew_cv_runpath_switch$with_bdb_lib"
58995902 fi
59005903
59015904 else
59035906 fi
59045907
59055908 saved_LIBS=$LIBS
5906 for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
5909 for dbname in ${with_bdb} db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
59075910 do
59085911 LIBS="$saved_LIBS -l$dbname"
59095912 cat >conftest.$ac_ext <<_ACEOF
59135916 cat confdefs.h >>conftest.$ac_ext
59145917 cat >>conftest.$ac_ext <<_ACEOF
59155918 /* end confdefs.h. */
5919 #include <stdio.h>
59165920 #include <db.h>
59175921 int
59185922 main ()
59535957 cat confdefs.h >>conftest.$ac_ext
59545958 cat >>conftest.$ac_ext <<_ACEOF
59555959 /* end confdefs.h. */
5960 #include <stdio.h>
59565961 #include <db.h>
59575962 int
59585963 main ()
65006505
65016506 SASL_DB_BACKEND="db_${dblib}.lo"
65026507 SASL_DB_BACKEND_STATIC="db_${dblib}.o allockey.o"
6503 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_${dblib}.c ../sasldb/allockey.c"
6508 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_${dblib}.c \$(top_srcdir)/sasldb/allockey.c"
65046509 SASL_DB_UTILS="saslpasswd2 sasldblistusers2"
65056510 SASL_DB_MANS="saslpasswd2.8 sasldblistusers2.8"
65066511
65346539 echo "$as_me: WARNING: Disabling SASL authentication database support" >&2;}
65356540 SASL_DB_BACKEND="db_none.lo"
65366541 SASL_DB_BACKEND_STATIC="db_none.o"
6537 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_none.c"
6542 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_none.c"
65386543 SASL_DB_UTILS=""
65396544 SASL_DB_MANS=""
65406545 SASL_DB_LIB=""
65436548
65446549 if test "$enable_static" = yes; then
65456550 if test "$dblib" != "none"; then
6546 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
6551 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
65476552 SASL_STATIC_OBJS="$SASL_STATIC_OBJS sasldb.o $SASL_DB_BACKEND_STATIC"
65486553
65496554 cat >>confdefs.h <<\_ACEOF
74447449 SASL_MECHS="$SASL_MECHS libcrammd5.la"
74457450 if test "$enable_static" = yes; then
74467451 SASL_STATIC_OBJS="$SASL_STATIC_OBJS cram.o"
7447 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/cram.c"
7452 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/cram.c"
74487453
74497454 cat >>confdefs.h <<\_ACEOF
74507455 #define STATIC_CRAMMD5
78657870 CPPFLAGS="${CPPFLAGS} -I${with_openssl}/include"
78667871
78677872 # this is CMU ADD LIBPATH
7868 if test "$andrew_runpath_switch" = "none" ; then
7873 if test "$andrew_cv_runpath_switch" = "none" ; then
78697874 LDFLAGS="-L${with_openssl}/$CMU_LIB_SUBDIR ${LDFLAGS}"
78707875 else
7871 LDFLAGS="-L${with_openssl}/$CMU_LIB_SUBDIR $andrew_runpath_switch${with_openssl}/$CMU_LIB_SUBDIR ${LDFLAGS}"
7876 LDFLAGS="-L${with_openssl}/$CMU_LIB_SUBDIR $andrew_cv_runpath_switch${with_openssl}/$CMU_LIB_SUBDIR ${LDFLAGS}"
78727877 fi
78737878
78747879 fi
91399144 echo "${ECHO_T}enabled" >&6
91409145 SASL_MECHS="$SASL_MECHS libdigestmd5.la"
91419146 if test "$enable_static" = yes; then
9142 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/digestmd5.c"
9147 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/digestmd5.c"
91439148 SASL_STATIC_OBJS="$SASL_STATIC_OBJS digestmd5.o"
91449149
91459150 cat >>confdefs.h <<\_ACEOF
91759180
91769181 SASL_MECHS="$SASL_MECHS libotp.la"
91779182 if test "$enable_static" = yes; then
9178 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/otp.c"
9183 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/otp.c"
91799184 SASL_STATIC_OBJS="$SASL_STATIC_OBJS otp.o"
91809185
91819186 cat >>confdefs.h <<\_ACEOF
94449449
94459450 SASL_MECHS="$SASL_MECHS libsrp.la"
94469451 if test "$enable_static" = yes; then
9447 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/srp.c"
9452 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/srp.c"
94489453 SASL_STATIC_OBJS="$SASL_STATIC_OBJS srp.o"
94499454
94509455 cat >>confdefs.h <<\_ACEOF
1007110076 echo "$as_me:$LINENO: result: enabled" >&5
1007210077 echo "${ECHO_T}enabled" >&6
1007310078 SASL_MECHS="$SASL_MECHS libkerberos4.la"
10074 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/kerberos4.c"
10079 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/kerberos4.c"
1007510080 SASL_STATIC_OBJS="$SASL_STATIC_OBJS kerberos4.o"
1007610081
1007710082 cat >>confdefs.h <<\_ACEOF
1042410429
1042510430 fi
1042610431 if test $ac_cv_header_gssapi_h = yes; then
10427
10428 cat >>confdefs.h <<\_ACEOF
10429 #define HAVE_GSSAPI_H
10430 _ACEOF
10431
10432 :
1043210433 else
1043310434 if test "${ac_cv_header_gssapi_gssapi_h+set}" = set; then
1043410435 echo "$as_me:$LINENO: checking for gssapi/gssapi.h" >&5
1057610577 fi
1057710578
1057810579 if test "$gssapi" != no; then
10580 if test "$ac_cv_header_gssapi_h" = "yes" -o "$ac_cv_header_gssapi_gssapi_h" = "yes"; then
10581
10582 cat >>confdefs.h <<\_ACEOF
10583 #define HAVE_GSSAPI_H
10584 _ACEOF
10585
10586 fi
10587
1057910588 # We need to find out which gssapi implementation we are
1058010589 # using. Supported alternatives are: MIT Kerberos 5,
1058110590 # Heimdal Kerberos 5 (http://www.pdc.kth.se/heimdal),
1132611335
1132711336 SASL_MECHS="$SASL_MECHS libgssapiv2.la"
1132811337 SASL_STATIC_OBJS="$SASL_STATIC_OBJS gssapi.o"
11329 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/gssapi.c"
11338 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/gssapi.c"
1133011339
1133111340 cmu_save_LIBS="$LIBS"
1133211341 LIBS="$LIBS $GSSAPIBASE_LIBS"
1148011489 SASL_MECHS="$SASL_MECHS libplain.la"
1148111490 if test "$enable_static" = yes; then
1148211491 SASL_STATIC_OBJS="$SASL_STATIC_OBJS plain.o"
11483 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/plain.c"
11492 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/plain.c"
1148411493
1148511494 cat >>confdefs.h <<\_ACEOF
1148611495 #define STATIC_PLAIN
1150911518 SASL_MECHS="$SASL_MECHS libanonymous.la"
1151011519 if test "$enable_static" = yes; then
1151111520 SASL_STATIC_OBJS="$SASL_STATIC_OBJS anonymous.o"
11512 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/anonymous.c"
11521 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/anonymous.c"
1151311522
1151411523 cat >>confdefs.h <<\_ACEOF
1151511524 #define STATIC_ANONYMOUS
1153611545 echo "${ECHO_T}enabled" >&6
1153711546 SASL_MECHS="$SASL_MECHS liblogin.la"
1153811547 if test "$enable_static" = yes; then
11539 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/login.c"
11548 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/login.c"
1154011549 SASL_STATIC_OBJS="$SASL_STATIC_OBJS login.o"
1154111550
1154211551 cat >>confdefs.h <<\_ACEOF
1157311582
1157411583 SASL_MECHS="$SASL_MECHS libntlm.la"
1157511584 if test "$enable_static" = yes; then
11576 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/ntlm.c"
11585 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/ntlm.c"
1157711586 SASL_STATIC_OBJS="$SASL_STATIC_OBJS ntlm.o"
1157811587
1157911588 cat >>confdefs.h <<\_ACEOF
1161111620 SASL_MECHS="$SASL_MECHS libpassdss.la"
1161211621 if test "$enable_static" = yes; then
1161311622 SASL_STATIC_OBJS="$SASL_STATIC_OBJS passdss.o"
11614 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/passdss.c"
11623 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/passdss.c"
1161511624
1161611625 cat >>confdefs.h <<\_ACEOF
1161711626 #define STATIC_PASSDSS
1165211661 echo "${ECHO_T}enabled" >&6
1165311662 SASL_MECHS="$SASL_MECHS libsql.la"
1165411663 if test "$enable_static" = yes; then
11655 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/sql.c"
11664 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/sql.c"
1165611665 SASL_STATIC_OBJS="$SASL_STATIC_OBJS sql.o"
1165711666
1165811667 cat >>confdefs.h <<\_ACEOF
1170311712 if test -d ${with_mysql}/lib/mysql; then
1170411713
1170511714 # this is CMU ADD LIBPATH TO
11706 if test "$andrew_runpath_switch" = "none" ; then
11715 if test "$andrew_cv_runpath_switch" = "none" ; then
1170711716 LIB_MYSQL="-L${with_mysql}/lib/mysql ${LIB_MYSQL}"
1170811717 else
11709 LIB_MYSQL="-L${with_mysql}/lib/mysql ${LIB_MYSQL} $andrew_runpath_switch${with_mysql}/lib/mysql"
11718 LIB_MYSQL="-L${with_mysql}/lib/mysql ${LIB_MYSQL} $andrew_cv_runpath_switch${with_mysql}/lib/mysql"
1171011719 fi
1171111720
1171211721 elif test -d ${with_mysql}/mysql/lib; then
1171311722
1171411723 # this is CMU ADD LIBPATH TO
11715 if test "$andrew_runpath_switch" = "none" ; then
11724 if test "$andrew_cv_runpath_switch" = "none" ; then
1171611725 LIB_MYSQL="-L${with_mysql}/mysql/lib ${LIB_MYSQL}"
1171711726 else
11718 LIB_MYSQL="-L${with_mysql}/mysql/lib ${LIB_MYSQL} $andrew_runpath_switch${with_mysql}/mysql/lib"
11727 LIB_MYSQL="-L${with_mysql}/mysql/lib ${LIB_MYSQL} $andrew_cv_runpath_switch${with_mysql}/mysql/lib"
1171911728 fi
1172011729
1172111730 elif test -d ${with_mysql}/lib; then
1172211731
1172311732 # this is CMU ADD LIBPATH TO
11724 if test "$andrew_runpath_switch" = "none" ; then
11733 if test "$andrew_cv_runpath_switch" = "none" ; then
1172511734 LIB_MYSQL="-L${with_mysql}/lib ${LIB_MYSQL}"
1172611735 else
11727 LIB_MYSQL="-L${with_mysql}/lib ${LIB_MYSQL} $andrew_runpath_switch${with_mysql}/lib"
11736 LIB_MYSQL="-L${with_mysql}/lib ${LIB_MYSQL} $andrew_cv_runpath_switch${with_mysql}/lib"
1172811737 fi
1172911738
1173011739 else
1173111740
1173211741 # this is CMU ADD LIBPATH TO
11733 if test "$andrew_runpath_switch" = "none" ; then
11742 if test "$andrew_cv_runpath_switch" = "none" ; then
1173411743 LIB_MYSQL="-L${with_mysql} ${LIB_MYSQL}"
1173511744 else
11736 LIB_MYSQL="-L${with_mysql} ${LIB_MYSQL} $andrew_runpath_switch${with_mysql}"
11745 LIB_MYSQL="-L${with_mysql} ${LIB_MYSQL} $andrew_cv_runpath_switch${with_mysql}"
1173711746 fi
1173811747
1173911748 fi
1186211871 if test -d ${with_pgsql}/lib/pgsql; then
1186311872
1186411873 # this is CMU ADD LIBPATH TO
11865 if test "$andrew_runpath_switch" = "none" ; then
11874 if test "$andrew_cv_runpath_switch" = "none" ; then
1186611875 LIB_PGSQL="-L${with_pgsql}/lib/pgsql ${LIB_PGSQL}"
1186711876 else
11868 LIB_PGSQL="-L${with_pgsql}/lib/pgsql ${LIB_PGSQL} $andrew_runpath_switch${with_pgsql}/lib/pgsql"
11877 LIB_PGSQL="-L${with_pgsql}/lib/pgsql ${LIB_PGSQL} $andrew_cv_runpath_switch${with_pgsql}/lib/pgsql"
1186911878 fi
1187011879
1187111880 elif test -d ${with_pgsql}/pgsql/lib; then
1187211881
1187311882 # this is CMU ADD LIBPATH TO
11874 if test "$andrew_runpath_switch" = "none" ; then
11883 if test "$andrew_cv_runpath_switch" = "none" ; then
1187511884 LIB_PGSQL="-L${with_pgsql}/pgsql/lib ${LIB_PGSQL}"
1187611885 else
11877 LIB_PGSQL="-L${with_pgsql}/pgsql/lib ${LIB_PGSQL} $andrew_runpath_switch${with_pgsql}/pgsql/lib"
11886 LIB_PGSQL="-L${with_pgsql}/pgsql/lib ${LIB_PGSQL} $andrew_cv_runpath_switch${with_pgsql}/pgsql/lib"
1187811887 fi
1187911888
1188011889 elif test -d ${with_pgsql}/lib; then
1188111890
1188211891 # this is CMU ADD LIBPATH TO
11883 if test "$andrew_runpath_switch" = "none" ; then
11892 if test "$andrew_cv_runpath_switch" = "none" ; then
1188411893 LIB_PGSQL="-L${with_pgsql}/lib ${LIB_PGSQL}"
1188511894 else
11886 LIB_PGSQL="-L${with_pgsql}/lib ${LIB_PGSQL} $andrew_runpath_switch${with_pgsql}/lib"
11895 LIB_PGSQL="-L${with_pgsql}/lib ${LIB_PGSQL} $andrew_cv_runpath_switch${with_pgsql}/lib"
1188711896 fi
1188811897
1188911898 else
1189011899
1189111900 # this is CMU ADD LIBPATH TO
11892 if test "$andrew_runpath_switch" = "none" ; then
11901 if test "$andrew_cv_runpath_switch" = "none" ; then
1189311902 LIB_PGSQL="-L${with_pgsql} ${LIB_PGSQL}"
1189411903 else
11895 LIB_PGSQL="-L${with_pgsql} ${LIB_PGSQL} $andrew_runpath_switch${with_pgsql}"
11904 LIB_PGSQL="-L${with_pgsql} ${LIB_PGSQL} $andrew_cv_runpath_switch${with_pgsql}"
1189611905 fi
1189711906
1189811907 fi
1210312112 esac
1210412113
1210512114
12106 if test "$sql" = yes -a "$with_pgsql" = no -a "$with_mysql" = no -a "$with_sqlite" = no; then
12107 { { echo "$as_me:$LINENO: error: --enable-sql chosen but neither Postgres nor MySQL nor SQLite found" >&5
12108 echo "$as_me: error: --enable-sql chosen but neither Postgres nor MySQL nor SQLite found" >&2;}
12115
12116 # Check whether --with-sqlite3 or --without-sqlite3 was given.
12117 if test "${with_sqlite3+set}" = set; then
12118 withval="$with_sqlite3"
12119 with_sqlite3=$withval
12120 else
12121 with_sqlite3=$sql
12122 fi;
12123
12124 # find location of library
12125 # we assume that if one given then it is correct
12126 if test "${with_sqlite3}" = "yes"; then
12127 with_sqlite3=notfound
12128 for sqlite3loc in lib
12129 do
12130 if test -f ${prefix}/${sqlite3loc}/libsqlite3.a; then
12131 with_sqlite3="${prefix}"
12132 break
12133 elif test -f /usr/local/${sqlite3loc}/libsqlite3.a; then
12134 with_sqlite3="/usr/local"
12135 break
12136 elif test -f /usr/${sqlite3loc}/libsqlite3.a; then
12137 with_sqlite3="/usr"
12138 break
12139 fi
12140 done
12141 fi
12142
12143 LIB_SQLITE3=""
12144
12145 case "$with_sqlite3" in
12146 no) true;;
12147 notfound) { echo "$as_me:$LINENO: WARNING: SQLite3 Library not found" >&5
12148 echo "$as_me: WARNING: SQLite3 Library not found" >&2;}; true;;
12149 *)
12150 if test -d ${with_sqlite3}/lib; then
12151 LIB_SQLITE3="-L${with_sqlite3}/lib -R${with_sqlite3}/lib"
12152 else
12153 LIB_SQLITE3="-L${with_sqlite3} -R${with_sqlite3}"
12154 fi
12155
12156 LIB_SQLITE3_DIR=$LIB_SQLITE3
12157 LIB_SQLITE3="$LIB_SQLITE3 -lsqlite3"
12158
12159 if test -d ${with_sqlite3}/include; then
12160 CPPFLAGS="${CPPFLAGS} -I${with_sqlite3}/include"
12161 else
12162 CPPFLAGS="${CPPFLAGS} -I${with_sqlite3}"
12163 fi
12164 echo "$as_me:$LINENO: checking for sqlite3_open in -lsqlite3" >&5
12165 echo $ECHO_N "checking for sqlite3_open in -lsqlite3... $ECHO_C" >&6
12166 if test "${ac_cv_lib_sqlite3_sqlite3_open+set}" = set; then
12167 echo $ECHO_N "(cached) $ECHO_C" >&6
12168 else
12169 ac_check_lib_save_LIBS=$LIBS
12170 LIBS="-lsqlite3 $LIB_SQLITE3_DIR $LIBS"
12171 cat >conftest.$ac_ext <<_ACEOF
12172 #line $LINENO "configure"
12173 /* confdefs.h. */
12174 _ACEOF
12175 cat confdefs.h >>conftest.$ac_ext
12176 cat >>conftest.$ac_ext <<_ACEOF
12177 /* end confdefs.h. */
12178
12179 /* Override any gcc2 internal prototype to avoid an error. */
12180 #ifdef __cplusplus
12181 extern "C"
12182 #endif
12183 /* We use char because int might match the return type of a gcc2
12184 builtin and then its argument prototype would still apply. */
12185 char sqlite3_open ();
12186 int
12187 main ()
12188 {
12189 sqlite3_open ();
12190 ;
12191 return 0;
12192 }
12193 _ACEOF
12194 rm -f conftest.$ac_objext conftest$ac_exeext
12195 if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
12196 (eval $ac_link) 2>&5
12197 ac_status=$?
12198 echo "$as_me:$LINENO: \$? = $ac_status" >&5
12199 (exit $ac_status); } &&
12200 { ac_try='test -s conftest$ac_exeext'
12201 { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
12202 (eval $ac_try) 2>&5
12203 ac_status=$?
12204 echo "$as_me:$LINENO: \$? = $ac_status" >&5
12205 (exit $ac_status); }; }; then
12206 ac_cv_lib_sqlite3_sqlite3_open=yes
12207 else
12208 echo "$as_me: failed program was:" >&5
12209 sed 's/^/| /' conftest.$ac_ext >&5
12210
12211 ac_cv_lib_sqlite3_sqlite3_open=no
12212 fi
12213 rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
12214 LIBS=$ac_check_lib_save_LIBS
12215 fi
12216 echo "$as_me:$LINENO: result: $ac_cv_lib_sqlite3_sqlite3_open" >&5
12217 echo "${ECHO_T}$ac_cv_lib_sqlite3_sqlite3_open" >&6
12218 if test $ac_cv_lib_sqlite3_sqlite3_open = yes; then
12219
12220 cat >>confdefs.h <<\_ACEOF
12221 #define HAVE_SQLITE3
12222 _ACEOF
12223
12224 else
12225 { echo "$as_me:$LINENO: WARNING: SQLite3 Library sqlite3 does not work" >&5
12226 echo "$as_me: WARNING: SQLite3 Library sqlite3 does not work" >&2;}
12227 with_sqlite3=no
12228 fi
12229 ;;
12230
12231 esac
12232
12233
12234 if test "$sql" = yes -a "$with_pgsql" = no -a "$with_mysql" = no -a "$with_sqlite" = no -a "$with_sqlite3" = no; then
12235 { { echo "$as_me:$LINENO: error: --enable-sql chosen but neither Postgres nor MySQL nor SQLite nor SQLite3 found" >&5
12236 echo "$as_me: error: --enable-sql chosen but neither Postgres nor MySQL nor SQLite nor SQLite3 found" >&2;}
1210912237 { (exit 1); exit 1; }; }
1211012238 fi
1211112239
1214312271 CPPFLAGS="${CPPFLAGS} -I${with_ldap}/include"
1214412272
1214512273 # this is CMU ADD LIBPATH
12146 if test "$andrew_runpath_switch" = "none" ; then
12274 if test "$andrew_cv_runpath_switch" = "none" ; then
1214712275 LDFLAGS="-L${with_ldap}/lib ${LDFLAGS}"
1214812276 else
12149 LDFLAGS="-L${with_ldap}/lib $andrew_runpath_switch${with_ldap}/lib ${LDFLAGS}"
12277 LDFLAGS="-L${with_ldap}/lib $andrew_cv_runpath_switch${with_ldap}/lib ${LDFLAGS}"
1215012278 fi
1215112279
1215212280 fi
1244812576
1244912577 SASL_MECHS="$SASL_MECHS libldapdb.la"
1245012578 if test "$enable_static" = yes; then
12451 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/ldapdb.c"
12579 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/ldapdb.c"
1245212580 SASL_STATIC_OBJS="$SASL_STATIC_OBJS ldapdb.o"
1245312581
1245412582 cat >>confdefs.h <<\_ACEOF
1528715415
1528815416
1528915417
15290 for ac_func in gethostname getdomainname getpwnam getspnam gettimeofday inet_aton memcpy mkdir select socket strchr strdup strerror strspn strstr strtol jrand48
15418
15419 for ac_func in gethostname getdomainname getpwnam getspnam gettimeofday inet_aton memcpy mkdir select socket strchr strdup strerror strspn strstr strtol jrand48 getpassphrase
1529115420 do
1529215421 as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
1529315422 echo "$as_me:$LINENO: checking for $ac_func" >&5
1621516344 s,@LIB_MYSQL@,$LIB_MYSQL,;t t
1621616345 s,@LIB_PGSQL@,$LIB_PGSQL,;t t
1621716346 s,@LIB_SQLITE@,$LIB_SQLITE,;t t
16347 s,@LIB_SQLITE3@,$LIB_SQLITE3,;t t
1621816348 s,@LIB_LDAP@,$LIB_LDAP,;t t
1621916349 s,@SASL_MECHS@,$SASL_MECHS,;t t
1622016350 s,@SASL_STATIC_SRCS@,$SASL_STATIC_SRCS,;t t
00 dnl configure.in for the SASL library
11 dnl Rob Siemborski
22 dnl Rob Earhart
3 dnl $Id: configure.in,v 1.213.2.1 2009/04/27 17:58:25 murch Exp $
3 dnl $Id: configure.in,v 1.218 2009/05/20 12:24:48 murch Exp $
44 dnl
55 dnl Copyright (c) 2001 Carnegie Mellon University. All rights reserved.
66 dnl
5858 dnl REMINDER: When changing the version number here, please also update
5959 dnl the values in win32/include/config.h and include/sasl.h as well.
6060 dnl
61 AM_INIT_AUTOMAKE(cyrus-sasl, 2.1.23)
61 AM_INIT_AUTOMAKE(cyrus-sasl, 2.1.24)
6262 CMU_INIT_AUTOMAKE
6363
6464 # and include our config dir scripts
383383 SASL_MECHS="$SASL_MECHS libcrammd5.la"
384384 if test "$enable_static" = yes; then
385385 SASL_STATIC_OBJS="$SASL_STATIC_OBJS cram.o"
386 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/cram.c"
386 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/cram.c"
387387 AC_DEFINE(STATIC_CRAMMD5, [], [Link CRAM-MD5 Staticly])
388388 fi
389389 else
417417 AC_MSG_RESULT(enabled)
418418 SASL_MECHS="$SASL_MECHS libdigestmd5.la"
419419 if test "$enable_static" = yes; then
420 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/digestmd5.c"
420 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/digestmd5.c"
421421 SASL_STATIC_OBJS="$SASL_STATIC_OBJS digestmd5.o"
422422 AC_DEFINE(STATIC_DIGESTMD5, [], [Link DIGEST-MD5 Staticly])
423423 fi
442442
443443 SASL_MECHS="$SASL_MECHS libotp.la"
444444 if test "$enable_static" = yes; then
445 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/otp.c"
445 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/otp.c"
446446 SASL_STATIC_OBJS="$SASL_STATIC_OBJS otp.o"
447447 AC_DEFINE(STATIC_OTP, [], [Link OTP Staticly])
448448 fi
499499
500500 SASL_MECHS="$SASL_MECHS libsrp.la"
501501 if test "$enable_static" = yes; then
502 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/srp.c"
502 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/srp.c"
503503 SASL_STATIC_OBJS="$SASL_STATIC_OBJS srp.o"
504504 AC_DEFINE(STATIC_SRP, [], [Link SRP Staticly])
505505 fi
556556 SASL_MECHS="$SASL_MECHS libanonymous.la"
557557 if test "$enable_static" = yes; then
558558 SASL_STATIC_OBJS="$SASL_STATIC_OBJS anonymous.o"
559 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/anonymous.c"
559 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/anonymous.c"
560560 AC_DEFINE(STATIC_ANONYMOUS, [], [Link ANONYMOUS Staticly])
561561 fi
562562 else
573573 AC_MSG_RESULT(enabled)
574574 SASL_MECHS="$SASL_MECHS liblogin.la"
575575 if test "$enable_static" = yes; then
576 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/login.c"
576 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/login.c"
577577 SASL_STATIC_OBJS="$SASL_STATIC_OBJS login.o"
578578 AC_DEFINE(STATIC_LOGIN,[],[Link LOGIN Staticly])
579579 fi
599599
600600 SASL_MECHS="$SASL_MECHS libntlm.la"
601601 if test "$enable_static" = yes; then
602 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/ntlm.c"
602 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/ntlm.c"
603603 SASL_STATIC_OBJS="$SASL_STATIC_OBJS ntlm.o"
604604 AC_DEFINE(STATIC_NTLM,[],[Link NTLM Staticly])
605605 fi
626626 SASL_MECHS="$SASL_MECHS libpassdss.la"
627627 if test "$enable_static" = yes; then
628628 SASL_STATIC_OBJS="$SASL_STATIC_OBJS passdss.o"
629 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/passdss.c"
629 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/passdss.c"
630630 AC_DEFINE(STATIC_PASSDSS,[],[Link PASSDSS Staticly])
631631 fi
632632 else
656656 AC_MSG_RESULT(enabled)
657657 SASL_MECHS="$SASL_MECHS libsql.la"
658658 if test "$enable_static" = yes; then
659 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/sql.c"
659 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/sql.c"
660660 SASL_STATIC_OBJS="$SASL_STATIC_OBJS sql.o"
661661 AC_DEFINE(STATIC_SQL,[],[Link SQL plugin staticly])
662662 fi
845845 esac
846846 AC_SUBST(LIB_SQLITE)
847847
848 if test "$sql" = yes -a "$with_pgsql" = no -a "$with_mysql" = no -a "$with_sqlite" = no; then
849 AC_ERROR([--enable-sql chosen but neither Postgres nor MySQL nor SQLite found])
848 dnl SQLite3
849 AC_ARG_WITH(sqlite3, [ --with-sqlite3=PATH use SQLite3 from PATH ],
850 with_sqlite3=$withval,
851 with_sqlite3=$sql)
852
853 # find location of library
854 # we assume that if one given then it is correct
855 if test "${with_sqlite3}" = "yes"; then
856 with_sqlite3=notfound
857 for sqlite3loc in lib
858 do
859 if test -f ${prefix}/${sqlite3loc}/libsqlite3.a; then
860 with_sqlite3="${prefix}"
861 break
862 elif test -f /usr/local/${sqlite3loc}/libsqlite3.a; then
863 with_sqlite3="/usr/local"
864 break
865 elif test -f /usr/${sqlite3loc}/libsqlite3.a; then
866 with_sqlite3="/usr"
867 break
868 fi
869 done
870 fi
871
872 LIB_SQLITE3=""
873
874 case "$with_sqlite3" in
875 no) true;;
876 notfound) AC_WARN([SQLite3 Library not found]); true;;
877 *)
878 if test -d ${with_sqlite3}/lib; then
879 LIB_SQLITE3="-L${with_sqlite3}/lib -R${with_sqlite3}/lib"
880 else
881 LIB_SQLITE3="-L${with_sqlite3} -R${with_sqlite3}"
882 fi
883
884 LIB_SQLITE3_DIR=$LIB_SQLITE3
885 LIB_SQLITE3="$LIB_SQLITE3 -lsqlite3"
886
887 if test -d ${with_sqlite3}/include; then
888 CPPFLAGS="${CPPFLAGS} -I${with_sqlite3}/include"
889 else
890 CPPFLAGS="${CPPFLAGS} -I${with_sqlite3}"
891 fi
892 AC_CHECK_LIB(sqlite3, sqlite3_open, AC_DEFINE(HAVE_SQLITE3,[],
893 [Do we have SQLite3 support?]),
894 [AC_WARN([SQLite3 Library sqlite3 does not work])
895 with_sqlite3=no], $LIB_SQLITE3_DIR);;
896
897 esac
898 AC_SUBST(LIB_SQLITE3)
899
900 if test "$sql" = yes -a "$with_pgsql" = no -a "$with_mysql" = no -a "$with_sqlite" = no -a "$with_sqlite3" = no; then
901 AC_ERROR([--enable-sql chosen but neither Postgres nor MySQL nor SQLite nor SQLite3 found])
850902 fi
851903
852904 if test "$enable_shared" = yes; then
896948
897949 SASL_MECHS="$SASL_MECHS libldapdb.la"
898950 if test "$enable_static" = yes; then
899 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/ldapdb.c"
951 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/ldapdb.c"
900952 SASL_STATIC_OBJS="$SASL_STATIC_OBJS ldapdb.o"
901953 AC_DEFINE(STATIC_LDAPDB,[],[Link ldapdb plugin Staticly])
902954 fi
11141166
11151167 #AC_FUNC_MEMCMP
11161168 #AC_FUNC_VPRINTF
1117 AC_CHECK_FUNCS(gethostname getdomainname getpwnam getspnam gettimeofday inet_aton memcpy mkdir select socket strchr strdup strerror strspn strstr strtol jrand48)
1169 AC_CHECK_FUNCS(gethostname getdomainname getpwnam getspnam gettimeofday inet_aton memcpy mkdir select socket strchr strdup strerror strspn strstr strtol jrand48 getpassphrase)
11181170
11191171 if test $enable_cmulocal = yes; then
11201172 AC_WARN([enabling CMU local kludges])
133133 LIB_PGSQL = @LIB_PGSQL@
134134 LIB_SOCKET = @LIB_SOCKET@
135135 LIB_SQLITE = @LIB_SQLITE@
136 LIB_SQLITE3 = @LIB_SQLITE3@
136137 LN_S = @LN_S@
137138 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
138139 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
00 <HTML><HEAD>
11 <title>SASL Components</title>
2 <!-- $Id: components.html,v 1.4 2003/07/15 17:38:57 ken3 Exp $ -->
2 <!-- $Id: components.html,v 1.5 2008/01/23 21:29:55 murch Exp $ -->
33 </HEAD>
44 <BODY>
55 <H1>SASL Components</H1>
6767 such as MIME Base-64 encoding and decoding, and random number generation.
6868 Others are more specific to the task of authentication, such as providing
6969 password verification services. Such services are capable of taking
70 a username and a plaintext password and saying &quot;yes&quit; or
70 a username and a plaintext password and saying &quot;yes&quot; or
7171 &quot;no&quot;. Details of available password verification services are
7272 discussed below.</p>
7373
0 <!-- $Id: mechanisms.html,v 1.6 2003/09/16 23:57:37 ken3 Exp $ -->
0 <!-- $Id: mechanisms.html,v 1.8 2008/10/31 15:18:46 murch Exp $ -->
11 <HTML>
22 <HEAD>
33 <TITLE>SASL Mechanism Properties/Features</TITLE>
135135 <TD><CENTER><br></CENTER></TD>
136136 <TD><CENTER><br></CENTER></TD>
137137 <TD><CENTER>X</CENTER></TD>
138 <TD><CENTER><br></CENTER></TD>
138 <TD><CENTER>X</CENTER></TD>
139139 <TD><CENTER><br></CENTER></TD>
140140 <TD><CENTER><br></CENTER></TD>
141141 <TD><CENTER>X</CENTER></TD>
176176 </TR>
177177
178178 <TR>
179 <TH>PASSDSS-3DES-1</TH>
180 <TD><CENTER>112</CENTER></TD>
181 <TD><CENTER>X</CENTER></TD>
182 <TD><CENTER>X</CENTER></TD>
183 <TD><CENTER>X</CENTER></TD>
184 <TD><CENTER>X</CENTER></TD>
185 <TD><CENTER>X</CENTER></TD>
186 <TD><CENTER>X</CENTER></TD>
187 <TD><CENTER>X</CENTER></TD>
188 <TD><CENTER>X</CENTER></TD>
189 <TD><CENTER><br></CENTER></TD>
190 <TD><CENTER><br></CENTER></TD>
191 <TD><CENTER>X</CENTER></TD>
192 </TR>
193
194 <TR>
179195 <TH>PLAIN</TH>
180196 <TD><CENTER>0</CENTER></TD>
181197 <TD><CENTER><br></CENTER></TD>
183199 <TD><CENTER><br></CENTER></TD>
184200 <TD><CENTER><br></CENTER></TD>
185201 <TD><CENTER>X</CENTER></TD>
186 <TD><CENTER><br></CENTER></TD>
202 <TD><CENTER>X</CENTER></TD>
187203 <TD><CENTER><br></CENTER></TD>
188204 <TD><CENTER>X</CENTER></TD>
189205 <TD><CENTER><br></CENTER></TD>
252268 <li><b>NOACTIVE</b> - Protection from active (non-dictionary) attacks
253269 during authentication exchange. (Implies <b>MUTUAL</b>).</li>
254270 <li><b>NODICT</b> - Not susceptable to passive dictionary attack.</li>
255 <li><b>NOFORWARD</b> - Breaking one session won't help break the next.</li>
271 <li><b>FORWARD</b> - Breaking one session won't help break the next.</li>
256272 <li><b>NOANON</b> - Don't permit anonymous logins.</li>
257273 <li><b>CRED</b> - Mechanism can pass client credentials.</li>
258274 <li><b>MUTUAL</b> - Supports mutual authentication (authenticates the server
00 <HTML><HEAD>
11 <title>Options for Cyrus SASL</title>
2 <!-- $Id: options.html,v 1.30 2005/02/16 20:52:05 shadow Exp $ -->
2 <!-- $Id: options.html,v 1.33 2009/01/25 13:02:29 mel Exp $ -->
33 </HEAD>
44 <BODY>
55 <h1>Options for Cyrus SASL</h1>
8282 <TD>none</TD>
8383 </TR>
8484 <TR>
85 <TD>ldapdb_canon_attr</TD><TD>LDAPDB plugin</TD>
86 <TD>Use the value of the specified attribute as the user's
87 canonical name. The attribute will be looked up in the user's LDAP
88 entry. This setting must be configured in order to use LDAPDB as
89 a canonuser plugin.</TD>
90 <TD>none</TD>
91 </TR>
92 <TR>
8593 <TD>log_level</TD><TD>SASL Library</TD>
8694 <TD><b>Numeric</b> Logging Level (see <TT>SASL_LOG_*</TT> in <tt>sasl.h</tt>
8795 for values and descriptions</TD>
95103 </TR>
96104 <TR>
97105 <TD>ntlm_server</TD><TD>NTLM (server)</TD>
98 <TD>Name of server (WinNT, Win2K, Samba, etc) to which authentication
99 will be proxied.</TD>
106 <TD>Comma separated list of servernames (WinNT, Win2K, Samba, etc) to
107 which authentication will be proxied.</TD>
100108 <TD>(null) - perform authentication internally</TD>
101109 </TR>
102110 <TR>
141149 <TD>Path to sasldb file</TD><TD><tt>/etc/sasldb2</tt> (system dependant)</TD>
142150 <TR>
143151 <TD>sql_engine</TD><TD>SQL plugin</TD>
144 <TD>Name of SQL engine to use (possible values: 'mysql', 'pgsql', 'sqlite').</TD>
152 <TD>Name of SQL engine to use (possible values: 'mysql', 'pgsql', 'sqlite', 'sqlite3').</TD>
145153 <TD><tt>mysql</tt></TD>
146154 </TR>
147155 <TR>
272280 </pre>
273281 is a valid value for <tt>sql_select</tt>.
274282
275 <h2>Notes on LDAPDB auxprop options</h2>
283 <h2>Notes on LDAPDB plugin options</h2>
276284
277285 <p>
278286 </p>
285293 makes the configuration of remote services much simpler.</p>
286294
287295 <p>This plugin is not for use with slapd itself. When OpenLDAP is
288 built with SASL support, slapd uses its own internal auxprop module.
296 built with SASL support, slapd uses its own internal auxprop and
297 canonuser module.
289298 By default, without configuring anything else, slapd will fail to load
290299 the ldapdb module when it's present. This is as it should be. If you
291300 don't like the "auxpropfunc: error -7" message that is sent to syslog
302311 ldapdb_id: root
303312 ldapdb_pw: secret
304313 ldapdb_mech: DIGEST-MD5
314 ldapdb_canon_attr: uid
305315 </pre>
306316
307317 <p>The LDAP server must be configured to map the SASL authcId "root" into a DN
00 <HTML><HEAD>
11 <title>Cyrus SASL for System Administrators</title>
2 <!-- $Id: sysadmin.html,v 1.50 2005/02/16 20:52:05 shadow Exp $ -->
2 <!-- $Id: sysadmin.html,v 1.52 2007/04/23 14:34:53 murch Exp $ -->
33 </HEAD>
44 <BODY>
55 <H1>Cyrus SASL for System Administrators</H1>
182182
183183 <p>To enable <tt>authdaemond</tt> support, pass <tt>--with-authdaemon</tt> to the
184184 configuration script, set pwcheck_method to ``authdaemond'' and point
185 authdaemon_path to <tt>authdaemond</tt>'s unix socket. Optionally, you can
185 authdaemond_path to <tt>authdaemond</tt>'s unix socket. Optionally, you can
186186 specify --with-authdaemond=PATH to the configure script so that
187187 authdaemond_path points to a default, static, location.
188188
462462 <p><b>A:</b> Check syslog output (usually stored in
463463 <tt>/var/log</tt>) for more information. You might want to change your
464464 syslog configuration (usually <tt>/etc/syslogd.conf</tt>) to log
465 "debug.*" to a file while debugging a problem.</p>
465 "*.debug" to a file while debugging a problem.</p>
466466
467467 <p>The developers make heavy use of <tt>strace</tt> or <tt>truss</tt>
468468 when debugging a problem that isn't outputting any useful
132132 LIB_PGSQL = @LIB_PGSQL@
133133 LIB_SOCKET = @LIB_SOCKET@
134134 LIB_SQLITE = @LIB_SQLITE@
135 LIB_SQLITE3 = @LIB_SQLITE3@
135136 LN_S = @LN_S@
136137 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
137138 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
123123 /* Keep in sync with win32/common.mak */
124124 #define SASL_VERSION_MAJOR 2
125125 #define SASL_VERSION_MINOR 1
126 #define SASL_VERSION_STEP 23
126 #define SASL_VERSION_STEP 24
127127
128128 /* A convenience macro: same as was defined in the OpenLDAP LDAPDB */
129129 #define SASL_VERSION_FULL ((SASL_VERSION_MAJOR << 16) |\
170170 #define SASL_NOCHANGE -22 /* requested change was not needed */
171171 #define SASL_WEAKPASS -27 /* passphrase is too weak for security policy */
172172 #define SASL_NOUSERPASS -28 /* user supplied passwords not permitted */
173 #define SASL_NEED_OLD_PASSWD -29 /* sasl_setpass needs old password in order
174 to perform password change */
175 #define SASL_CONSTRAINT_VIOLAT -30 /* a property can't be stored,
176 because of some constrains/policy violation */
173177
174178 /* max size of a sasl mechanism name */
175179 #define SASL_MECHNAMEMAX 20
625629 /* One of the following two is required */
626630 #define SASL_CU_AUTHID 0x01
627631 #define SASL_CU_AUTHZID 0x02
632 /* Combine the following with SASL_CU_AUTHID, if you don't want
633 to fail if auxprop returned SASL_NOUSER */
634 #define SASL_CU_EXTERNALLY_VERIFIED 0x04
635
636 #define SASL_CU_OVERRIDE 0x08 /* mapped to SASL_AUXPROP_OVERRIDE */
637
638 /* The following CU flags are passed "as is" down to auxprop lookup */
639 #define SASL_CU_ASIS_MASK 0xFFF0
640 /* NOTE: Keep in sync with SASL_AUXPROP_<XXX> flags */
641 #define SASL_CU_VERIFY_AGAINST_HASH 0x10
642
628643
629644 typedef int sasl_canon_user_t(sasl_conn_t *conn,
630645 void *context,
678693
679694 /* dispose of all SASL plugins. Connection
680695 * states have to be disposed of before calling this.
696 *
697 * This function is DEPRECATED in favour of sasl_server_done/
698 * sasl_client_done.
681699 */
682700 LIBSASL_API void sasl_done(void);
701
702 /* dispose of all SASL plugins. Connection
703 * states have to be disposed of before calling this.
704 * This function should be called instead of sasl_done(),
705 whenever possible.
706 */
707 LIBSASL_API int sasl_server_done(void);
708
709 /* dispose of all SASL plugins. Connection
710 * states have to be disposed of before calling this.
711 * This function should be called instead of sasl_done(),
712 whenever possible.
713 */
714 LIBSASL_API int sasl_client_done(void);
683715
684716 /* dispose connection state, sets it to NULL
685717 * checks for pointer to NULL
11021134 * SASL_NOUSER -- user not found
11031135 * SASL_NOVERIFY -- user found, but no usable mechanism
11041136 * SASL_NOMECH -- no mechanisms enabled
1137 * SASL_UNAVAIL -- remote authentication server unavailable, try again later
11051138 */
11061139 LIBSASL_API int sasl_user_exists(sasl_conn_t *conn,
11071140 const char *service,
11461179
11471180 #define SASL_AUX_END NULL /* last auxiliary property */
11481181
1182 #define SASL_AUX_ALL "*" /* A special flag to signal user deletion */
1183
11491184 /* traditional Posix items (should be implemented on Posix systems) */
11501185 #define SASL_AUX_PASSWORD_PROP "userPassword" /* User Password */
11511186 #define SASL_AUX_PASSWORD "*" SASL_AUX_PASSWORD_PROP /* User Password (of authid) */
328328 /* This plugin allows proxying */
329329 #define SASL_FEAT_ALLOWS_PROXY 0x0020
330330
331 /* server plugin don't use cleartext userPassword attribute */
332 #define SASL_FEAT_DONTUSE_USERPASSWD 0x0080
333
331334 /* client plug-in features */
332335 #define SASL_FEAT_NEEDSERVERFQDN 0x0001
333336
887890 * last element in array has id of SASL_AUX_END
888891 * elements with non-0 len should be ignored.
889892 */
890 void (*auxprop_lookup)(void *glob_context,
893 int (*auxprop_lookup)(void *glob_context,
891894 sasl_server_params_t *sparams,
892895 unsigned flags,
893896 const char *user, unsigned ulen);
918921 * we are looking up the authzid flags
919922 * (no prefix) */
920923
921 #define SASL_AUXPROP_PLUG_VERSION 4
924 /* NOTE: Keep in sync with SASL_CU_<XXX> flags */
925 #define SASL_AUXPROP_VERIFY_AGAINST_HASH 0x10
926
927
928 #define SASL_AUXPROP_PLUG_VERSION 8
922929
923930 /* default name for auxprop plug-in entry point is "sasl_auxprop_init"
924931 * similar to sasl_server_plug_init model, except only returns one
7676 */
7777 LIBSASL_API void sasl_erasebuffer(char *pass, unsigned len);
7878
79 /* Lowercase string in place */
80 LIBSASL_API char *sasl_strlower (char *val);
81
82 LIBSASL_API int sasl_config_init(const char *filename);
83
7984 #ifdef WIN32
8085 /* Just in case a different DLL defines this as well */
8186 #if defined(NEED_GETOPT)
113113 LIB_PGSQL = @LIB_PGSQL@
114114 LIB_SOCKET = @LIB_SOCKET@
115115 LIB_SQLITE = @LIB_SQLITE@
116 LIB_SQLITE3 = @LIB_SQLITE3@
116117 LN_S = @LN_S@
117118 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
118119 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
113113 LIB_PGSQL = @LIB_PGSQL@
114114 LIB_SOCKET = @LIB_SOCKET@
115115 LIB_SQLITE = @LIB_SQLITE@
116 LIB_SQLITE3 = @LIB_SQLITE3@
116117 LN_S = @LN_S@
117118 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
118119 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
113113 LIB_PGSQL = @LIB_PGSQL@
114114 LIB_SOCKET = @LIB_SOCKET@
115115 LIB_SQLITE = @LIB_SQLITE@
116 LIB_SQLITE3 = @LIB_SQLITE3@
116117 LN_S = @LN_S@
117118 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
118119 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
129129 LIB_PGSQL = @LIB_PGSQL@
130130 LIB_SOCKET = @LIB_SOCKET@
131131 LIB_SQLITE = @LIB_SQLITE@
132 LIB_SQLITE3 = @LIB_SQLITE3@
132133 LN_S = @LN_S@
133134 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
134135 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
129129 LIB_PGSQL = @LIB_PGSQL@
130130 LIB_SOCKET = @LIB_SOCKET@
131131 LIB_SQLITE = @LIB_SQLITE@
132 LIB_SQLITE3 = @LIB_SQLITE3@
132133 LN_S = @LN_S@
133134 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
134135 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
129129 LIB_PGSQL = @LIB_PGSQL@
130130 LIB_SOCKET = @LIB_SOCKET@
131131 LIB_SQLITE = @LIB_SQLITE@
132 LIB_SQLITE3 = @LIB_SQLITE3@
132133 LN_S = @LN_S@
133134 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
134135 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
129129 LIB_PGSQL = @LIB_PGSQL@
130130 LIB_SOCKET = @LIB_SOCKET@
131131 LIB_SQLITE = @LIB_SQLITE@
132 LIB_SQLITE3 = @LIB_SQLITE3@
132133 LN_S = @LN_S@
133134 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
134135 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
00 # Makefile.am for the SASL library
11 # Rob Earhart
2 # $Id: Makefile.am,v 1.85.2.1 2009/04/27 17:58:26 murch Exp $
2 # $Id: Makefile.am,v 1.87 2009/05/20 12:24:49 murch Exp $
33 # Copyright (c) 2000 Carnegie Mellon University. All rights reserved.
44 #
55 # Redistribution and use in source and binary forms, with or without
4040 #
4141
4242 # Library version info - here at the top, for sanity
43 sasl_version = 2:23:0
43 sasl_version = 2:24:0
4444
4545 INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/plugins -I$(top_builddir)/include -I$(top_srcdir)/sasldb
4646
4848 EXTRA_LIBRARIES = libsasl2.a
4949 noinst_LIBRARIES = @SASL_STATIC_LIBS@
5050 libsasl2_a_SOURCES=
51
52 BUILT_SOURCES = $(SASL_STATIC_SRCS)
5153
5254 common_headers = saslint.h
5355 common_sources = auxprop.c canonusr.c checkpw.c client.c common.c config.c external.c md5.c saslutil.c server.c seterror.c dlopen.c ../plugins/plugin_common.c
9294 rm -f $@
9395 ln -s .libs/$@ $@
9496
95 $(SASL_STATIC_OBJS): linksrcs
97 $(SASL_STATIC_SRCS): linksrcs
9698
9799 linksrcs:
98100 -ln -s $(SASL_STATIC_SRCS) .
1515
1616 # Makefile.am for the SASL library
1717 # Rob Earhart
18 # $Id: Makefile.am,v 1.85.2.1 2009/04/27 17:58:26 murch Exp $
18 # $Id: Makefile.am,v 1.87 2009/05/20 12:24:49 murch Exp $
1919 # Copyright (c) 2000 Carnegie Mellon University. All rights reserved.
2020 #
2121 # Redistribution and use in source and binary forms, with or without
130130 LIB_PGSQL = @LIB_PGSQL@
131131 LIB_SOCKET = @LIB_SOCKET@
132132 LIB_SQLITE = @LIB_SQLITE@
133 LIB_SQLITE3 = @LIB_SQLITE3@
133134 LN_S = @LN_S@
134135 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
135136 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
231232 target_vendor = @target_vendor@
232233
233234 # Library version info - here at the top, for sanity
234 sasl_version = 2:23:0
235 sasl_version = 2:24:0
235236
236237 INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/plugins -I$(top_builddir)/include -I$(top_srcdir)/sasldb
237238
239240 EXTRA_LIBRARIES = libsasl2.a
240241 noinst_LIBRARIES = @SASL_STATIC_LIBS@
241242 libsasl2_a_SOURCES =
243
244 BUILT_SOURCES = $(SASL_STATIC_SRCS)
242245
243246 common_headers = saslint.h
244247 common_sources = auxprop.c canonusr.c checkpw.c client.c common.c config.c external.c md5.c saslutil.c server.c seterror.c dlopen.c ../plugins/plugin_common.c
296299 getnameinfo.c getsubopt.c snprintf.c
297300 SOURCES = $(libsasl2_a_SOURCES) $(libsasl2_la_SOURCES)
298301
299 all: all-am
302 all: $(BUILT_SOURCES)
303 $(MAKE) $(AM_MAKEFLAGS) all-am
300304
301305 .SUFFIXES:
302306 .SUFFIXES: .c .lo .o .obj
527531 fi; \
528532 done
529533 check-am: all-am
530 check: check-am
534 check: $(BUILT_SOURCES)
535 $(MAKE) $(AM_MAKEFLAGS) check-am
531536 all-am: Makefile $(LIBRARIES) $(LTLIBRARIES)
532537
533538 installdirs:
534539 $(mkinstalldirs) $(DESTDIR)$(libdir)
535 install: install-am
540 install: $(BUILT_SOURCES)
541 $(MAKE) $(AM_MAKEFLAGS) install-am
536542 install-exec: install-exec-am
537543 install-data: install-data-am
538544 uninstall: uninstall-am
556562 maintainer-clean-generic:
557563 @echo "This command is intended for maintainers to use"
558564 @echo "it deletes files that may require special tools to rebuild."
565 -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
559566 clean: clean-am
560567
561568 clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
645652 rm -f $@
646653 ln -s .libs/$@ $@
647654
648 $(SASL_STATIC_OBJS): linksrcs
655 $(SASL_STATIC_SRCS): linksrcs
649656
650657 linksrcs:
651658 -ln -s $(SASL_STATIC_SRCS) .
1313 libsasl_res = libsasl.res
1414 libsasl_out = libsasl.dll libsasl.exp libsasl.lib $(libsasl_res)
1515
16 CPPFLAGS = /D NEED_GETOPT /I "..\win32\include" /I "." /I "..\include" /D "WIN32" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "LIBSASL_EXPORTS"
16 CPPFLAGS = /wd4996 /Wp64 /D NEED_GETOPT /I "..\win32\include" /I "." /I "..\include" /D "WIN32" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "LIBSASL_EXPORTS"
1717
1818 !IF $(TARGET_WIN_SYSTEM) >= 51
1919 CPPFLAGS = /D TARGET_WIN_SYSTEM=$(TARGET_WIN_SYSTEM) $(CPPFLAGS)
3737 #
3838 install: libsasl.dll
3939 @echo libsasl.exp > $(exclude_list)
40 @echo libsasl.res >> $(exclude_list)
41 @echo libsasl.dll.manifest >> $(exclude_list)
42 # .lib is excluded only because it is copied separately below
4043 @echo libsasl.lib >> $(exclude_list)
41 @echo libsasl.res >> $(exclude_list)
4244 @xcopy libsasl.* $(bindir) /I /F /Y /EXCLUDE:$(exclude_list)
4345 @xcopy libsasl.l* $(libdir) /I /F /Y
4446
4749 libsasl.dll: $(libsasl_objs) $(libsasl_res)
4850 $(LINK32DLL) @<< $(LINK32DLL_FLAGS) /out:"libsasl.dll" /implib:"libsasl.lib" /pdb:"libsasl.pdb" $(libsasl_objs) $(libsasl_res)
4951 <<
52 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
5053
5154 plugin_common.c: ..\plugins\plugin_common.c plugin_common.h
5255 copy ..\plugins\plugin_common.c .
5457 plugin_common.h: ..\plugins\plugin_common.h
5558 copy ..\plugins\plugin_common.h .
5659
57 client.c common.c external.c plugin_common.c server.c seterror.c: ..\include\saslplug.h
60 auxprop.c checkpw.c client.c common.c external.c plugin_common.c server.c seterror.c: ..\include\saslplug.h
61
62 auxprop.c canonusr.c checkpw.c client.c common.c config.c external.c getsubopt.c md5.c plugin_common.c server.c seterror.c windlopen.c: ..\include\sasl.h
5863
5964 CLEAN :
6065 -@erase $(all_objs)
6166 -@erase "*.idb"
6267 -@erase "*.pdb"
68 -@erase "*.manifest"
6369 -@erase $(all_out)
6470 -@erase plugin_common.h
6571 -@erase plugin_common.c
9096 VALUE "FileDescription", "CMU SASL API v2\0"
9197 VALUE "FileVersion", "$(SASL_VERSION_MAJOR).$(SASL_VERSION_MINOR).$(SASL_VERSION_STEP).0\0"
9298 VALUE "InternalName", "libsasl\0"
93 VALUE "LegalCopyright", "Copyright (c) Carnegie Mellon University 2005\0"
99 VALUE "LegalCopyright", "Copyright (c) Carnegie Mellon University 2002-2009\0"
94100 VALUE "OriginalFilename", "libsasl.dll\0"
95101 VALUE "ProductName", "Carnegie Mellon University SASL\0"
96102 VALUE "ProductVersion", "$(SASL_VERSION_MAJOR).$(SASL_VERSION_MINOR).$(SASL_VERSION_STEP)-0"
00 /* auxprop.c - auxilliary property support
11 * Rob Siemborski
2 * $Id: auxprop.c,v 1.16 2006/03/14 14:23:55 mel Exp $
2 * $Id: auxprop.c,v 1.19 2009/01/28 22:49:14 mel Exp $
33 */
44 /*
55 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
4545 #include <sasl.h>
4646 #include <prop.h>
4747 #include <ctype.h>
48 #include <stdio.h>
4849 #include "saslint.h"
4950
5051 struct proppool
809810 result = auxpropfunc(sasl_global_utils, SASL_AUXPROP_PLUG_VERSION,
810811 &out_version, &plug, plugname);
811812
813 /* Check if out_version is too old.
814 We only support the current at the moment */
815 if (result == SASL_OK && out_version < SASL_AUXPROP_PLUG_VERSION) {
816 result = SASL_BADVERS;
817 }
818
812819 if(result != SASL_OK) {
813820 _sasl_log(NULL, SASL_LOG_ERR, "auxpropfunc error %s\n",
814821 sasl_errstring(result, NULL, NULL));
844851 auxprop_head = NULL;
845852 }
846853
854 /* Return the updated account status based on the current ("so far") and
855 the specific status returned by the latest auxprop call */
856 static int
857 _sasl_account_status (int current_status,
858 int specific_status)
859 {
860 switch (specific_status) {
861 case SASL_NOVERIFY:
862 specific_status = SASL_OK;
863 /* fall through */
864 case SASL_OK:
865 if (current_status == SASL_NOMECH ||
866 current_status == SASL_NOUSER) {
867 current_status = specific_status;
868 }
869 break;
870
871 case SASL_NOUSER:
872 if (current_status == SASL_NOMECH) {
873 current_status = specific_status;
874 }
875 break;
876
877 /* NOTE: The disabled flag sticks, unless we hit an error */
878 case SASL_DISABLED:
879 if (current_status == SASL_NOMECH ||
880 current_status == SASL_NOUSER ||
881 current_status == SASL_OK) {
882 current_status = specific_status;
883 }
884 break;
885
886 case SASL_NOMECH:
887 /* ignore */
888 break;
889
890 /* SASL_UNAVAIL overrides everything */
891 case SASL_UNAVAIL:
892 current_status = specific_status;
893 break;
894
895 default:
896 current_status = specific_status;
897 break;
898 }
899 return (current_status);
900 }
847901
848902 /* Do the callbacks for auxprop lookups */
849 void _sasl_auxprop_lookup(sasl_server_params_t *sparams,
903 int _sasl_auxprop_lookup(sasl_server_params_t *sparams,
850904 unsigned flags,
851905 const char *user, unsigned ulen)
852906 {
855909 void *context;
856910 const char *plist = NULL;
857911 auxprop_plug_list_t *ptr;
912 int result = SASL_NOMECH;
858913
859914 if(_sasl_getcallback(sparams->utils->conn,
860915 SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {
864919
865920 if(!plist) {
866921 /* Do lookup in all plugins */
922
923 /* TODO: Ideally, each auxprop plugin should be marked if its failure
924 should be ignored or treated as a fatal error of the whole lookup. */
867925 for(ptr = auxprop_head; ptr; ptr = ptr->next) {
868926 found=1;
869 ptr->plug->auxprop_lookup(ptr->plug->glob_context,
927 ret = ptr->plug->auxprop_lookup(ptr->plug->glob_context,
870928 sparams, flags, user, ulen);
929 result = _sasl_account_status (result, ret);
871930 }
872931 } else {
873932 char *pluginlist = NULL, *freeptr = NULL, *thisplugin = NULL;
874933
875 if(_sasl_strdup(plist, &pluginlist, NULL) != SASL_OK) return;
934 if(_sasl_strdup(plist, &pluginlist, NULL) != SASL_OK) return SASL_NOMEM;
876935 thisplugin = freeptr = pluginlist;
877936
878937 /* Do lookup in all *specified* plugins, in order */
894953 continue;
895954
896955 found=1;
897 ptr->plug->auxprop_lookup(ptr->plug->glob_context,
956 ret = ptr->plug->auxprop_lookup(ptr->plug->glob_context,
898957 sparams, flags, user, ulen);
958 result = _sasl_account_status (result, ret);
899959 }
900960
901961 if(last) break;
906966 sasl_FREE(freeptr);
907967 }
908968
909 if(!found)
969 if(!found) {
910970 _sasl_log(sparams->utils->conn, SASL_LOG_DEBUG,
911971 "could not find auxprop plugin, was searching for '%s'",
912972 plist ? plist : "[all]");
973 }
974
975 return result;
913976 }
914977
915978 /* Do the callbacks for auxprop stores */
917980 struct propctx *ctx, const char *user)
918981 {
919982 sasl_getopt_t *getopt;
920 int ret, found = 0;
983 int ret;
921984 void *context;
922985 const char *plist = NULL;
923986 auxprop_plug_list_t *ptr;
924987 sasl_server_params_t *sparams = NULL;
925988 unsigned userlen = 0;
989 int num_constraint_violations = 0;
990 int total_plugins = 0;
926991
927992 if (ctx) {
928993 if (!conn || !user)
9421007 if(!plist) {
9431008 /* Do store in all plugins */
9441009 for(ptr = auxprop_head; ptr && ret == SASL_OK; ptr = ptr->next) {
945 found=1;
946 if (ptr->plug->auxprop_store)
1010 total_plugins++;
1011 if (ptr->plug->auxprop_store) {
9471012 ret = ptr->plug->auxprop_store(ptr->plug->glob_context,
9481013 sparams, ctx, user, userlen);
1014 if (ret == SASL_CONSTRAINT_VIOLAT) {
1015 ret = SASL_OK;
1016 num_constraint_violations++;
1017 }
1018 }
9491019 }
9501020 } else {
9511021 char *pluginlist = NULL, *freeptr = NULL, *thisplugin = NULL;
9711041 || strcasecmp(ptr->plug->name, thisplugin)))
9721042 continue;
9731043
974 found=1;
975 if (ptr->plug->auxprop_store)
1044 total_plugins++;
1045 if (ptr->plug->auxprop_store) {
9761046 ret = ptr->plug->auxprop_store(ptr->plug->glob_context,
9771047 sparams, ctx, user, userlen);
1048 if (ret == SASL_CONSTRAINT_VIOLAT) {
1049 ret = SASL_OK;
1050 num_constraint_violations++;
1051 }
1052 }
9781053 }
9791054
9801055 if(last) break;
9851060 sasl_FREE(freeptr);
9861061 }
9871062
988 if(!found) {
1063 if(total_plugins == 0) {
9891064 _sasl_log(NULL, SASL_LOG_ERR,
9901065 "could not find auxprop plugin, was searching for %s",
9911066 plist ? plist : "[all]");
9921067 return SASL_FAIL;
1068 } else if (total_plugins == num_constraint_violations) {
1069 ret = SASL_CONSTRAINT_VIOLAT;
9931070 }
9941071
9951072 return ret;
10001077 _sasl_print_mechanism (
10011078 sasl_auxprop_plug_t *m,
10021079 sasl_info_callback_stage_t stage,
1003 void *rock
1080 void *rock __attribute__((unused))
10041081 )
10051082 {
1006 char delimiter;
1007
10081083 if (stage == SASL_INFO_LIST_START) {
10091084 printf ("List of auxprop plugins follows\n");
10101085 return;
00 /* canonusr.c - user canonicalization support
11 * Rob Siemborski
2 * $Id: canonusr.c,v 1.15 2004/02/20 23:54:51 rjs3 Exp $
2 * $Id: canonusr.c,v 1.20 2009/03/10 16:27:52 mel Exp $
33 */
44 /*
55 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
6262 /* default behavior:
6363 * eliminate leading & trailing whitespace,
6464 * null-terminate, and get into the outparams
65 *
6665 * (handled by INTERNAL plugin) */
67 /* Also does auxprop lookups once username is canonicalized */
6866 /* a zero ulen or alen indicates that it is strlen(value) */
6967 int _sasl_canon_user(sasl_conn_t *conn,
7068 const char *user, unsigned ulen,
108106 result = cuser_cb(conn, context,
109107 user, ulen,
110108 flags, (conn->type == SASL_CONN_SERVER ?
111 ((sasl_server_conn_t *)conn)->user_realm :
109 sconn->user_realm :
112110 NULL),
113111 user_buf, CANON_BUF_SIZE, lenp);
114112
128126 }
129127
130128 if(!plugin_name) {
131 /* Use Defualt */
129 /* Use Default */
132130 plugin_name = "INTERNAL";
133131 }
134132
182180 oparams->user = conn->user_buf;
183181 }
184182
183 RETURN(conn, result);
184 }
185
186 /* Lookup all properties for authentication and/or authorization identity. */
187 static int _sasl_auxprop_lookup_user_props (sasl_conn_t *conn,
188 unsigned flags,
189 sasl_out_params_t *oparams)
190 {
191 sasl_server_conn_t *sconn = NULL;
192 int result = SASL_OK;
193
194 if (!conn) return SASL_BADPARAM;
195 if (!oparams) return SASL_BADPARAM;
196
185197 #ifndef macintosh
198 if (conn->type == SASL_CONN_SERVER) sconn = (sasl_server_conn_t *)conn;
199
186200 /* do auxprop lookups (server only) */
187 if(sconn) {
188 if(flags & SASL_CU_AUTHID) {
189 _sasl_auxprop_lookup(sconn->sparams, 0,
190 oparams->authid, oparams->alen);
201 if (sconn) {
202 int authz_result;
203 unsigned auxprop_lookup_flags = flags & SASL_CU_ASIS_MASK;
204
205 if (flags & SASL_CU_OVERRIDE) {
206 auxprop_lookup_flags |= SASL_AUXPROP_OVERRIDE;
191207 }
192 if(flags & SASL_CU_AUTHZID) {
193 _sasl_auxprop_lookup(sconn->sparams, SASL_AUXPROP_AUTHZID,
194 oparams->user, oparams->ulen);
208
209 if (flags & SASL_CU_AUTHID) {
210 result = _sasl_auxprop_lookup(sconn->sparams,
211 auxprop_lookup_flags,
212 oparams->authid,
213 oparams->alen);
214 } else {
215 result = SASL_CONTINUE;
195216 }
217 if (flags & SASL_CU_AUTHZID) {
218 authz_result = _sasl_auxprop_lookup(sconn->sparams,
219 auxprop_lookup_flags | SASL_AUXPROP_AUTHZID,
220 oparams->user,
221 oparams->ulen);
222
223 if (result == SASL_CONTINUE) {
224 /* Only SASL_CU_AUTHZID was requested.
225 The authz_result value is authoritative. */
226 result = authz_result;
227 } else if (result == SASL_OK && authz_result != SASL_NOUSER) {
228 /* Use the authz_result value, unless "result"
229 already contains an error */
230 result = authz_result;
231 }
232 }
233
234 if (result == SASL_NOUSER && (flags & SASL_CU_EXTERNALLY_VERIFIED)) {
235 /* The called has explicitly told us that the authentication identity
236 was already verified. So a failure to retrieve any associated properties
237 is not an error. For example the caller is using Kerberos to verify user,
238 but the LDAPDB/SASLDB auxprop plugin doesn't contain any auxprops for
239 the user. */
240 result = SASL_OK;
241 }
196242 }
197243 #endif
198244
199
200 RETURN(conn, SASL_OK);
245 RETURN(conn, result);
246 }
247
248 /* default behavior:
249 * Eliminate leading & trailing whitespace,
250 * null-terminate, and get into the outparams
251 * (handled by INTERNAL plugin).
252 *
253 * Server only: Also does auxprop lookups once username
254 * is canonicalized. */
255 int _sasl_canon_user_lookup (sasl_conn_t *conn,
256 const char *user,
257 unsigned ulen,
258 unsigned flags,
259 sasl_out_params_t *oparams)
260 {
261 int result;
262
263 result = _sasl_canon_user (conn,
264 user,
265 ulen,
266 flags,
267 oparams);
268 if (result == SASL_OK) {
269 result = _sasl_auxprop_lookup_user_props (conn,
270 flags,
271 oparams);
272 }
273
274 RETURN(conn, result);
201275 }
202276
203277 void _sasl_canonuser_free()
269343 unsigned i;
270344 char *in_buf, *userin;
271345 const char *begin_u;
272 size_t u_apprealm = 0;
346 unsigned u_apprealm = 0;
273347 sasl_server_conn_t *sconn = NULL;
274348
275349 if(!utils || !user) return SASL_BADPARAM;
299373
300374 /* Need to append realm if necessary (see sasl.h) */
301375 if(sconn && sconn->user_realm && !strchr(user, '@')) {
302 u_apprealm = strlen(sconn->user_realm) + 1;
376 u_apprealm = (unsigned) strlen(sconn->user_realm) + 1;
303377 }
304378
305379 /* Now Copy */
00 /* SASL server API implementation
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: checkpw.c,v 1.73 2006/03/13 18:30:41 mel Exp $
3 * $Id: checkpw.c,v 1.79 2009/05/08 00:43:44 murch Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
7373 #include <string.h>
7474 #endif
7575
76 #include <limits.h>
7677 #include <sys/types.h>
7778 #include <ctype.h>
7879
125126 return SASL_OK;
126127 }
127128
128 /* erase & dispose of a sasl_secret_t
129 /* verify user password using auxprop plugins
129130 */
130131 static int auxprop_verify_password(sasl_conn_t *conn,
131132 const char *userstr,
134135 const char *user_realm __attribute__((unused)))
135136 {
136137 int ret = SASL_FAIL;
137 char *userid = NULL;
138 char *realm = NULL;
139138 int result = SASL_OK;
140139 sasl_server_conn_t *sconn = (sasl_server_conn_t *)conn;
141140 const char *password_request[] = { SASL_AUX_PASSWORD,
149148 /* We need to clear any previous results and re-canonify to
150149 * ensure correctness */
151150
152 prop_clear(sconn->sparams->propctx, 0);
151 prop_clear (sconn->sparams->propctx, 0);
153152
154153 /* ensure its requested */
155154 result = prop_request(sconn->sparams->propctx, password_request);
156155
157156 if(result != SASL_OK) return result;
158157
159 result = _sasl_canon_user(conn, userstr, 0,
160 SASL_CU_AUTHID | SASL_CU_AUTHZID,
161 &(conn->oparams));
158 result = _sasl_canon_user_lookup (conn,
159 userstr,
160 0,
161 SASL_CU_AUTHID | SASL_CU_AUTHZID,
162 &(conn->oparams));
162163 if(result != SASL_OK) return result;
163164
164165 result = prop_getnames(sconn->sparams->propctx, password_request,
165166 auxprop_values);
166 if(result < 0)
167 if (result < 0) {
167168 return result;
168
169 if((!auxprop_values[0].name
170 || !auxprop_values[0].values || !auxprop_values[0].values[0])
171 && (!auxprop_values[1].name
172 || !auxprop_values[1].values || !auxprop_values[1].values[0]))
173 return SASL_NOUSER;
169 }
170
171 /* Verify that the returned <name>s are correct.
172 But we defer checking for NULL values till after we verify
173 that a passwd is specified. */
174 if (!auxprop_values[0].name && !auxprop_values[1].name) {
175 return SASL_NOUSER;
176 }
174177
175178 /* It is possible for us to get useful information out of just
176179 * the lookup, so we won't check that we have a password until now */
179182 goto done;
180183 }
181184
185 if ((!auxprop_values[0].values || !auxprop_values[0].values[0])
186 && (!auxprop_values[1].values || !auxprop_values[1].values[0])) {
187 return SASL_NOUSER;
188 }
189
182190 /* At the point this has been called, the username has been canonified
183191 * and we've done the auxprop lookup. This should be easy. */
184192 if(auxprop_values[0].name
219227 password_request[0]);
220228
221229 done:
222 if (userid) sasl_FREE(userid);
223 if (realm) sasl_FREE(realm);
224
230 /* We're not going to erase the property here because other people
231 * may want it */
232 return ret;
233 }
234
235 /* Verify user password using auxprop plugins. Allow verification against a hashed password,
236 * or non-retrievable password. Don't use cmusaslsecretPLAIN attribute.
237 *
238 * This function is similar to auxprop_verify_password().
239 */
240 static int auxprop_verify_password_hashed(sasl_conn_t *conn,
241 const char *userstr,
242 const char *passwd,
243 const char *service __attribute__((unused)),
244 const char *user_realm __attribute__((unused)))
245 {
246 int ret = SASL_FAIL;
247 int result = SASL_OK;
248 sasl_server_conn_t *sconn = (sasl_server_conn_t *)conn;
249 const char *password_request[] = { SASL_AUX_PASSWORD,
250 NULL };
251 struct propval auxprop_values[2];
252 unsigned extra_cu_flags = 0;
253
254 if (!conn || !userstr)
255 return SASL_BADPARAM;
256
257 /* We need to clear any previous results and re-canonify to
258 * ensure correctness */
259
260 prop_clear(sconn->sparams->propctx, 0);
261
262 /* ensure its requested */
263 result = prop_request(sconn->sparams->propctx, password_request);
264
265 if (result != SASL_OK) return result;
266
267 /* We need to pass "password" down to the auxprop_lookup */
268 /* NB: We don't support binary passwords */
269 if (passwd != NULL) {
270 prop_set (sconn->sparams->propctx,
271 SASL_AUX_PASSWORD,
272 passwd,
273 -1);
274 extra_cu_flags = SASL_CU_VERIFY_AGAINST_HASH;
275 }
276
277 result = _sasl_canon_user_lookup (conn,
278 userstr,
279 0,
280 SASL_CU_AUTHID | SASL_CU_AUTHZID | extra_cu_flags,
281 &(conn->oparams));
282
283 if (result != SASL_OK) return result;
284
285 result = prop_getnames(sconn->sparams->propctx, password_request,
286 auxprop_values);
287 if (result < 0) {
288 return result;
289 }
290
291 /* Verify that the returned <name>s are correct.
292 But we defer checking for NULL values till after we verify
293 that a passwd is specified. */
294 if (!auxprop_values[0].name && !auxprop_values[1].name) {
295 return SASL_NOUSER;
296 }
297
298 /* It is possible for us to get useful information out of just
299 * the lookup, so we won't check that we have a password until now */
300 if (!passwd) {
301 ret = SASL_BADPARAM;
302 goto done;
303 }
304
305 if ((!auxprop_values[0].values || !auxprop_values[0].values[0])) {
306 return SASL_NOUSER;
307 }
308
309 /* At the point this has been called, the username has been canonified
310 * and we've done the auxprop lookup. This should be easy. */
311
312 /* NB: Note that if auxprop_lookup failed to verify the password,
313 then the userPassword property value would be NULL */
314 if (auxprop_values[0].name
315 && auxprop_values[0].values
316 && auxprop_values[0].values[0]
317 && !strcmp(auxprop_values[0].values[0], passwd)) {
318 /* We have a plaintext version and it matched! */
319 return SASL_OK;
320 } else {
321 /* passwords do not match */
322 ret = SASL_BADAUTH;
323 }
324
325 done:
225326 /* We're not going to erase the property here because other people
226327 * may want it */
227328 return ret;
589690 * count authid count password count service count realm
590691 */
591692 {
592 unsigned short u_len, p_len, s_len, r_len;
693 unsigned short max_len, req_len, u_len, p_len, s_len, r_len;
593694
695 max_len = (unsigned short) sizeof(query);
696
697 /* prevent buffer overflow */
698 if ((strlen(userid) > USHRT_MAX) ||
699 (strlen(passwd) > USHRT_MAX) ||
700 (strlen(service) > USHRT_MAX) ||
701 (user_realm && (strlen(user_realm) > USHRT_MAX))) {
702 goto toobig;
703 }
704
594705 u_len = (strlen(userid));
595706 p_len = (strlen(passwd));
596707 s_len = (strlen(service));
597708 r_len = ((user_realm ? strlen(user_realm) : 0));
598709
599 if (u_len + p_len + s_len + r_len + 30 > (unsigned short) sizeof(query)) {
600 /* request just too damn big */
601 sasl_seterror(conn, 0, "saslauthd request too large");
602 goto fail;
603 }
710 /* prevent buffer overflow */
711 req_len = 30;
712 if (max_len - req_len < u_len) goto toobig;
713 req_len += u_len;
714 if (max_len - req_len < p_len) goto toobig;
715 req_len += p_len;
716 if (max_len - req_len < s_len) goto toobig;
717 req_len += s_len;
718 if (max_len - req_len < r_len) goto toobig;
604719
605720 u_len = htons(u_len);
606721 p_len = htons(p_len);
730845
731846 sasl_seterror(conn, SASL_NOLOG, "authentication failed");
732847 return SASL_BADAUTH;
848
849 toobig:
850 /* request just too damn big */
851 sasl_seterror(conn, 0, "saslauthd request too large");
733852
734853 fail:
735854 if (freeme) free(freeme);
9601079
9611080 struct sasl_verify_password_s _sasl_verify_password[] = {
9621081 { "auxprop", &auxprop_verify_password },
1082 { "auxprop-hashed", &auxprop_verify_password_hashed },
9631083 #ifdef HAVE_PWCHECK
9641084 { "pwcheck", &pwcheck_verify_password },
9651085 #endif
00 /* SASL client API implementation
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: client.c,v 1.67 2006/04/26 15:33:41 mel Exp $
3 * $Id: client.c,v 1.76 2009/08/04 17:13:51 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
6464
6565 static int init_mechlist()
6666 {
67 cmechlist->mutex = sasl_MUTEX_ALLOC();
68 if(!cmechlist->mutex) return SASL_FAIL;
69
7067 cmechlist->utils=_sasl_alloc_utils(NULL, &global_callbacks_client);
7168 if (cmechlist->utils==NULL)
7269 return SASL_NOMEM;
7774 return SASL_OK;
7875 }
7976
77 int sasl_client_done(void)
78 {
79 int result = SASL_CONTINUE;
80
81 if (_sasl_server_cleanup_hook == NULL && _sasl_client_cleanup_hook == NULL) {
82 return SASL_NOTINIT;
83 }
84
85 if (_sasl_client_cleanup_hook) {
86 result = _sasl_client_cleanup_hook();
87
88 if (result == SASL_OK) {
89 _sasl_client_idle_hook = NULL;
90 _sasl_client_cleanup_hook = NULL;
91 } else {
92 return result;
93 }
94 }
95
96 if (_sasl_server_cleanup_hook || _sasl_client_cleanup_hook) {
97 return result;
98 }
99
100 sasl_common_done();
101
102 return SASL_OK;
103 }
104
80105 static int client_done(void) {
81 cmechanism_t *cm;
82 cmechanism_t *cprevm;
83
84 if(!_sasl_client_active)
85 return SASL_NOTINIT;
86 else
87 _sasl_client_active--;
88
89 if(_sasl_client_active) {
90 /* Don't de-init yet! Our refcount is nonzero. */
91 return SASL_CONTINUE;
92 }
93
94 cm=cmechlist->mech_list; /* m point to begging of the list */
95 while (cm!=NULL)
96 {
97 cprevm=cm;
98 cm=cm->next;
99
100 if (cprevm->m.plug->mech_free) {
101 cprevm->m.plug->mech_free(cprevm->m.plug->glob_context,
102 cmechlist->utils);
103 }
104
105 sasl_FREE(cprevm->m.plugname);
106 sasl_FREE(cprevm);
107 }
108 sasl_MUTEX_FREE(cmechlist->mutex);
109 _sasl_free_utils(&cmechlist->utils);
110 sasl_FREE(cmechlist);
111
112 cmechlist = NULL;
113
114 return SASL_OK;
106 cmechanism_t *cm;
107 cmechanism_t *cprevm;
108
109 if (!_sasl_client_active) {
110 return SASL_NOTINIT;
111 } else {
112 _sasl_client_active--;
113 }
114
115 if(_sasl_client_active) {
116 /* Don't de-init yet! Our refcount is nonzero. */
117 return SASL_CONTINUE;
118 }
119
120 cm = cmechlist->mech_list; /* m point to beggining of the list */
121 while (cm!=NULL)
122 {
123 cprevm = cm;
124 cm = cm->next;
125
126 if (cprevm->m.plug->mech_free) {
127 cprevm->m.plug->mech_free(cprevm->m.plug->glob_context,
128 cmechlist->utils);
129 }
130
131 sasl_FREE(cprevm->m.plugname);
132 sasl_FREE(cprevm);
133 }
134 _sasl_free_utils(&cmechlist->utils);
135 sasl_FREE(cmechlist);
136
137 cmechlist = NULL;
138
139 return SASL_OK;
115140 }
116141
117142 int sasl_client_add_plugin(const char *plugname,
118143 sasl_client_plug_init_t *entry_point)
119144 {
120 int plugcount;
121 sasl_client_plug_t *pluglist;
122 cmechanism_t *mech;
123 int result;
124 int version;
125 int lupe;
126
127 if(!plugname || !entry_point) return SASL_BADPARAM;
128
129 result = entry_point(cmechlist->utils, SASL_CLIENT_PLUG_VERSION, &version,
130 &pluglist, &plugcount);
131
132 if (result != SASL_OK)
133 {
134 _sasl_log(NULL, SASL_LOG_WARN,
145 int plugcount;
146 sasl_client_plug_t *pluglist;
147 cmechanism_t *mech;
148 int result;
149 int version;
150 int lupe;
151
152 if (!plugname || !entry_point) return SASL_BADPARAM;
153
154 result = entry_point(cmechlist->utils,
155 SASL_CLIENT_PLUG_VERSION,
156 &version,
157 &pluglist,
158 &plugcount);
159
160 if (result != SASL_OK)
161 {
162 _sasl_log(NULL, SASL_LOG_WARN,
135163 "entry_point failed in sasl_client_add_plugin for %s",
136164 plugname);
137 return result;
138 }
139
140 if (version != SASL_CLIENT_PLUG_VERSION)
141 {
142 _sasl_log(NULL, SASL_LOG_WARN,
165 return result;
166 }
167
168 if (version != SASL_CLIENT_PLUG_VERSION)
169 {
170 _sasl_log(NULL, SASL_LOG_WARN,
143171 "version conflict in sasl_client_add_plugin for %s", plugname);
144 return SASL_BADVERS;
145 }
146
147 for (lupe=0;lupe< plugcount ;lupe++)
172 return SASL_BADVERS;
173 }
174
175 for (lupe=0; lupe< plugcount ;lupe++)
148176 {
149 mech = sasl_ALLOC(sizeof(cmechanism_t));
150 if (! mech) return SASL_NOMEM;
151
152 mech->m.plug=pluglist++;
153 if(_sasl_strdup(plugname, &mech->m.plugname, NULL) != SASL_OK) {
154 sasl_FREE(mech);
155 return SASL_NOMEM;
156 }
157 mech->m.version = version;
158 mech->next = cmechlist->mech_list;
159 cmechlist->mech_list = mech;
160 cmechlist->mech_length++;
161 }
162
163 return SASL_OK;
177 mech = sasl_ALLOC(sizeof(cmechanism_t));
178 if (!mech) return SASL_NOMEM;
179
180 mech->m.plug = pluglist++;
181 if (_sasl_strdup(plugname, &mech->m.plugname, NULL) != SASL_OK) {
182 sasl_FREE(mech);
183 return SASL_NOMEM;
184 }
185 mech->m.version = version;
186 mech->next = cmechlist->mech_list;
187 cmechlist->mech_list = mech;
188 cmechlist->mech_length++;
189 }
190
191 return SASL_OK;
164192 }
165193
166194 static int
201229 { NULL, NULL }
202230 };
203231
232 /* lock allocation type */
233 _sasl_allocation_locked++;
234
204235 if(_sasl_client_active) {
205236 /* We're already active, just increase our refcount */
206237 /* xxx do something with the callback structure? */
342373 /* Setup the non-lazy parts of cparams, the rest is done in
343374 * sasl_client_start */
344375 conn->cparams->utils = utils;
345 conn->cparams->canon_user = &_sasl_canon_user;
376 conn->cparams->canon_user = &_sasl_canon_user_lookup;
346377 conn->cparams->flags = flags;
347378 conn->cparams->prompt_supp = (*pconn)->callbacks;
348379
349380 /* get the clientFQDN (serverFQDN was set in _sasl_conn_init) */
350381 memset(name, 0, sizeof(name));
351 gethostname(name, MAXHOSTNAMELEN);
382 if (get_fqhostname (name, MAXHOSTNAMELEN, 0) != 0) {
383 return (SASL_FAIL);
384 }
352385
353386 result = _sasl_strdup(name, &conn->clientFQDN, NULL);
354387
406439
407440 /* xxx confirm this with rfc 2222
408441 * SASL mechanism allowable characters are "AZaz-_"
409 * seperators can be any other characters and of any length
442 * separators can be any other characters and of any length
410443 * even variable lengths between
411444 *
412445 * Apps should be encouraged to simply use space or comma space
709742 unsigned *plen,
710743 int *pcount)
711744 {
712 cmechanism_t *m=NULL;
745 cmechanism_t *m = NULL;
713746 sasl_ssf_t minssf = 0;
714747 int ret;
715748 size_t resultlen;
716749 int flag;
717750 const char *mysep;
718751
719 if(_sasl_client_active == 0) return SASL_NOTINIT;
752 if (_sasl_client_active == 0) return SASL_NOTINIT;
720753 if (!conn) return SASL_BADPARAM;
721 if(conn->type != SASL_CONN_CLIENT) PARAMERROR(conn);
754 if (conn->type != SASL_CONN_CLIENT) PARAMERROR(conn);
722755
723756 if (! result)
724757 PARAMERROR(conn);
734767 mysep = " ";
735768 }
736769
737 if(conn->props.min_ssf < conn->external.ssf) {
770 if (conn->props.min_ssf < conn->external.ssf) {
738771 minssf = 0;
739772 } else {
740773 minssf = conn->props.min_ssf - conn->external.ssf;
856889 _sasl_print_mechanism (
857890 client_sasl_mechanism_t *m,
858891 sasl_info_callback_stage_t stage,
859 void *rock
892 void *rock __attribute__((unused))
860893 )
861894 {
862895 char delimiter;
00 /* common.c - Functions that are common to server and clinet
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: common.c,v 1.114 2006/04/19 18:39:59 mel Exp $
3 * $Id: common.c,v 1.124 2009/02/20 23:10:53 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
106106 (sasl_realloc_t *) &realloc,
107107 (sasl_free_t *) &free
108108 };
109 int _sasl_allocation_locked = 0;
109110
110111 #define SASL_ENCODEV_EXTRA 4096
111112
120121 static char * default_plugin_path = NULL;
121122 static char * default_conf_path = NULL;
122123
124 static int _sasl_global_getopt(void *context,
125 const char *plugin_name,
126 const char *option,
127 const char ** result,
128 unsigned *len);
129
123130 /* Intenal mutex functions do as little as possible (no thread protection) */
124131 static void *sasl_mutex_alloc(void)
125132 {
148155 &sasl_mutex_free
149156 };
150157
151 void sasl_set_mutex(sasl_mutex_alloc_t *n, sasl_mutex_lock_t *l,
152 sasl_mutex_unlock_t *u, sasl_mutex_free_t *d)
153 {
154 _sasl_mutex_utils.alloc=n;
155 _sasl_mutex_utils.lock=l;
156 _sasl_mutex_utils.unlock=u;
157 _sasl_mutex_utils.free=d;
158 void sasl_set_mutex(sasl_mutex_alloc_t *n,
159 sasl_mutex_lock_t *l,
160 sasl_mutex_unlock_t *u,
161 sasl_mutex_free_t *d)
162 {
163 /* Disallow mutex function changes once sasl_client_init
164 and/or sasl_server_init is called */
165 if (_sasl_server_cleanup_hook || _sasl_client_cleanup_hook) {
166 return;
167 }
168
169 _sasl_mutex_utils.alloc=n;
170 _sasl_mutex_utils.lock=l;
171 _sasl_mutex_utils.unlock=u;
172 _sasl_mutex_utils.free=d;
158173 }
159174
160175 /* copy a string to malloced memory */
239254
240255 /* return the version of the cyrus sasl library as compiled,
241256 * using 32 bits: high byte is major version, second byte is minor version,
242 * low 16 bits are step # */
257 * low 16 bits are step #.
258 * Patch version is not available using this function,
259 * use sasl_version_info() instead.
260 */
243261 void sasl_version(const char **implementation, int *version)
244262 {
245263 if(implementation) *implementation = implementation_string;
383401 const char **output,
384402 unsigned *outputlen)
385403 {
386 int result;
404 int result = SASL_OK;
387405 unsigned i;
388406 unsigned j;
389407 size_t total_size = 0;
496514 the conn->oparams.maxoutbuf buffer. */
497515 /* Note, if next_buf points to the very end of the IOV record,
498516 it will be reset to NULL below */
499 next_buf = last_invec.iov_base + last_invec.iov_len;
517 /* Note, that some platforms define iov_base as "void *",
518 thus the typecase below */
519 next_buf = (char *) last_invec.iov_base + last_invec.iov_len;
500520 /* Note - remainder_len is how many bytes left to be encoded in
501521 the current IOV slot. */
502522 remainder_len = (total_size + invec[i].iov_len) - conn->oparams.maxoutbuf;
512532
513533 /* Note, if next_buf points to the very end of the IOV record,
514534 it will be reset to NULL below */
515 next_buf = last_invec.iov_base + last_invec.iov_len;
535 /* Note, that some platforms define iov_base as "void *",
536 thus the typecase below */
537 next_buf = (char *) last_invec.iov_base + last_invec.iov_len;
516538 remainder_len = remainder_len - conn->oparams.maxoutbuf;
517539
518540 result = _sasl_encodev (conn,
636658 sasl_realloc_t *r,
637659 sasl_free_t *f)
638660 {
661 if (_sasl_allocation_locked++) return;
662
639663 _sasl_allocation_utils.malloc=m;
640664 _sasl_allocation_utils.calloc=c;
641665 _sasl_allocation_utils.realloc=r;
642666 _sasl_allocation_utils.free=f;
643667 }
644668
645 void sasl_done(void)
646 {
647 if (_sasl_server_cleanup_hook && _sasl_server_cleanup_hook() == SASL_OK) {
648 _sasl_server_idle_hook = NULL;
649 _sasl_server_cleanup_hook = NULL;
650 }
651
652 if (_sasl_client_cleanup_hook && _sasl_client_cleanup_hook() == SASL_OK) {
653 _sasl_client_idle_hook = NULL;
654 _sasl_client_cleanup_hook = NULL;
655 }
656
657 if (_sasl_server_cleanup_hook || _sasl_client_cleanup_hook) {
658 return;
659 }
660
669 void sasl_common_done(void)
670 {
661671 /* NOTE - the caller will need to reinitialize the values,
662672 if it is going to call sasl_client_init/sasl_server_init again. */
663673 if (default_plugin_path != NULL) {
677687
678688 _sasl_free_utils(&sasl_global_utils);
679689
680 if(global_mech_list) sasl_FREE(global_mech_list);
681 global_mech_list = NULL;
690 if (global_mech_list) {
691 sasl_FREE(global_mech_list);
692 global_mech_list = NULL;
693 }
694 }
695
696 /* This function is for backward compatibility */
697 void sasl_done(void)
698 {
699 if (_sasl_server_cleanup_hook && _sasl_server_cleanup_hook() == SASL_OK) {
700 _sasl_server_idle_hook = NULL;
701 _sasl_server_cleanup_hook = NULL;
702 }
703
704 if (_sasl_client_cleanup_hook && _sasl_client_cleanup_hook() == SASL_OK) {
705 _sasl_client_idle_hook = NULL;
706 _sasl_client_cleanup_hook = NULL;
707 }
708
709 if (_sasl_server_cleanup_hook || _sasl_client_cleanup_hook) {
710 return;
711 }
712
713 sasl_common_done();
682714 }
683715
684716 /* fills in the base sasl_conn_t info */
739771
740772 if(serverFQDN) {
741773 result = _sasl_strdup(serverFQDN, &conn->serverFQDN, NULL);
774 sasl_strlower (conn->serverFQDN);
742775 } else if (conn->type == SASL_CONN_SERVER) {
743776 /* We can fake it because we *are* the server */
744777 char name[MAXHOSTNAMELEN];
745778 memset(name, 0, sizeof(name));
746 gethostname(name, MAXHOSTNAMELEN);
779 if (get_fqhostname (name, MAXHOSTNAMELEN, 0) != 0) {
780 return (SASL_FAIL);
781 }
747782
748783 result = _sasl_strdup(name, &conn->serverFQDN, NULL);
749784 } else {
759794 int _sasl_common_init(sasl_global_callbacks_t *global_callbacks)
760795 {
761796 int result;
762
797
798 /* The last specified global callback always wins */
799 if (sasl_global_utils != NULL) {
800 sasl_utils_t * global_utils = (sasl_utils_t *)sasl_global_utils;
801 global_utils->getopt = &_sasl_global_getopt;
802 global_utils->getopt_context = global_callbacks;
803 }
804
805 /* Do nothing if we are already initialized */
806 if (free_mutex) {
807 return SASL_OK;
808 }
809
763810 /* Setup the global utilities */
764811 if(!sasl_global_utils) {
765812 sasl_global_utils = _sasl_alloc_utils(NULL, global_callbacks);
770817 result = sasl_canonuser_add_plugin("INTERNAL", internal_canonuser_init);
771818 if(result != SASL_OK) return result;
772819
773 if (!free_mutex)
820 if (!free_mutex) {
774821 free_mutex = sasl_MUTEX_ALLOC();
822 }
775823 if (!free_mutex) return SASL_FAIL;
776824
777825 return SASL_OK;
844892 * returns:
845893 * SASL_OK -- no error
846894 * SASL_NOTDONE -- property not available yet
847 * SASL_BADPARAM -- bad property number
895 * SASL_BADPARAM -- bad property number or SASL context is NULL
848896 */
849897 int sasl_getprop(sasl_conn_t *conn, int propnum, const void **pvalue)
850898 {
12481296 case SASL_NOCHANGE: return "requested change was not needed";
12491297 case SASL_WEAKPASS: return "passphrase is too weak for security policy";
12501298 case SASL_NOUSERPASS: return "user supplied passwords are not permitted";
1299 case SASL_NEED_OLD_PASSWD: return "sasl_setpass needs old password in order "
1300 "to perform password change";
1301 case SASL_CONSTRAINT_VIOLAT: return "sasl_setpass can't store a property because "
1302 "of a constraint violation";
12511303
12521304 default: return "undefined error!";
12531305 }
22422294 }
22432295
22442296 if(!olist) {
2297 /* This is not going to be very useful */
22452298 printf ("no olist");
22462299 return SASL_FAIL;
22472300 }
00 /* SASL Config file API
11 * Rob Siemborski
22 * Tim Martin (originally in Cyrus distribution)
3 * $Id: config.c,v 1.15 2006/04/10 13:28:06 mel Exp $
3 * $Id: config.c,v 1.18 2009/02/14 14:01:24 mel Exp $
44 */
55 /*
6 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
6 * Copyright (c) 1998-2009 Carnegie Mellon University. All rights reserved.
77 *
88 * Redistribution and use in source and binary forms, with or without
99 * modification, are permitted provided that the following conditions
4242 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
4343 */
4444
45 /*
46 * Current Valid keys:
47 *
48 * canon_user_plugin: <string>
49 * pwcheck_method: <string>
50 * auto_transition: <boolean>
51 * plugin_list: <string>
52 *
53 * srvtab: <string>
54 */
55
45 #include <stdio.h>
46 #include <stdlib.h>
47 #include <ctype.h>
5648
5749 #include "sasl.h"
5850 #include "saslint.h"
59
60 #include <stdio.h>
61 #include <stdlib.h>
62 #include <ctype.h>
6351
6452 struct configlist {
6553 char *key;
7866 int alloced = 0;
7967 char buf[4096];
8068 char *p, *key;
69 char *tail;
8170 int result;
8271
8372 nconfiglist=0;
9685
9786 key = p;
9887 while (*p && (isalnum((int) *p) || *p == '-' || *p == '_')) {
99 if (isupper((int) *p)) *p = tolower(*p);
88 if (isupper((int) *p)) *p = (char) tolower(*p);
10089 p++;
10190 }
10291 if (*p != ':') {
11099 return SASL_FAIL;
111100 }
112101
102 /* Now strip trailing spaces, if any */
103 tail = p + strlen(p) - 1;
104 while (tail > p && isspace((int) *tail)) {
105 *tail = '\0';
106 tail--;
107 }
108
113109 if (nconfiglist == alloced) {
114110 alloced += CONFIGLISTGROWSIZE;
115111 configlist=sasl_REALLOC((char *)configlist,
116112 alloced * sizeof(struct configlist));
117113 if (configlist==NULL) return SASL_NOMEM;
118114 }
119
120
121115
122116 result = _sasl_strdup(key,
123117 &(configlist[nconfiglist].key),
00 /* dlopen.c--Unix dlopen() dynamic loader interface
11 * Rob Siemborski
22 * Rob Earhart
3 * $Id: dlopen.c,v 1.49 2005/03/15 13:33:30 mel Exp $
3 * $Id: dlopen.c,v 1.52 2009/04/11 10:21:43 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
9494 #ifndef HAVE_DLFCN_H
9595 #include <dl.h>
9696
97 typedef shl_t dll_handle;
97 typedef shl_t * dll_handle;
9898 typedef void * dll_func;
9999
100100 dll_handle
116116 }
117117
118118 int
119 dlclose(dll_handle h)
120 {
121 shl_t hp = *((shl_t *)h);
122 if (hp != NULL) free(hp);
123 return shl_unload(h);
119 dlclose(dll_handle hp)
120 {
121 shl_t h;
122
123 if (hp != NULL) {
124 h = *((shl_t *)hp);
125 free(hp);
126 return shl_unload(h);
127 } else {
128 /* Return error */
129 return -1;
130 }
124131 }
125132
126133 dll_func
143150 }
144151
145152 #endif /* HAVE_DLFCN_H */
153
154 #ifdef __ia64
155 #define SO_SUFFIX ".so"
156 #else
146157 #define SO_SUFFIX ".sl"
147 #else /* __hpux */
158 #endif /* __ia64 */
159 #elif defined(__APPLE__)
160 #define SO_SUFFIX ".plugin"
161 #else /* __APPLE__ */
148162 #define SO_SUFFIX ".so"
149 #endif /* __hpux */
163 #endif
150164
151165 #define LA_SUFFIX ".la"
152166
00 /* SASL server API implementation
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: external.c,v 1.22 2004/02/20 17:23:58 rjs3 Exp $
3 * $Id: external.c,v 1.24 2009/03/10 16:27:52 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
5656
5757 /***************************** Common Section *****************************/
5858
59 static const char plugin_id[] = "$Id: external.c,v 1.22 2004/02/20 17:23:58 rjs3 Exp $";
59 static const char plugin_id[] = "$Id: external.c,v 1.24 2009/03/10 16:27:52 mel Exp $";
6060
6161 /***************************** Server Section *****************************/
6262
132132
133133 result = sparams->canon_user(sparams->utils->conn,
134134 sparams->utils->conn->external.auth_id, 0,
135 SASL_CU_AUTHID, oparams);
135 SASL_CU_AUTHID | SASL_CU_EXTERNALLY_VERIFIED, oparams);
136136 } else {
137137 result = sparams->canon_user(sparams->utils->conn,
138138 sparams->utils->conn->external.auth_id, 0,
139 SASL_CU_AUTHID | SASL_CU_AUTHZID, oparams);
139 SASL_CU_AUTHID | SASL_CU_EXTERNALLY_VERIFIED | SASL_CU_AUTHZID, oparams);
140140 }
141141
142142 if (result != SASL_OK) return result;
361361 sasl_FREE(text);
362362 }
363363
364 static const long external_required_prompts[] = {
364 static const unsigned long external_required_prompts[] = {
365365 SASL_CB_LIST_END
366366 };
367367
00 /* saslint.h - internal SASL library definitions
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: saslint.h,v 1.60 2006/04/18 20:25:45 mel Exp $
3 * $Id: saslint.h,v 1.69 2009/02/21 20:07:45 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
199199 const sasl_utils_t *utils; /* gotten from plug_init */
200200
201201 void *mutex; /* mutex for this data */
202 mechanism_t *mech_list; /* list of mechanisms */
203 int mech_length; /* number of mechanisms */
202 mechanism_t *mech_list; /* list of loaded mechanisms */
203 int mech_length; /* number of loaded mechanisms */
204204 } mech_list_t;
205205
206206 typedef struct context_list
222222 mechanism_t *mech; /* mechanism trying to use */
223223 sasl_server_params_t *sparams;
224224 context_list_t *mech_contexts;
225 mechanism_t *mech_list; /* list of available mechanisms */
226 int mech_length; /* number of available mechanisms */
225227 } sasl_server_conn_t;
226228
227229 /* Client Conn Type Information */
299301
300302 extern sasl_allocation_utils_t _sasl_allocation_utils;
301303 extern sasl_mutex_utils_t _sasl_mutex_utils;
304 extern int _sasl_allocation_locked;
305
306 void sasl_common_done(void);
302307
303308 /*
304309 * checkpw.c
347352 extern int _sasl_locate_entry(void *library, const char *entryname,
348353 void **entry_point);
349354 extern int _sasl_done_with_plugins();
350
351355
352356 /*
353357 * common.c
450454 /*
451455 * config file declarations (config.c)
452456 */
453 extern int sasl_config_init(const char *filename);
454457 extern const char *sasl_config_getstring(const char *key,const char *def);
455458
456459 /* checkpw.c */
462465 const char *user_realm);
463466 #endif /* DO_SASL_CHECKAPOP */
464467
465 /* Auxprop Plugin (checkpw.c) */
468 /* Auxprop Plugin (sasldb.c) */
466469 extern int sasldb_auxprop_plug_init(const sasl_utils_t *utils,
467470 int max_version,
468471 int *out_version,
474477 */
475478 extern int _sasl_auxprop_add_plugin(void *p, void *library);
476479 extern void _sasl_auxprop_free(void);
477 extern void _sasl_auxprop_lookup(sasl_server_params_t *sparams,
480 extern int _sasl_auxprop_lookup(sasl_server_params_t *sparams,
478481 unsigned flags,
479482 const char *user, unsigned ulen);
480483
488491 sasl_canonuser_plug_t **plug,
489492 const char *plugname);
490493 extern int _sasl_canon_user(sasl_conn_t *conn,
491 const char *user, unsigned ulen,
494 const char *user,
495 unsigned ulen,
492496 unsigned flags,
493497 sasl_out_params_t *oparams);
498 int _sasl_canon_user_lookup (sasl_conn_t *conn,
499 const char *user,
500 unsigned ulen,
501 unsigned flags,
502 sasl_out_params_t *oparams);
503
504 /*
505 * saslutil.c
506 */
507 int get_fqhostname(
508 char *name,
509 int namelen,
510 int abort_if_no_fqdn
511 );
494512
495513 #endif /* SASLINT_H */
00 /* saslutil.c
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: saslutil.c,v 1.44.2.1 2009/04/27 17:47:17 murch Exp $
3 * $Id: saslutil.c,v 1.49 2009/04/27 13:26:27 murch Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
7171 * sasl_randseed
7272 * sasl_rand
7373 * sasl_churn
74 */
74 * sasl_erasebuffer
75 */
76
77 #ifdef sun
78 /* gotta define gethostname ourselves on suns */
79 extern int gethostname(char *, int);
80 #endif
7581
7682 char *encode_table;
7783 char *decode_table;
110116 * Returns SASL_OK on success, SASL_BUFOVER if result won't fit
111117 */
112118
113 int sasl_encode64(const char *_in, unsigned inlen,
114 char *_out, unsigned outmax, unsigned *outlen)
119 int sasl_encode64(const char *_in,
120 unsigned inlen,
121 char *_out,
122 unsigned outmax,
123 unsigned *outlen)
115124 {
116125 const unsigned char *in = (const unsigned char *)_in;
117126 unsigned char *out = (unsigned char *)_out;
120129 unsigned olen;
121130
122131 /* check params */
123 if ((inlen >0) && (in == NULL)) return SASL_BADPARAM;
132 if ((inlen > 0) && (in == NULL)) return SASL_BADPARAM;
124133
125134 /* Will it fit? */
126135 olen = (inlen + 2) / 3 * 4;
127136 if (outlen) {
128 *outlen = olen;
137 *outlen = olen;
129138 }
130139 if (outmax <= olen) {
131 return SASL_BUFOVER;
140 return SASL_BUFOVER;
132141 }
133142
134143 /* Do the work... */
135 blah=(char *) out;
144 blah = (char *) out;
136145 while (inlen >= 3) {
137146 /* user provided max buffer size; make sure we don't go over it */
138147 *out++ = basis_64[in[0] >> 2];
467476
468477 void sasl_erasebuffer(char *buf, unsigned len) {
469478 memset(buf, 0, len);
479 }
480
481 /* Lowercase string in place */
482 char *sasl_strlower (
483 char *val
484 )
485 {
486 int i;
487
488 if (val == NULL) {
489 return (NULL);
490 }
491
492 /* don't use tolower(), as it is locale dependent */
493
494 for (i = 0; val[i] != '\0'; i++) {
495 if (val[i] >= 'A' && val[i] <= 'Z') {
496 val[i] = val[i] - 'A' + 'a';
497 }
498 }
499
500 return (val);
501 }
502
503 /* A version of gethostname that tries hard to return a FQDN */
504 int get_fqhostname(
505 char *name,
506 int namelen,
507 int abort_if_no_fqdn
508 )
509 {
510 int return_value;
511 struct addrinfo hints;
512 struct addrinfo *result;
513
514 return_value = gethostname (name, namelen);
515 if (return_value != 0) {
516 return (return_value);
517 }
518
519 if (strchr (name, '.') != NULL) {
520 goto LOWERCASE;
521 }
522
523 /* gethostname hasn't returned a FQDN, we have to canonify it ourselves */
524 hints.ai_family = PF_UNSPEC;
525 hints.ai_flags = AI_CANONNAME;
526 hints.ai_socktype = SOCK_STREAM; /* TCP only */
527 /* A value of zero for ai_protocol indicates the caller will accept any protocol. or IPPROTO_TCP? */
528 hints.ai_protocol = 0; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
529 hints.ai_addrlen = 0;
530 hints.ai_canonname = NULL;
531 hints.ai_addr = NULL;
532 hints.ai_next = NULL;
533
534 if (getaddrinfo(name,
535 NULL, /* don't care abour service/port */
536 &hints,
537 &result) != 0) {
538 /* errno on Unix, WSASetLastError on Windows are already done by the function */
539 return (-1);
540 }
541
542 if (abort_if_no_fqdn && (result == NULL || result->ai_canonname == NULL)) {
543 freeaddrinfo (result);
544 #ifdef WIN32
545 WSASetLastError (WSANO_DATA);
546 #elif defined(ENODATA)
547 errno = ENODATA;
548 #elif defined(EADDRNOTAVAIL)
549 errno = EADDRNOTAVAIL;
550 #endif
551 return (-1);
552 }
553
554 if (abort_if_no_fqdn && strchr (result->ai_canonname, '.') == NULL) {
555 freeaddrinfo (result);
556 #ifdef WIN32
557 WSASetLastError (WSANO_DATA);
558 #elif defined(ENODATA)
559 errno = ENODATA;
560 #elif defined(EADDRNOTAVAIL)
561 errno = EADDRNOTAVAIL;
562 #endif
563 return (-1);
564 }
565
566
567 /* Do we need to check for buffer overflow and set errno? */
568 strncpy (name, result->ai_canonname, namelen);
569 freeaddrinfo (result);
570
571 LOWERCASE:
572 sasl_strlower (name);
573 return (0);
470574 }
471575
472576 #ifdef WIN32
656760 const char *prompt;
657761 {
658762 register char *p;
659 register c;
763 register int c;
660764 static char pbuf[PASSWORD_MAX];
661765
662766 fprintf(stderr, "%s", prompt); (void) fflush(stderr);
663767 for (p=pbuf; (c = _getch())!=13 && c!=EOF;) {
664768 if (p < &pbuf[sizeof(pbuf)-1])
665 *p++ = c;
769 *p++ = (char) c;
666770 }
667771 *p = '\0';
668772 fprintf(stderr, "\n"); (void) fflush(stderr);
00 /* SASL server API implementation
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: server.c,v 1.146 2006/04/26 17:45:53 murch Exp $
3 * $Id: server.c,v 1.161 2009/08/04 17:45:55 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
6262 #include "saslplug.h"
6363 #include "saslutil.h"
6464
65 #ifdef sun
66 /* gotta define gethostname ourselves on suns */
67 extern int gethostname(char *, int);
68 #endif
69
7065 #define DEFAULT_CHECKPASS_MECH "auxprop"
7166
7267 /* Contains functions:
120115
121116 int sasl_setpass(sasl_conn_t *conn,
122117 const char *user,
123 const char *pass, unsigned passlen,
118 const char *pass,
119 unsigned passlen,
124120 const char *oldpass,
125121 unsigned oldpasslen,
126122 unsigned flags)
128124 int result = SASL_OK, tmpresult;
129125 sasl_server_conn_t *s_conn = (sasl_server_conn_t *) conn;
130126 const char *password_request[] = { SASL_AUX_PASSWORD_PROP, NULL };
127 const char *user_delete_request[] = { SASL_AUX_PASSWORD_PROP, SASL_AUX_ALL, NULL };
131128 sasl_server_userdb_setpass_t *setpass_cb = NULL;
132129 void *context = NULL;
133130 int tried_setpass = 0;
131 int failed = 0;
134132 mechanism_t *sm;
135133 server_sasl_mechanism_t *m;
136134 char *current_mech;
170168 if (flags & SASL_SET_DISABLE) {
171169 pass = NULL;
172170 passlen = 0;
173 }
174
175 result = prop_request(s_conn->sparams->propctx, password_request);
171 result = prop_request(s_conn->sparams->propctx, user_delete_request);
172 } else {
173 result = prop_request(s_conn->sparams->propctx, password_request);
174 }
176175 if (result == SASL_OK) {
176 /* NOTE: When deleting users, this will work in a backward compatible way */
177177 result = prop_set(s_conn->sparams->propctx, SASL_AUX_PASSWORD_PROP,
178178 pass, passlen);
179 }
180 if (result == SASL_OK && flags & SASL_SET_DISABLE) {
181 result = prop_set(s_conn->sparams->propctx, SASL_AUX_ALL,
182 NULL, 0);
179183 }
180184 if (result == SASL_OK) {
181185 result = sasl_auxprop_store(conn, s_conn->sparams->propctx, user);
184188 _sasl_log(conn, SASL_LOG_ERR,
185189 "setpass failed for %s: %z",
186190 user, result);
191 failed++;
187192 } else {
188193 _sasl_log(conn, SASL_LOG_NOTE,
189194 "setpass succeeded for %s", user);
202207 tmpresult = setpass_cb(conn, context, user, pass, passlen,
203208 s_conn->sparams->propctx, flags);
204209 if(tmpresult != SASL_OK) {
205 result = tmpresult;
210 if (tmpresult == SASL_CONSTRAINT_VIOLAT) {
211 if (result == SASL_OK) {
212 result = tmpresult;
213 }
214 } else {
215 result = tmpresult;
216 }
206217 _sasl_log(conn, SASL_LOG_ERR,
207218 "setpass callback failed for %s: %z",
208219 user, tmpresult);
220 failed++;
209221 } else {
210222 _sasl_log(conn, SASL_LOG_NOTE,
211223 "setpass callback succeeded for %s", user);
213225 }
214226
215227 /* now we let the mechanisms set their secrets */
216 for (sm = mechlist->mech_list; sm; sm = sm->next) {
228 for (sm = s_conn->mech_list; sm; sm = sm->next) {
217229 m = &sm->m;
218230
219231 if (!m->plug->setpass) {
248260 } else if (tmpresult == SASL_NOCHANGE) {
249261 _sasl_log(conn, SASL_LOG_NOTE,
250262 "%s: secret not changed for %s", m->plug->mech_name, user);
263 } else if (tmpresult == SASL_CONSTRAINT_VIOLAT) {
264 _sasl_log(conn, SASL_LOG_ERR,
265 "%s: failed to set secret for %s: constrain violation",
266 m->plug->mech_name, user);
267 if (result == SASL_OK) {
268 result = tmpresult;
269 }
270 failed++;
251271 } else {
252272 result = tmpresult;
253273 _sasl_log(conn, SASL_LOG_ERR,
259279 GetLastError()
260280 #endif
261281 );
282 failed++;
262283 }
263284 }
264285
267288 "secret not changed for %s: "
268289 "no writable auxprop plugin or setpass callback found",
269290 user);
291 } else if (result == SASL_CONSTRAINT_VIOLAT) {
292 /* If not all setpass failed with SASL_CONSTRAINT_VIOLAT -
293 ignore SASL_CONSTRAINT_VIOLAT */
294 if (failed < tried_setpass) {
295 result = SASL_OK;
296 }
270297 }
271298
272299 RETURN(conn, result);
307334 if (s_conn->sparams)
308335 sasl_FREE(s_conn->sparams);
309336
337 if (s_conn->mech_list != mechlist->mech_list) {
338 /* free connection-specific mech_list */
339 mechanism_t *m, *prevm;
340
341 m = s_conn->mech_list; /* m point to beginning of the list */
342
343 while (m) {
344 prevm = m;
345 m = m->next;
346 sasl_FREE(prevm);
347 }
348 }
349
310350 _sasl_conn_dispose(pconn);
311351 }
312352
313353 static int init_mechlist(void)
314354 {
315355 sasl_utils_t *newutils = NULL;
316
317 mechlist->mutex = sasl_MUTEX_ALLOC();
318 if(!mechlist->mutex) return SASL_FAIL;
319356
320357 /* set util functions - need to do rest */
321358 newutils = _sasl_alloc_utils(NULL, &global_callbacks);
329366 mechlist->mech_length=0;
330367
331368 return SASL_OK;
369 }
370
371 static int mech_compare(const sasl_server_plug_t *a,
372 const sasl_server_plug_t *b)
373 {
374 unsigned sec_diff;
375
376 if (a->max_ssf > b->max_ssf) return 1;
377 if (a->max_ssf < b->max_ssf) return -1;
378
379 /* XXX the following is fairly arbitrary, but its independent
380 of the order in which the plugins are loaded
381 */
382 sec_diff = a->security_flags ^ b->security_flags;
383 if (sec_diff & a->security_flags & SASL_SEC_FORWARD_SECRECY) return 1;
384 if (sec_diff & b->security_flags & SASL_SEC_FORWARD_SECRECY) return -1;
385 if (sec_diff & a->security_flags & SASL_SEC_NOACTIVE) return 1;
386 if (sec_diff & b->security_flags & SASL_SEC_NOACTIVE) return -1;
387 if (sec_diff & a->security_flags & SASL_SEC_NODICTIONARY) return 1;
388 if (sec_diff & b->security_flags & SASL_SEC_NODICTIONARY) return -1;
389 if (sec_diff & a->security_flags & SASL_SEC_MUTUAL_AUTH) return 1;
390 if (sec_diff & b->security_flags & SASL_SEC_MUTUAL_AUTH) return -1;
391 if (sec_diff & a->security_flags & SASL_SEC_NOANONYMOUS) return 1;
392 if (sec_diff & b->security_flags & SASL_SEC_NOANONYMOUS) return -1;
393 if (sec_diff & a->security_flags & SASL_SEC_NOPLAINTEXT) return 1;
394 if (sec_diff & b->security_flags & SASL_SEC_NOPLAINTEXT) return -1;
395
396 return 0;
332397 }
333398
334399 /*
340405 {
341406 int plugcount;
342407 sasl_server_plug_t *pluglist;
343 mechanism_t *mech;
344408 sasl_server_plug_init_t *entry_point;
345409 int result;
346410 int version;
370434 return SASL_BADVERS;
371435 }
372436
373 for (lupe=0;lupe < plugcount ;lupe++)
437 for (lupe=0;lupe < plugcount ;lupe++, pluglist++)
374438 {
439 mechanism_t *mech, *mp;
440
375441 mech = sasl_ALLOC(sizeof(mechanism_t));
376442 if (! mech) return SASL_NOMEM;
377443 memset (mech, 0, sizeof(mechanism_t));
378444
379 mech->m.plug = pluglist++;
445 mech->m.plug = pluglist;
380446 if(_sasl_strdup(plugname, &mech->m.plugname, NULL) != SASL_OK) {
381447 sasl_FREE(mech);
382448 return SASL_NOMEM;
383449 }
384450 mech->m.version = version;
385451
386 /* wheather this mech actually has any users in it's db */
452 /* whether this mech actually has any users in it's db */
387453 mech->m.condition = result; /* SASL_OK, SASL_CONTINUE or SASL_NOUSER */
388454
389455 /* mech->m.f = NULL; */
390456
391 mech->next = mechlist->mech_list;
392 mechlist->mech_list = mech;
457 /* sort mech_list by relative "strength" */
458 mp = mechlist->mech_list;
459 if (!mp || mech_compare(pluglist, mp->m.plug) >= 0) {
460 /* add mech to head of list */
461 mech->next = mechlist->mech_list;
462 mechlist->mech_list = mech;
463 } else {
464 /* find where to insert mech into list */
465 while (mp->next &&
466 mech_compare(pluglist, mp->next->m.plug) <= 0) mp = mp->next;
467 mech->next = mp->next;
468 mp->next = mech;
469 }
393470 mechlist->mech_length++;
394471 }
472
473 return SASL_OK;
474 }
475
476 int sasl_server_done(void)
477 {
478 int result = SASL_CONTINUE;
479
480 if (_sasl_server_cleanup_hook == NULL && _sasl_client_cleanup_hook == NULL) {
481 return SASL_NOTINIT;
482 }
483
484 if (_sasl_server_cleanup_hook) {
485 result = _sasl_server_cleanup_hook();
486
487 if (result == SASL_OK) {
488 _sasl_server_idle_hook = NULL;
489 _sasl_server_cleanup_hook = NULL;
490 } else {
491 return result;
492 }
493 }
494
495 if (_sasl_server_cleanup_hook || _sasl_client_cleanup_hook) {
496 return result;
497 }
498
499 sasl_common_done();
395500
396501 return SASL_OK;
397502 }
428533 sasl_FREE(prevm);
429534 }
430535 _sasl_free_utils(&mechlist->utils);
431 sasl_MUTEX_FREE(mechlist->mutex);
432536 sasl_FREE(mechlist);
433537 mechlist = NULL;
434538 }
483587 /* getconfpath_cb->proc MUST be a sasl_getconfpath_t; if only C had a type
484588 system */
485589 result = ((sasl_getconfpath_t *)(getconfpath_cb->proc))(getconfpath_cb->context,
486 &path_to_config);
590 (char **) &path_to_config);
487591 if (result != SASL_OK) goto done;
488592 if (path_to_config == NULL) path_to_config = "";
489593
696800 { "sasl_canonuser_init", (add_plugin_t *)sasl_canonuser_add_plugin },
697801 { NULL, NULL }
698802 };
803
804 /* lock allocation type */
805 _sasl_allocation_locked++;
699806
700807 /* we require the appname (if present) to be short enough to be a path */
701808 if (appname != NULL && strlen(appname) >= PATH_MAX)
886993 sasl_getopt_t *getopt;
887994 void *context;
888995 const char *log_level, *auto_trans;
996 const char *mlist = NULL;
889997
890998 if (_sasl_server_active==0) return SASL_NOTINIT;
891999 if (! pconn) return SASL_FAIL;
9671075 if(_sasl_getcallback(*pconn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {
9681076 getopt(context, NULL, "log_level", &log_level, NULL);
9691077 getopt(context, NULL, "auto_transition", &auto_trans, NULL);
1078 getopt(context, NULL, "mech_list", &mlist, NULL);
9701079 }
9711080 serverconn->sparams->log_level = log_level ? atoi(log_level) : SASL_LOG_ERR;
9721081
9801089 serverconn->sparams->transition = &_sasl_transition;
9811090 }
9821091
983 serverconn->sparams->canon_user = &_sasl_canon_user;
1092 /* if we have a mech_list, create ordered list of avail mechs for this conn */
1093 if (mlist) {
1094 const char *cp;
1095 mechanism_t *mptr, *tail = NULL;
1096
1097 while (*mlist) {
1098 /* find end of current mech name */
1099 for (cp = mlist; *cp && !isspace((int) *cp); cp++);
1100
1101 /* search for mech name in loaded plugins */
1102 for (mptr = mechlist->mech_list; mptr; mptr = mptr->next) {
1103 const sasl_server_plug_t *plug = mptr->m.plug;
1104
1105 if (((size_t) (cp - mlist) == strlen(plug->mech_name)) &&
1106 !strncasecmp(mlist, plug->mech_name, strlen(plug->mech_name)))
1107 /* found a match */
1108 break;
1109 }
1110 if (mptr) {
1111 mechanism_t *new = sasl_ALLOC(sizeof(mechanism_t));
1112 if (!new) return SASL_NOMEM;
1113
1114 memcpy(&new->m, &mptr->m, sizeof(server_sasl_mechanism_t));
1115 new->next = NULL;
1116
1117 if (!serverconn->mech_list) {
1118 serverconn->mech_list = new;
1119 tail = serverconn->mech_list;
1120 }
1121 else {
1122 tail->next = new;
1123 tail = new;
1124 }
1125 serverconn->mech_length++;
1126 }
1127
1128 /* find next mech name */
1129 mlist = cp;
1130 while (*mlist && isspace((int) *mlist)) mlist++;
1131 }
1132 }
1133 else {
1134 serverconn->mech_list = mechlist->mech_list;
1135 serverconn->mech_length = mechlist->mech_length;
1136 }
1137
1138 serverconn->sparams->canon_user = &_sasl_canon_user_lookup;
9841139 serverconn->sparams->props = serverconn->base.props;
9851140 serverconn->sparams->flags = flags;
9861141
9951150
9961151 /*
9971152 * The rule is:
998 * IF mech strength + external strength < min ssf THEN FAIL
1153 * IF mech strength + external strength < min ssf THEN FAIL.
9991154 * We also have to look at the security properties and make sure
1000 * that this mechanism has everything we want
1155 * that this mechanism has everything we want.
10011156 */
10021157 static int mech_permitted(sasl_conn_t *conn,
10031158 mechanism_t *mech)
10071162 int ret;
10081163 int myflags;
10091164 context_list_t *cur;
1010 sasl_getopt_t *getopt;
10111165 void *context;
10121166 sasl_ssf_t minssf = 0;
10131167
10191173 }
10201174
10211175 plug = mech->m.plug;
1022
1023 /* get the list of allowed mechanisms (default = all) */
1024 if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context)
1025 == SASL_OK) {
1026 const char *mlist = NULL;
1027
1028 getopt(context, NULL, "mech_list", &mlist, NULL);
1029
1030 /* if we have a list, check the plugin against it */
1031 if (mlist) {
1032 const char *cp;
1033
1034 while (*mlist) {
1035 for (cp = mlist; *cp && !isspace((int) *cp); cp++);
1036 if (((size_t) (cp - mlist) == strlen(plug->mech_name)) &&
1037 !strncasecmp(mlist, plug->mech_name,
1038 strlen(plug->mech_name))) {
1039 break;
1040 }
1041 mlist = cp;
1042 while (*mlist && isspace((int) *mlist)) mlist++;
1043 }
1044
1045 if (!*mlist) return SASL_NOMECH; /* reached EOS -> not in our list */
1046 }
1047 }
10481176
10491177 /* setup parameters for the call to mech_avail */
10501178 s_conn->sparams->serverFQDN=conn->serverFQDN;
12161344
12171345 if (_sasl_server_active==0) return SASL_NOTINIT;
12181346
1347 /* check parameters */
1348 if(!conn) return SASL_BADPARAM;
1349
1350 if (!mech || ((clientin==NULL) && (clientinlen>0)))
1351 PARAMERROR(conn);
1352
1353 if (serverout) *serverout = NULL;
1354 if (serveroutlen) *serveroutlen = 0;
1355
12191356 /* make sure mech is valid mechanism
12201357 if not return appropriate error */
1221 m=mechlist->mech_list;
1222
1223 /* check parameters */
1224 if(!conn) return SASL_BADPARAM;
1225
1226 if (!mech || ((clientin==NULL) && (clientinlen>0)))
1227 PARAMERROR(conn);
1228
1229 if(serverout) *serverout = NULL;
1230 if(serveroutlen) *serveroutlen = 0;
1358 m = s_conn->mech_list;
12311359
12321360 while (m!=NULL)
12331361 {
13471475 } else {
13481476 /* Mech wants client-first, so let them have it */
13491477 result = sasl_server_step(conn,
1350 clientin, clientinlen,
1351 serverout, serveroutlen);
1478 clientin,
1479 clientinlen,
1480 serverout,
1481 serveroutlen);
13521482 }
13531483 } else {
13541484 if(s_conn->mech->m.plug->features & SASL_FEAT_WANT_CLIENT_FIRST) {
13591489 } else {
13601490 /* Mech wants server-first, so let them have it */
13611491 result = sasl_server_step(conn,
1362 clientin, clientinlen,
1363 serverout, serveroutlen);
1492 clientin,
1493 clientinlen,
1494 serverout,
1495 serveroutlen);
13641496 }
13651497 }
13661498 }
13811513
13821514
13831515 /* perform one step of the SASL exchange
1384 * inputlen & input -- client data
1516 * clientinlen & clientin -- client data
13851517 * NULL on first step if no optional client step
1386 * outputlen & output -- set to the server data to transmit
1518 * serveroutlen & serverout -- set to the server data to transmit
13871519 * to the client in the next step
13881520 * (library handles freeing this)
13891521 *
14131545 PARAMERROR(conn);
14141546
14151547 /* If we've already done the last send, return! */
1416 if(s_conn->sent_last == 1) {
1548 if (s_conn->sent_last == 1) {
14171549 return SASL_OK;
14181550 }
14191551
14231555 return SASL_FAIL;
14241556 }
14251557
1426 if(serverout) *serverout = NULL;
1427 if(serveroutlen) *serveroutlen = 0;
1558 if (serverout) *serverout = NULL;
1559 if (serveroutlen) *serveroutlen = 0;
14281560
14291561 ret = s_conn->mech->m.plug->mech_step(conn->context,
14301562 s_conn->sparams,
14781610 * added up
14791611 */
14801612
1481 static unsigned mech_names_len()
1613 static unsigned mech_names_len(mechanism_t *mech_list)
14821614 {
14831615 mechanism_t *listptr;
14841616 unsigned result = 0;
14851617
1486 for (listptr = mechlist->mech_list;
1618 for (listptr = mech_list;
14871619 listptr;
14881620 listptr = listptr->next)
14891621 result += (unsigned) strlen(listptr->m.plug->mech_name);
14931625
14941626 /* This returns a list of mechanisms in a NUL-terminated string
14951627 *
1496 * The default behavior is to seperate with spaces if sep==NULL
1628 * The default behavior is to separate with spaces if sep == NULL
14971629 */
14981630 int _sasl_server_listmech(sasl_conn_t *conn,
14991631 const char *user __attribute__((unused)),
15041636 unsigned *plen,
15051637 int *pcount)
15061638 {
1639 sasl_server_conn_t *s_conn = (sasl_server_conn_t *)conn;
15071640 int lup;
15081641 mechanism_t *listptr;
15091642 int ret;
15301663 mysep = " ";
15311664 }
15321665
1533 if (! mechlist || mechlist->mech_length <= 0)
1666 if (!s_conn->mech_list || s_conn->mech_length <= 0)
15341667 INTERROR(conn, SASL_NOMECH);
15351668
15361669 resultlen = (prefix ? strlen(prefix) : 0)
1537 + (strlen(mysep) * (mechlist->mech_length - 1))
1538 + mech_names_len()
1670 + (strlen(mysep) * (s_conn->mech_length - 1))
1671 + mech_names_len(s_conn->mech_list)
15391672 + (suffix ? strlen(suffix) : 0)
15401673 + 1;
15411674 ret = _buf_alloc(&conn->mechlist_buf,
15471680 else
15481681 *(conn->mechlist_buf) = '\0';
15491682
1550 listptr = mechlist->mech_list;
1683 listptr = s_conn->mech_list;
15511684
15521685 flag = 0;
15531686 /* make list */
1554 for (lup = 0; lup < mechlist->mech_length; lup++) {
1687 for (lup = 0; lup < s_conn->mech_length; lup++) {
15551688 /* currently, we don't use the "user" parameter for anything */
15561689 if (mech_permitted(conn, listptr) == SASL_OK) {
15571690 if (pcount != NULL)
17341867 if(result != SASL_OK) RETURN(conn, result);
17351868 user = conn->oparams.user;
17361869
1737 /* Check the password */
1870 /* Check the password and lookup additional properties */
17381871 result = _sasl_checkpass(conn, user, userlen, pass, passlen);
17391872
17401873 /* Do authorization */
17571890 * SASL_NOUSER -- user not found
17581891 * SASL_NOVERIFY -- user found, but no usable mechanism [FIXME: not supported]
17591892 * SASL_NOMECH -- no mechanisms enabled
1893 * SASL_UNAVAIL -- remote authentication server unavailable, try again later
17601894 */
17611895 int sasl_user_exists(sasl_conn_t *conn,
17621896 const char *service,
18041938
18051939 /* Screen out the SASL_BADPARAM response
18061940 * we'll get from not giving a password */
1807 if(result == SASL_BADPARAM) {
1941 if (result == SASL_BADPARAM) {
18081942 result = SASL_OK;
18091943 }
18101944
18952029 s_conn->sparams->utils->prop_erase(s_conn->sparams->propctx,
18962030 password_request[0]);
18972031
1898 /* Cannonify it */
1899 result = _sasl_canon_user(conn, user, user_len,
1900 SASL_CU_AUTHID | SASL_CU_AUTHZID,
1901 &(conn->oparams));
2032 /* canonicalize the username and lookup any associated properties */
2033 result = _sasl_canon_user_lookup (conn,
2034 user,
2035 user_len,
2036 SASL_CU_AUTHID | SASL_CU_AUTHZID,
2037 &(conn->oparams));
19022038 sasl_FREE(user);
19032039
19042040 if(result != SASL_OK) RETURN(conn, result);
19292065 _sasl_print_mechanism (
19302066 server_sasl_mechanism_t *m,
19312067 sasl_info_callback_stage_t stage,
1932 void *rock
2068 void *rock __attribute__((unused))
19332069 )
19342070 {
19352071 char delimiter;
20132149
20142150
20152151 printf ("\n\tfeatures:");
2016
2152
20172153 delimiter = ' ';
20182154 if (m->plug->features & SASL_FEAT_WANT_CLIENT_FIRST) {
20192155 printf ("%cWANT_CLIENT_FIRST", delimiter);
20272163
20282164 if (m->plug->features & SASL_FEAT_ALLOWS_PROXY) {
20292165 printf ("%cPROXY_AUTHENTICATION", delimiter);
2166 delimiter = '|';
2167 }
2168
2169 if (m->plug->features & SASL_FEAT_DONTUSE_USERPASSWD) {
2170 printf ("%cDONTUSE_USERPASSWD", delimiter);
20302171 delimiter = '|';
20312172 }
20322173
00 /* windlopen.c--Windows dynamic loader interface
11 * Ryan Troll
2 * $Id: windlopen.c,v 1.16 2003/10/20 15:19:59 rjs3 Exp $
2 * $Id: windlopen.c,v 1.17 2009/01/25 20:20:57 mel Exp $
33 */
44 /*
55 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
133133 if (r != SASL_OK) return r;
134134
135135 newhead = sasl_ALLOC(sizeof(lib_list_t));
136 if(!newhead) return SASL_NOMEM;
136 if (!newhead) return SASL_NOMEM;
137137
138138 if (!(library = LoadLibrary (file))) {
139139 _sasl_log(NULL, SASL_LOG_ERR,
150150 return SASL_OK;
151151 }
152152
153
153 /* undoes actions done by _sasl_get_plugin */
154 void _sasl_remove_last_plugin()
155 {
156 lib_list_t *last_plugin = lib_list_head;
157 lib_list_head = lib_list_head->next;
158 if (last_plugin->library) {
159 FreeLibrary(last_plugin->library);
160 }
161 sasl_FREE(last_plugin);
162 }
154163
155164 /* gets the list of mechanisms */
156165 int _sasl_load_plugins(const add_plugin_list_t *entrypoints,
242251 void *library;
243252 char *c;
244253 char plugname[PATH_MAX];
254 int entries;
245255
246256 length = strlen(finddata.name);
247257 if (length < 5) { /* At least <Ch>.dll */
276286 continue;
277287 }
278288
289 entries = 0;
279290 for (cur_ep = entrypoints; cur_ep->entryname; cur_ep++) {
280 _sasl_plugin_load(plugname, library, cur_ep->entryname,
281 cur_ep->add_plugin);
291 result = _sasl_plugin_load(plugname,
292 library,
293 cur_ep->entryname,
294 cur_ep->add_plugin);
295 if (result == SASL_OK) {
296 ++entries;
297 }
282298 /* If this fails, it's not the end of the world */
283299 }
300 if (entries == 0) {
301 _sasl_remove_last_plugin();
302 }
303
284304 } while (_findnext (fhandle, &finddata) == 0);
285305
286306 _findclose (fhandle);
131131 LIB_PGSQL = @LIB_PGSQL@
132132 LIB_SOCKET = @LIB_SOCKET@
133133 LIB_SQLITE = @LIB_SQLITE@
134 LIB_SQLITE3 = @LIB_SQLITE3@
134135 LN_S = @LN_S@
135136 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
136137 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH SASL "10 July 2001" SASL "SASL man pages"
40 .TH SASL 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 SASL \- SASL authentication library
4343 .SH DESCRIPTION
5555 .I Programmers Guide
5656 in the doc/ directory of the SASL distribution.
5757 .SH "CONFORMING TO"
58 RFC 2222
58 RFC 4422
5959 .SH "SEE ALSO"
6060 sasl_authorize_t(3), sasl_auxprop(3), sasl_auxprop_getctx(3), sasl_auxprop_request(3), sasl_canon_user_t(3), sasl_callbacks(3), sasl_chalprompt_t(3), sasl_checkapop(3), sasl_checkpass(3), sasl_client_init(3), sasl_client_new(3), sasl_client_start(3), sasl_client_step(3), sasl_decode(3), sasl_dispose(3), sasl_done(3), sasl_encode(3), sasl_encodev(3), sasl_errdetail(3), sasl_errors(3), sasl_errstring(3), sasl_errors(3), sasl_getopt_t(3), sasl_getpath_t(3), sasl_getprop(3), sasl_getrealm_t(3), sasl_getsecret_t(3), sasl_getsimple_t(3), sasl_idle(3), sasl_listmech(3), sasl_log_t(3), sasl_server_init(3), sasl_server_new(3), sasl_server_start(3), sasl_server_step(3), sasl_server_userdb_checkpass_t(3), sasl_server_userdb_setpass_t(3), sasl_setpass(3), sasl_setprop(3), sasl_user_exists(3), sasl_verifyfile_t(3), sasl_global_listmech(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_authorize_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_authorize_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_authorize_t \- The SASL authorization callback
4343
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_auxprop "10 July 2001" SASL "SASL man pages"
40 .TH sasl_auxprop 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_auxprop \- How to work with SASL auxiliary properties
4343
206206 on success, or NULL on any error.
207207
208208 .SH "CONFORMING TO"
209 RFC 2222
209 RFC 4422
210210
211211 .SH "SEE ALSO"
212212 sasl(3), sasl_errors(3), sasl_auxprop_request(3), sasl_auxprop_getctx(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_auxprop_getctx "10 July 2001" SASL "SASL man pages"
40 .TH sasl_auxprop_getctx 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_auxprop_getctx \- Acquire an auxiliary property context
4343
6363 Returns a pointer the the context on success. Returns NULL on failure.
6464
6565 .SH "CONFORMING TO"
66 RFC 2222
66 RFC 4422
6767 .SH "SEE ALSO"
6868 sasl(3), sasl_auxprop(3), sasl_auxprop_request(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_auxprop_request "10 July 2001" SASL "SASL man pages"
40 .TH sasl_auxprop_request 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_auxprop_request \- Request Auxiliary Properties from SASL
4343
7171 codes.
7272
7373 .SH "CONFORMING TO"
74 RFC 2222
74 RFC 4422
7575 .SH "SEE ALSO"
7676 sasl(3), sasl_errors(3), sasl_auxprop(3), sasl_auxprop_getctx(3),
7777 sasl_server_new(3), sasl_server_start(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_callbacks "12 February 2006" SASL "SASL man pages"
40 .TH sasl_callbacks 3 "12 February 2006" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_callbacks \- How to work with SASL callbacks
4343
114114 SASL callback functions should return SASL return codes. See sasl.h for a complete list. SASL_OK typically indicates success.
115115
116116 .SH "CONFORMING TO"
117 RFC 2222
117 RFC 4422
118118
119119 .SH "SEE ALSO"
120120 sasl(3), sasl_errors(3), sasl_authorize_t(3), sasl_log_t(3), sasl_getpath_t(3),
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_server_userdb_checkpass_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_server_userdb_checkpass_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_server_userdb_checkpass_t \- Plaintext Password Verification Callback
4343
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_chalprompt_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_chalprompt_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_chalprompt_t \- Realm Acquisition Callback
4343
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_checkapop "29 June 2001" SASL "SASL man pages"
40 .TH sasl_checkapop 3 "29 June 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_checkapop \- Check an APOP challenge/response
4343 .SH SYNOPSIS
7373 for meanings of return codes.
7474
7575 .SH "CONFORMING TO"
76 RFC 2222, RFC 1939
76 RFC 4422, RFC 1939
7777 .SH "SEE ALSO"
7878 sasl(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_checkpass "10 July 2001" SASL "SASL man pages"
40 .TH sasl_checkpass 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_checkpass \- Check a plaintext password
4343 .SH SYNOPSIS
6565 for meanings of return codes.
6666
6767 .SH "CONFORMING TO"
68 RFC 2222
68 RFC 4422
6969 .SH "SEE ALSO"
7070 sasl(3), sasl_errors(3), sasl_callbacks(3), sasl_setpass(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_client_init "21 June 2001" SASL "SASL man pages"
40 .TH sasl_client_init 3 "21 June 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_client_init \- SASL client authentication initialization
4343
8282 Not enough memory to complete operation
8383
8484 .SH "CONFORMING TO"
85 RFC 2222
85 RFC 4422
8686 .SH "SEE ALSO"
8787 sasl(3), sasl_callbacks(3), sasl_client_new(3), sasl_client_start(3), sasl_client_step(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_client_new "21 June 2001" SASL "SASL man pages"
40 .TH sasl_client_new 3 "21 June 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_client_new \- Create a new client authentication object
4343
121121 Not enough memory to complete operation
122122
123123 .SH "CONFORMING TO"
124 RFC 2222
124 RFC 4422
125125 .SH "SEE ALSO"
126126 sasl(3), sasl_client_init(3), sasl_client_start(3), sasl_client_step(3), sasl_setprop(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_client_start "10 July 2001" SASL "SASL man pages"
40 .TH sasl_client_start 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_client_start \- Begin an authentication negotiation
4343 .SH SYNOPSIS
7272
7373 .PP
7474 .I mechlist
75 is a list of mechanisms the server has available. Punctuation if ignored.
75 is a list of mechanisms the server has available. Punctuation is ignored.
7676 .PP
7777 .I prompt_need
7878 is filled in with a list of prompts needed to continue (if necessary).
106106 session should be quit.
107107
108108 .SH "CONFORMING TO"
109 RFC 2222
109 RFC 4422
110110 .SH "SEE ALSO"
111111 sasl(3), sasl_callbacks(3), sasl_errors(3), sasl_client_init(3), sasl_client_new(3), sasl_client_step(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_client_step "10 July 2001" SASL "SASL man pages"
40 .TH sasl_client_step 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_client_step \- Perform a step in the authentication negotiation
4343
9999 should either be handled or the authentication session should be quit.
100100
101101 .SH "CONFORMING TO"
102 RFC 2222
102 RFC 4422
103103 .SH "SEE ALSO"
104104 sasl(3), sasl_callbacks(3), sasl_errors(3), sasl_client_init(3), sasl_client_new(3), sasl_client_start(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_decode "10 July 2001" SASL "SASL man pages"
40 .TH sasl_decode 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_decode \- Decode data received
4343
7777 codes.
7878
7979 .SH "CONFORMING TO"
80 RFC 2222
80 RFC 4422
8181 .SH "SEE ALSO"
8282 sasl(3), sasl_errors(3), sasl_encode(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_dispose "10 July 2001" SASL "SASL man pages"
40 .TH sasl_dispose 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_dispose \- Dispose of a SASL connection object
4343
6363 No return values
6464
6565 .SH "CONFORMING TO"
66 RFC 2222
66 RFC 4422
6767 .SH "SEE ALSO"
6868 sasl(3), sasl_server_new(3), sasl_client_new(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_done "10 July 2001" SASL "SASL man pages"
40 .TH sasl_done 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_done \- Dispose of a SASL connection object
4343
6060 No return values
6161
6262 .SH "CONFORMING TO"
63 RFC 2222
63 RFC 4422
6464 .SH "SEE ALSO"
6565 sasl(3), sasl_server_init(3), sasl_client_init(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_encode "10 July 2001" SASL "SASL man pages"
40 .TH sasl_encode 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_encode \- Encode data for transport to authenticated host
4343
7676 codes.
7777
7878 .SH "CONFORMING TO"
79 RFC 2222
79 RFC 4422
8080 .SH "SEE ALSO"
8181 sasl(3), sasl_errors(3), sasl_decode(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_encode "10 July 2001" SASL "SASL man pages"
40 .TH sasl_encode 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_encode \- Encode data for transport to authenticated host
4343
7676 codes.
7777
7878 .SH "CONFORMING TO"
79 RFC 2222
79 RFC 4422
8080 .SH "SEE ALSO"
8181 sasl(3), sasl_errors(3), sasl_decode(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_errdetail "10 July 2001" SASL "SASL man pages"
40 .TH sasl_errdetail 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_errdetail \- Retrieve detailed information about an error
4343
6363 no error has occurred, or there was an error retrieving it.
6464
6565 .SH "CONFORMING TO"
66 RFC 2222
66 RFC 4422
6767 .SH "SEE ALSO"
6868 sasl(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_errors "10 July 2001" SASL "SASL man pages"
40 .TH sasl_errors 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_errors \- SASL error codes
4343
148148 User supplied passwords are not permitted
149149
150150 .SH "CONFORMING TO"
151 RFC 2222
151 RFC 4422
152152
153153 .SH "SEE ALSO"
154154 sasl(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_errstring "10 July 2001" SASL "SASL man pages"
40 .TH sasl_errstring 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_errstring \- Translate a SASL return code to a human-readable form
4343
7979 Returns the string. If langlist is NULL, US-ASCII is used.
8080 .PP
8181 .SH "CONFORMING TO"
82 RFC 2222
82 RFC 4422
8383 .SH "SEE ALSO"
8484 sasl(3), sasl_errdetail(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_getconfpath_t "12 February 2006" SASL "SASL man pages"
40 .TH sasl_getconfpath_t 3 "12 February 2006" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_getconfpath_t \- The SASL callback to indicate location of the config files
4343
6262 SASL callback functions should return SASL return codes. See sasl.h for a complete list. SASL_OK indicates success.
6363
6464 .SH "CONFORMING TO"
65 RFC 2222
65 RFC 4422
6666 .SH "SEE ALSO"
6767 sasl(3), sasl_callbacks(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_getopt_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_getopt_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_getopt_t \- The SASL get option callback
4343
7878 SASL callback functions should return SASL return codes. See sasl.h for a complete list. SASL_OK indicates success.
7979
8080 .SH "CONFORMING TO"
81 RFC 2222
81 RFC 4422
8282 .SH "SEE ALSO"
8383 sasl(3), sasl_callbacks(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_getpath_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_getpath_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_getpath_t \- The SASL callback to indicate location of the mechanism drivers
4343
6262 SASL callback functions should return SASL return codes. See sasl.h for a complete list. SASL_OK indicates success.
6363
6464 .SH "CONFORMING TO"
65 RFC 2222
65 RFC 4422
6666 .SH "SEE ALSO"
6767 sasl(3), sasl_callbacks(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_getprop "10 July 2001" SASL "SASL man pages"
40 .TH sasl_getprop 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_getprop \- Get a SASL property
4343
9090 Returns SASL_OK on success. SASL error code on failure.
9191
9292 .SH "CONFORMING TO"
93 RFC 2222
93 RFC 4422
9494 .SH "SEE ALSO"
9595 sasl(3), sasl_errors(3), sasl_server_new(3), sasl_client_new(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_getrealm_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_getrealm_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_getrealm_t \- Realm Acquisition Callback
4343
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_getsecret_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_getsecret_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_getsecret_t \- The SASL callback for secrets (passwords)
4343
6868 SASL callback functions should return SASL return codes. See sasl.h for a complete list. SASL_OK indicates success.
6969
7070 .SH "CONFORMING TO"
71 RFC 2222
71 RFC 4422
7272 .SH "SEE ALSO"
7373 sasl(3), sasl_callbacks(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_getsimple_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_getsimple_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_getsimple_t \- The SASL callback for username/authname/realm
4343
7575 SASL callback functions should return SASL return codes. See sasl.h for a complete list. SASL_OK indicates success.
7676
7777 .SH "CONFORMING TO"
78 RFC 2222
78 RFC 4422
7979 .SH "SEE ALSO"
8080 sasl(3), sasl_callbacks(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_listmech "10 July 2001" SASL "SASL man pages"
40 .TH sasl_listmech 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_listmech \- Retrieve a list of the supported SASL mechanisms
4343 .SH SYNOPSIS
5959 uninitialized).
6060
6161 .SH "CONFORMING TO"
62 RFC 2222
62 RFC 4422
6363 .SH "SEE ALSO"
6464 sasl(3), sasl_listmech(3), sasl_server_init(3), sasl_client_init(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_idle "10 July 2001" SASL "SASL man pages"
40 .TH sasl_idle 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_idle \- Perform precalculations during an idle period
4343
6262 Returns 1 if action was taken, 0 if no action was taken.
6363
6464 .SH "CONFORMING TO"
65 RFC 2222
65 RFC 4422
6666 .SH "SEE ALSO"
6767 sasl(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_listmech "10 July 2001" SASL "SASL man pages"
40 .TH sasl_listmech 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_listmech \- Retrieve a list of the supported SASL mechanisms
4343 .SH SYNOPSIS
9191 Returns SASL_OK on success. SASL error code on failure.
9292
9393 .SH "CONFORMING TO"
94 RFC 2222
94 RFC 4422
9595 .SH "SEE ALSO"
9696 sasl(3), sasl_errors(3), sasl_server_new(3), sasl_client_new(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_log_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_log_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_log_t \- The SASL logging callback
4343
6464 SASL callback functions should return SASL return codes. See sasl.h for a complete list. SASL_OK indicates success.
6565
6666 .SH "CONFORMING TO"
67 RFC 2222
67 RFC 4422
6868 .SH "SEE ALSO"
6969 sasl(3), sasl_callbacks(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_server_init "10 July 2001" SASL "SASL man pages"
40 .TH sasl_server_init 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_server_init \- SASL server authentication initialization
4343
7777 authentication session should be quit.
7878
7979 .SH "CONFORMING TO"
80 RFC 2222
80 RFC 4422
8181 .SH "SEE ALSO"
8282 sasl(3), sasl_callbacks(3), sasl_errors(3), sasl_server_new(3), sasl_server_start(3), sasl_server_step(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_server_new "16 May 2001" SASL "SASL man pages"
40 .TH sasl_server_new 3 "16 May 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_server_new \- Create a new server authentication object
4343
109109 authentication session should be quit.
110110
111111 .SH "CONFORMING TO"
112 RFC 2222
112 RFC 4422
113113 .SH "SEE ALSO"
114114 sasl(3), sasl_errors(3), sasl_server_init(3), sasl_server_start(3), sasl_server_step(3), sasl_setprop(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_server_start "10 July 2001" SASL "SASL man pages"
40 .TH sasl_server_start 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_server_start \- Begin an authentication negotiation
4343
9999 session should be quit.
100100
101101 .SH "CONFORMING TO"
102 RFC 2222
102 RFC 4422
103103 .SH "SEE ALSO"
104104 sasl(3), sasl_errors(3), sasl_server_init(3), sasl_server_new(3), sasl_server_step(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_server_step "10 July 2001" SASL "SASL man pages"
40 .TH sasl_server_step 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_server_step \- Perform a step in the authentication negotiation
4343
8484 should either be handled or the authentication session should be quit.
8585
8686 .SH "CONFORMING TO"
87 RFC 2222
87 RFC 4422
8888 .SH "SEE ALSO"
8989 sasl(3), sasl_errors(3), sasl_server_init(3), sasl_server_new(3), sasl_server_start(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_server_userdb_checkpass_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_server_userdb_checkpass_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_server_userdb_checkpass_t \- Plaintext Password Verification Callback
4343
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_server_userdb_setpass_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_server_userdb_setpass_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_server_userdb_setpass_t \- UserDB Plaintext Password Setting Callback
4343
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_setpass "10 July 2001" SASL "SASL man pages"
40 .TH sasl_setpass 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_setpass \- Check a plaintext password
4343 .SH SYNOPSIS
8585 Returns SASL_OK on success. SASL error code on failure.
8686
8787 .SH "CONFORMING TO"
88 RFC 2222
88 RFC 4422
8989 .SH "SEE ALSO"
9090 sasl(3), sasl_errors(3), sasl_checkpass(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_setprop "10 July 2001" SASL "SASL man pages"
40 .TH sasl_setprop 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_setprop \- Set a SASL property
4343 .SH SYNOPSIS
7777 Returns SASL_OK on success. SASL error code on failure.
7878
7979 .SH "CONFORMING TO"
80 RFC 2222
80 RFC 4422
8181 .SH "SEE ALSO"
8282 sasl(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_user_exists "10 July 2001" SASL "SASL man pages"
40 .TH sasl_user_exists 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_user_exists \- Check if a user exists on server
4343
7272 Returns SASL_OK on success. SASL error code on failure.
7373
7474 .SH "CONFORMING TO"
75 RFC 2222
75 RFC 4422
7676 .SH "SEE ALSO"
7777 sasl(3), sasl_errors(3)
3737 .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
3838 .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
3939 .\"
40 .TH sasl_verifyfile_t "10 July 2001" SASL "SASL man pages"
40 .TH sasl_verifyfile_t 3 "10 July 2001" SASL "SASL man pages"
4141 .SH NAME
4242 sasl_verifyfile_t \- The SASL file verification
4343
00 # Makefile.am for the SASL plugins
11 # Rob Siemborski
22 # Rob Earhart
3 # $Id: Makefile.am,v 1.78.2.1 2009/04/27 17:58:26 murch Exp $
3 # $Id: Makefile.am,v 1.80 2009/05/07 13:49:31 murch Exp $
44 #
55 ################################################################
66 # Copyright (c) 2000 Carnegie Mellon University. All rights reserved.
4545
4646 # Library version info - here at the top, for sanity
4747 # CURRENT:REVISION:AGE
48 anonymous_version = 2:23:0
49 digestmd5_version = 2:23:0
50 kerberos4_version = 2:23:0
51 gssapiv2_version = 2:23:0
52 crammd5_version = 2:23:0
53 passdss_version = 2:23:0
54 sasldb_version = 2:23:0
55 login_version = 2:23:0
56 plain_version = 2:23:0
57 ntlm_version = 2:23:0
58 otp_version = 2:23:0
59 sql_version = 2:23:0
60 ldapdb_version = 2:23:0
61 srp_version = 2:23:0
48 plugin_version = 2:24:0
6249
6350 INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include
64 AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir)
51 AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir) -version-info $(plugin_version)
6552
6653 COMPAT_OBJS = @LTGETADDRINFOOBJS@ @LTGETNAMEINFOOBJS@ @LTSNPRINTFOBJS@
6754
8168 libntlm.la libpassdss.la libsasldb.la libsql.la libldapdb.la
8269
8370 libplain_la_SOURCES = plain.c plain_init.c $(common_sources)
84 libplain_la_LDFLAGS = -version-info $(plain_version)
8571 libplain_la_DEPENDENCIES = $(COMPAT_OBJS)
8672 libplain_la_LIBADD = $(PLAIN_LIBS) $(COMPAT_OBJS)
8773
8874 libanonymous_la_SOURCES = anonymous.c anonymous_init.c $(common_sources)
89 libanonymous_la_LDFLAGS = -version-info $(anonymous_version)
9075 libanonymous_la_DEPENDENCIES = $(COMPAT_OBJS)
9176 libanonymous_la_LIBADD = $(COMPAT_OBJS)
9277
9378 libkerberos4_la_SOURCES = kerberos4.c kerberos4_init.c $(common_sources)
94 libkerberos4_la_LDFLAGS = -version-info $(kerberos4_version)
9579 libkerberos4_la_DEPENDENCIES = $(COMPAT_OBJS)
9680 libkerberos4_la_LIBADD = $(SASL_KRB_LIB) $(LIB_SOCKET) $(COMPAT_OBJS)
9781
9882 libgssapiv2_la_SOURCES = gssapi.c gssapiv2_init.c $(common_sources)
99 libgssapiv2_la_LDFLAGS = -version-info $(gssapiv2_version)
10083 libgssapiv2_la_DEPENDENCIES = $(COMPAT_OBJS)
10184 libgssapiv2_la_LIBADD = $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(LIB_SOCKET) $(COMPAT_OBJS)
10285
10386 libcrammd5_la_SOURCES = cram.c crammd5_init.c $(common_sources)
104 libcrammd5_la_LDFLAGS = -version-info $(crammd5_version)
10587 libcrammd5_la_DEPENDENCIES = $(COMPAT_OBJS)
10688 libcrammd5_la_LIBADD = $(COMPAT_OBJS)
10789
10890 libdigestmd5_la_SOURCES = digestmd5.c digestmd5_init.c $(common_sources)
109 libdigestmd5_la_LDFLAGS = -version-info $(digestmd5_version)
11091 libdigestmd5_la_DEPENDENCIES = $(COMPAT_OBJS)
11192 libdigestmd5_la_LIBADD = $(LIB_DES) $(LIB_SOCKET) $(COMPAT_OBJS)
11293
11394 liblogin_la_SOURCES = login.c login_init.c $(common_sources)
114 liblogin_la_LDFLAGS = -version-info $(login_version)
11595 liblogin_la_DEPENDENCIES = $(COMPAT_OBJS)
11696 liblogin_la_LIBADD = $(PLAIN_LIBS) $(COMPAT_OBJS)
11797
11898 libsrp_la_SOURCES = srp.c srp_init.c $(common_sources)
119 libsrp_la_LDFLAGS = -version-info $(srp_version)
12099 libsrp_la_DEPENDENCIES = $(COMPAT_OBJS)
121100 libsrp_la_LIBADD = $(SRP_LIBS) $(COMPAT_OBJS)
122101
123102 libotp_la_SOURCES = otp.c otp_init.c otp.h $(common_sources)
124 libotp_la_LDFLAGS = -version-info $(otp_version)
125103 libotp_la_DEPENDENCIES = $(COMPAT_OBJS)
126104 libotp_la_LIBADD = $(OTP_LIBS) $(COMPAT_OBJS)
127105
128106 libntlm_la_SOURCES = ntlm.c ntlm_init.c $(common_sources)
129 libntlm_la_LDFLAGS = -version-info $(ntlm_version)
130107 libntlm_la_DEPENDENCIES = $(COMPAT_OBJS)
131108 libntlm_la_LIBADD = $(NTLM_LIBS) $(COMPAT_OBJS)
132109
133110 libpassdss_la_SOURCES = passdss.c passdss_init.c $(common_sources)
134 libpassdss_la_LDFLAGS = -version-info $(passdss_version)
135111 libpassdss_la_DEPENDENCIES = $(COMPAT_OBJS)
136112 libpassdss_la_LIBADD = $(PASSDSS_LIBS) $(COMPAT_OBJS)
137113
138114 # Auxprop Plugins
139115 libsasldb_la_SOURCES = sasldb.c sasldb_init.c $(common_sources)
140 libsasldb_la_LDFLAGS = -version-info $(sasldb_version)
141116 libsasldb_la_DEPENDENCIES = $(COMPAT_OBJS)
142117 libsasldb_la_LIBADD = ../sasldb/libsasldb.la $(SASL_DB_LIB) $(COMPAT_OBJS)
143118
144119 libldapdb_la_SOURCES = ldapdb.c ldapdb_init.c $(common_sources)
145 libldapdb_la_LDFLAGS = $(LIB_LDAP) -version-info $(ldapdb_version)
146120 libldapdb_la_DEPENDENCIES = $(COMPAT_OBJS)
147121 libldapdb_la_LIBADD = $(COMPAT_OBJS)
148122
149123 libsql_la_SOURCES = sql.c sql_init.c $(common_sources)
150 libsql_la_LDFLAGS = $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -version-info $(sql_version)
124 libsql_la_LDFLAGS = $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) $(AM_LDFLAGS)
151125 libsql_la_DEPENDENCIES = $(COMPAT_OBJS)
152126 libsql_la_LIBADD = $(COMPAT_OBJS)
153127
1616 # Makefile.am for the SASL plugins
1717 # Rob Siemborski
1818 # Rob Earhart
19 # $Id: Makefile.am,v 1.78.2.1 2009/04/27 17:58:26 murch Exp $
19 # $Id: Makefile.am,v 1.80 2009/05/07 13:49:31 murch Exp $
2020 #
2121 ################################################################
2222 # Copyright (c) 2000 Carnegie Mellon University. All rights reserved.
135135 LIB_PGSQL = @LIB_PGSQL@
136136 LIB_SOCKET = @LIB_SOCKET@
137137 LIB_SQLITE = @LIB_SQLITE@
138 LIB_SQLITE3 = @LIB_SQLITE3@
138139 LN_S = @LN_S@
139140 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
140141 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
237238
238239 # Library version info - here at the top, for sanity
239240 # CURRENT:REVISION:AGE
240 anonymous_version = 2:23:0
241 digestmd5_version = 2:23:0
242 kerberos4_version = 2:23:0
243 gssapiv2_version = 2:23:0
244 crammd5_version = 2:23:0
245 passdss_version = 2:23:0
246 sasldb_version = 2:23:0
247 login_version = 2:23:0
248 plain_version = 2:23:0
249 ntlm_version = 2:23:0
250 otp_version = 2:23:0
251 sql_version = 2:23:0
252 ldapdb_version = 2:23:0
253 srp_version = 2:23:0
241 plugin_version = 2:24:0
254242
255243 INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include
256 AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir)
244 AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir) -version-info $(plugin_version)
257245
258246 COMPAT_OBJS = @LTGETADDRINFOOBJS@ @LTGETNAMEINFOOBJS@ @LTSNPRINTFOBJS@
259247
270258
271259
272260 libplain_la_SOURCES = plain.c plain_init.c $(common_sources)
273 libplain_la_LDFLAGS = -version-info $(plain_version)
274261 libplain_la_DEPENDENCIES = $(COMPAT_OBJS)
275262 libplain_la_LIBADD = $(PLAIN_LIBS) $(COMPAT_OBJS)
276263
277264 libanonymous_la_SOURCES = anonymous.c anonymous_init.c $(common_sources)
278 libanonymous_la_LDFLAGS = -version-info $(anonymous_version)
279265 libanonymous_la_DEPENDENCIES = $(COMPAT_OBJS)
280266 libanonymous_la_LIBADD = $(COMPAT_OBJS)
281267
282268 libkerberos4_la_SOURCES = kerberos4.c kerberos4_init.c $(common_sources)
283 libkerberos4_la_LDFLAGS = -version-info $(kerberos4_version)
284269 libkerberos4_la_DEPENDENCIES = $(COMPAT_OBJS)
285270 libkerberos4_la_LIBADD = $(SASL_KRB_LIB) $(LIB_SOCKET) $(COMPAT_OBJS)
286271
287272 libgssapiv2_la_SOURCES = gssapi.c gssapiv2_init.c $(common_sources)
288 libgssapiv2_la_LDFLAGS = -version-info $(gssapiv2_version)
289273 libgssapiv2_la_DEPENDENCIES = $(COMPAT_OBJS)
290274 libgssapiv2_la_LIBADD = $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(LIB_SOCKET) $(COMPAT_OBJS)
291275
292276 libcrammd5_la_SOURCES = cram.c crammd5_init.c $(common_sources)
293 libcrammd5_la_LDFLAGS = -version-info $(crammd5_version)
294277 libcrammd5_la_DEPENDENCIES = $(COMPAT_OBJS)
295278 libcrammd5_la_LIBADD = $(COMPAT_OBJS)
296279
297280 libdigestmd5_la_SOURCES = digestmd5.c digestmd5_init.c $(common_sources)
298 libdigestmd5_la_LDFLAGS = -version-info $(digestmd5_version)
299281 libdigestmd5_la_DEPENDENCIES = $(COMPAT_OBJS)
300282 libdigestmd5_la_LIBADD = $(LIB_DES) $(LIB_SOCKET) $(COMPAT_OBJS)
301283
302284 liblogin_la_SOURCES = login.c login_init.c $(common_sources)
303 liblogin_la_LDFLAGS = -version-info $(login_version)
304285 liblogin_la_DEPENDENCIES = $(COMPAT_OBJS)
305286 liblogin_la_LIBADD = $(PLAIN_LIBS) $(COMPAT_OBJS)
306287
307288 libsrp_la_SOURCES = srp.c srp_init.c $(common_sources)
308 libsrp_la_LDFLAGS = -version-info $(srp_version)
309289 libsrp_la_DEPENDENCIES = $(COMPAT_OBJS)
310290 libsrp_la_LIBADD = $(SRP_LIBS) $(COMPAT_OBJS)
311291
312292 libotp_la_SOURCES = otp.c otp_init.c otp.h $(common_sources)
313 libotp_la_LDFLAGS = -version-info $(otp_version)
314293 libotp_la_DEPENDENCIES = $(COMPAT_OBJS)
315294 libotp_la_LIBADD = $(OTP_LIBS) $(COMPAT_OBJS)
316295
317296 libntlm_la_SOURCES = ntlm.c ntlm_init.c $(common_sources)
318 libntlm_la_LDFLAGS = -version-info $(ntlm_version)
319297 libntlm_la_DEPENDENCIES = $(COMPAT_OBJS)
320298 libntlm_la_LIBADD = $(NTLM_LIBS) $(COMPAT_OBJS)
321299
322300 libpassdss_la_SOURCES = passdss.c passdss_init.c $(common_sources)
323 libpassdss_la_LDFLAGS = -version-info $(passdss_version)
324301 libpassdss_la_DEPENDENCIES = $(COMPAT_OBJS)
325302 libpassdss_la_LIBADD = $(PASSDSS_LIBS) $(COMPAT_OBJS)
326303
327304 # Auxprop Plugins
328305 libsasldb_la_SOURCES = sasldb.c sasldb_init.c $(common_sources)
329 libsasldb_la_LDFLAGS = -version-info $(sasldb_version)
330306 libsasldb_la_DEPENDENCIES = $(COMPAT_OBJS)
331307 libsasldb_la_LIBADD = ../sasldb/libsasldb.la $(SASL_DB_LIB) $(COMPAT_OBJS)
332308
333309 libldapdb_la_SOURCES = ldapdb.c ldapdb_init.c $(common_sources)
334 libldapdb_la_LDFLAGS = $(LIB_LDAP) -version-info $(ldapdb_version)
335310 libldapdb_la_DEPENDENCIES = $(COMPAT_OBJS)
336311 libldapdb_la_LIBADD = $(COMPAT_OBJS)
337312
338313 libsql_la_SOURCES = sql.c sql_init.c $(common_sources)
339 libsql_la_LDFLAGS = $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -version-info $(sql_version)
314 libsql_la_LDFLAGS = $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) $(AM_LDFLAGS)
340315 libsql_la_DEPENDENCIES = $(COMPAT_OBJS)
341316 libsql_la_LIBADD = $(COMPAT_OBJS)
342317
355330 CONFIG_CLEAN_FILES =
356331 LTLIBRARIES = $(sasl_LTLIBRARIES)
357332
333 libanonymous_la_LDFLAGS =
358334 am__objects_1 = plugin_common.lo
359335 am_libanonymous_la_OBJECTS = anonymous.lo anonymous_init.lo \
360336 $(am__objects_1)
361337 libanonymous_la_OBJECTS = $(am_libanonymous_la_OBJECTS)
338 libcrammd5_la_LDFLAGS =
362339 am_libcrammd5_la_OBJECTS = cram.lo crammd5_init.lo $(am__objects_1)
363340 libcrammd5_la_OBJECTS = $(am_libcrammd5_la_OBJECTS)
341 libdigestmd5_la_LDFLAGS =
364342 am_libdigestmd5_la_OBJECTS = digestmd5.lo digestmd5_init.lo \
365343 $(am__objects_1)
366344 libdigestmd5_la_OBJECTS = $(am_libdigestmd5_la_OBJECTS)
345 libgssapiv2_la_LDFLAGS =
367346 am_libgssapiv2_la_OBJECTS = gssapi.lo gssapiv2_init.lo $(am__objects_1)
368347 libgssapiv2_la_OBJECTS = $(am_libgssapiv2_la_OBJECTS)
348 libkerberos4_la_LDFLAGS =
369349 am_libkerberos4_la_OBJECTS = kerberos4.lo kerberos4_init.lo \
370350 $(am__objects_1)
371351 libkerberos4_la_OBJECTS = $(am_libkerberos4_la_OBJECTS)
352 libldapdb_la_LDFLAGS =
372353 am_libldapdb_la_OBJECTS = ldapdb.lo ldapdb_init.lo $(am__objects_1)
373354 libldapdb_la_OBJECTS = $(am_libldapdb_la_OBJECTS)
355 liblogin_la_LDFLAGS =
374356 am_liblogin_la_OBJECTS = login.lo login_init.lo $(am__objects_1)
375357 liblogin_la_OBJECTS = $(am_liblogin_la_OBJECTS)
358 libntlm_la_LDFLAGS =
376359 am_libntlm_la_OBJECTS = ntlm.lo ntlm_init.lo $(am__objects_1)
377360 libntlm_la_OBJECTS = $(am_libntlm_la_OBJECTS)
361 libotp_la_LDFLAGS =
378362 am_libotp_la_OBJECTS = otp.lo otp_init.lo $(am__objects_1)
379363 libotp_la_OBJECTS = $(am_libotp_la_OBJECTS)
364 libpassdss_la_LDFLAGS =
380365 am_libpassdss_la_OBJECTS = passdss.lo passdss_init.lo $(am__objects_1)
381366 libpassdss_la_OBJECTS = $(am_libpassdss_la_OBJECTS)
367 libplain_la_LDFLAGS =
382368 am_libplain_la_OBJECTS = plain.lo plain_init.lo $(am__objects_1)
383369 libplain_la_OBJECTS = $(am_libplain_la_OBJECTS)
370 libsasldb_la_LDFLAGS =
384371 am_libsasldb_la_OBJECTS = sasldb.lo sasldb_init.lo $(am__objects_1)
385372 libsasldb_la_OBJECTS = $(am_libsasldb_la_OBJECTS)
386373 am_libsql_la_OBJECTS = sql.lo sql_init.lo $(am__objects_1)
387374 libsql_la_OBJECTS = $(am_libsql_la_OBJECTS)
375 libsrp_la_LDFLAGS =
388376 am_libsrp_la_OBJECTS = srp.lo srp_init.lo $(am__objects_1)
389377 libsrp_la_OBJECTS = $(am_libsrp_la_OBJECTS)
390378 SCRIPTS = $(noinst_SCRIPTS)
3232 PLUGINS_EXT=$(PLUGINS_EXT) saslSQLITE.dll
3333 SQL_FLAGS= $(SQLITE_INCLUDES) /DHAVE_SQLITE=1
3434 SQLITE_LIBS = /libpath:$(SQLITE_LIBPATH) libsqlite.lib
35 !ENDIF
36 !IF "$(SQL)" == "SQLITE3"
37 PLUGINS_EXT=$(PLUGINS_EXT) saslSQLITE.dll
38 SQL_FLAGS= $(SQLITE_INCLUDES3) /DHAVE_SQLITE3=1
39 SQLITE_LIBS = /libpath:$(SQLITE_LIBPATH3) libsqlite3.lib
3540 !ENDIF
3641
3742 PLUGINS=saslANONYMOUS.dll \
178183 saslANONYMOUS.dll: $(saslANONYMOUS_objs) saslANONYMOUS.res
179184 $(LINK32DLL) @<< $(LINK32DLL_FLAGS) /out:"saslANONYMOUS.dll" /implib:"saslANONYMOUS.lib" $(saslANONYMOUS_objs) saslANONYMOUS.res
180185 <<
186 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
181187
182188 saslPLAIN.dll: $(saslPLAIN_objs) saslPLAIN.res
183189 $(LINK32DLL) @<< $(LINK32DLL_FLAGS) /out:"saslPLAIN.dll" /implib:"saslPLAIN.lib" $(saslPLAIN_objs) saslPLAIN.res
184190 <<
191 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
185192
186193 saslCRAMMD5.dll: $(saslCRAMMD5_objs) saslCRAMMD5.res
187194 $(LINK32DLL) @<< $(LINK32DLL_FLAGS) /out:"saslCRAMMD5.dll" /implib:"saslCRAMMD5.lib" $(saslCRAMMD5_objs) saslCRAMMD5.res
188195 <<
196 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
189197
190198 saslDIGESTMD5.dll: $(saslDIGESTMD5_objs) saslDIGESTMD5.res
191199 $(LINK32DLL) @<< $(LINK32DLL_FLAGS) /out:"saslDIGESTMD5.dll" /implib:"saslDIGESTMD5.lib" $(saslDIGESTMD5_objs) saslDIGESTMD5.res
192200 <<
201 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
193202
194203 saslLOGIN.dll: $(saslLOGIN_objs) saslLOGIN.res
195204 $(LINK32DLL) @<< $(LINK32DLL_FLAGS) /out:"saslLOGIN.dll" /implib:"saslLOGIN.lib" $(saslLOGIN_objs) saslLOGIN.res
196205 <<
206 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
197207
198208 saslNTLM.dll: $(saslNTLM_objs) saslNTLM.res
199209 $(LINK32DLL) @<< $(OPENSSL_LIBS) $(LINK32DLL_FLAGS) /out:"saslNTLM.dll" /implib:"saslNTLM.lib" $(saslNTLM_objs) saslNTLM.res
200210 <<
211 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
201212
202213 saslGSSAPI.dll: $(saslGSSAPI_objs) saslGSSAPI.res
203214 $(LINK32DLL) @<< $(GSS_LIBS) $(LINK32DLL_FLAGS) /out:"saslGSSAPI.dll" /implib:"saslGSSAPI.lib" $(saslGSSAPI_objs) saslGSSAPI.res
204215 <<
216 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
205217
206218 saslSRP.dll: $(saslSRP_objs) saslSRP.res
207219 $(LINK32DLL) @<< $(OPENSSL_LIBS) $(LINK32DLL_FLAGS) /out:"saslSRP.dll" /implib:"saslSRP.lib" $(saslSRP_objs) saslSRP.res
208220 <<
221 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
209222
210223 saslOTP.dll: $(saslOTP_objs) saslOTP.res
211224 $(LINK32DLL) @<< $(OPENSSL_LIBS) $(LINK32DLL_FLAGS) /out:"saslOTP.dll" /implib:"saslOTP.lib" $(saslOTP_objs) saslOTP.res
212225 <<
226 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
213227
214228 saslSASLDB.dll: $(saslSASLDB_objs) saslSASLDB.res
215229 $(LINK32DLL) @<< $(DB_LIBS) $(LINK32DLL_FLAGS) /out:"saslSASLDB.dll" /implib:"saslSASLDB.lib" $(saslSASLDB_objs) saslSASLDB.res
216230 <<
231 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
217232
218233 saslSQLITE.dll: $(saslSQL_objs) saslSQLITE.res
219234 $(LINK32DLL) @<< $(SQLITE_LIBS) $(LINK32DLL_FLAGS) /out:"saslSQLITE.dll" /implib:"saslSQLITE.lib" $(saslSQL_objs) saslSQLITE.res
220235 <<
236 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
221237
222238 saslLDAPDB.dll: $(saslLDAPDB_objs) saslLDAPDB.res
223239 $(LINK32DLL) @<< $(LDAP_LIBS) $(OPENSSL_LIBS) $(LINK32DLL_FLAGS) /out:"saslLDAPDB.dll" /implib:"saslLDAPDB.lib" $(saslLDAPDB_objs) saslLDAPDB.res
224240 <<
241 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;2
225242
226243 CLEAN :
227244 -@erase $(all_objs)
228245 -@erase "*.idb"
229246 -@erase "*.pdb"
247 -@erase "*.manifest"
230248 -@erase getaddrinfo.c
231249 -@erase allockey.c
232250 -@erase db_berkeley.c
278296 VALUE "FileDescription", "CMU SASL $(@B) plugin\0"
279297 VALUE "FileVersion", "$(SASL_VERSION_MAJOR).$(SASL_VERSION_MINOR).$(SASL_VERSION_STEP).0\0"
280298 VALUE "InternalName", "$(@B)\0"
281 VALUE "LegalCopyright", "Copyright (c) Carnegie Mellon University 2005\0"
299 VALUE "LegalCopyright", "Copyright (c) Carnegie Mellon University 2002-2009\0"
282300 VALUE "OriginalFilename", "$(@B).dll\0"
283301 VALUE "ProductName", "Carnegie Mellon University SASL\0"
284302 VALUE "ProductVersion", "$(SASL_VERSION_MAJOR).$(SASL_VERSION_MINOR).$(SASL_VERSION_STEP)-0"
00 /* Anonymous SASL plugin
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: anonymous.c,v 1.51 2004/09/08 11:10:52 mel Exp $
3 * $Id: anonymous.c,v 1.53 2009/02/13 14:46:47 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
5959
6060 /***************************** Common Section *****************************/
6161
62 static const char plugin_id[] = "$Id: anonymous.c,v 1.51 2004/09/08 11:10:52 mel Exp $";
62 static const char plugin_id[] = "$Id: anonymous.c,v 1.53 2009/02/13 14:46:47 mel Exp $";
6363
6464 static const char anonymous_id[] = "anonymous";
6565
156156 "ANONYMOUS", /* mech_name */
157157 0, /* max_ssf */
158158 SASL_SEC_NOPLAINTEXT, /* security_flags */
159 SASL_FEAT_WANT_CLIENT_FIRST, /* features */
159 SASL_FEAT_WANT_CLIENT_FIRST
160 | SASL_FEAT_DONTUSE_USERPASSWD, /* features */
160161 NULL, /* glob_context */
161162 &anonymous_server_mech_new, /* mech_new */
162163 &anonymous_server_mech_step, /* mech_step */
346347 utils->free(text);
347348 }
348349
349 static const long anonymous_required_prompts[] = {
350 static const unsigned long anonymous_required_prompts[] = {
350351 SASL_CB_LIST_END
351352 };
352353
22 * Rob Siemborski
33 * Tim Martin
44 * Alexey Melnikov
5 * $Id: digestmd5.c,v 1.180 2006/04/26 17:39:26 mel Exp $
5 * $Id: digestmd5.c,v 1.190 2009/02/20 22:55:58 mel Exp $
66 */
77 /*
88 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
121121
122122 /***************************** Common Section *****************************/
123123
124 static const char plugin_id[] = "$Id: digestmd5.c,v 1.180 2006/04/26 17:39:26 mel Exp $";
124 static const char plugin_id[] = "$Id: digestmd5.c,v 1.190 2009/02/20 22:55:58 mel Exp $";
125125
126126 /* Definitions */
127127 #define NONCE_SIZE (32) /* arbitrary */
203203 enum Context_type i_am; /* are we the client or server? */
204204 time_t timeout;
205205 void *mutex;
206 size_t size;
206 unsigned size;
207207
208208 reauth_entry_t *e; /* fixed-size hash table of entries */
209209 } reauth_cache_t;
274274 cipher_init_t *cipher_init;
275275 cipher_free_t *cipher_free;
276276 };
277
277 #if 0
278278 static const unsigned char *COLON = ":";
279
279 #else
280 static const unsigned char COLON[] = { ':', '\0' };
281 #endif
280282 /* Hashes a string to produce an unsigned short */
281283 static unsigned hash(const char *str)
282284 {
340342 utils->MD5Init(&Md5Ctx);
341343
342344 if (pszMethod != NULL) {
343 utils->MD5Update(&Md5Ctx, pszMethod, strlen((char *) pszMethod));
344 }
345 utils->MD5Update(&Md5Ctx, (unsigned char *) COLON, 1);
345 utils->MD5Update(&Md5Ctx, pszMethod, (unsigned) strlen((char *) pszMethod));
346 }
347 utils->MD5Update(&Md5Ctx, COLON, 1);
346348
347349 /* utils->MD5Update(&Md5Ctx, (unsigned char *) "AUTHENTICATE:", 13); */
348 utils->MD5Update(&Md5Ctx, pszDigestUri, strlen((char *) pszDigestUri));
350 utils->MD5Update(&Md5Ctx, pszDigestUri, (unsigned) strlen((char *) pszDigestUri));
349351 if (strcasecmp((char *) pszQop, "auth") != 0) {
350352 /* append ":00000000000000000000000000000000" */
351353 utils->MD5Update(&Md5Ctx, COLON, 1);
358360 utils->MD5Init(&Md5Ctx);
359361 utils->MD5Update(&Md5Ctx, HA1, HASHHEXLEN);
360362 utils->MD5Update(&Md5Ctx, COLON, 1);
361 utils->MD5Update(&Md5Ctx, pszNonce, strlen((char *) pszNonce));
363 utils->MD5Update(&Md5Ctx, pszNonce, (unsigned) strlen((char *) pszNonce));
362364 utils->MD5Update(&Md5Ctx, COLON, 1);
363365 if (*pszQop) {
364366 sprintf(ncvalue, "%08x", pszNonceCount);
365 utils->MD5Update(&Md5Ctx, ncvalue, strlen(ncvalue));
367 utils->MD5Update(&Md5Ctx, (unsigned char *) ncvalue, (unsigned) strlen(ncvalue));
366368 utils->MD5Update(&Md5Ctx, COLON, 1);
367 utils->MD5Update(&Md5Ctx, pszCNonce, strlen((char *) pszCNonce));
369 utils->MD5Update(&Md5Ctx, pszCNonce, (unsigned) strlen((char *) pszCNonce));
368370 utils->MD5Update(&Md5Ctx, COLON, 1);
369 utils->MD5Update(&Md5Ctx, pszQop, strlen((char *) pszQop));
371 utils->MD5Update(&Md5Ctx, pszQop, (unsigned) strlen((char *) pszQop));
370372 utils->MD5Update(&Md5Ctx, COLON, 1);
371373 }
372374 utils->MD5Update(&Md5Ctx, HA2Hex, HASHHEXLEN);
374376 CvtHex(RespHash, Response);
375377 }
376378
377 static bool UTF8_In_8859_1(const unsigned char *base, int len)
379 static bool UTF8_In_8859_1(const unsigned char *base, size_t len)
378380 {
379381 const unsigned char *scan, *end;
380382
416418 do {
417419 for (scan = base; scan < end && *scan < 0xC0; ++scan);
418420 if (scan != base)
419 utils->MD5Update(ctx, base, scan - base);
421 utils->MD5Update(ctx, base, (unsigned) (scan - base));
420422 if (scan + 1 >= end)
421423 break;
422424 cbuf = ((scan[0] & 0x3) << 6) | (scan[1] & 0x3f);
446448 /* We have to convert UTF-8 to ISO-8859-1 if possible */
447449 In_8859_1 = UTF8_In_8859_1(pszUserName, strlen((char *) pszUserName));
448450 MD5_UTF8_8859_1(utils, &Md5Ctx, In_8859_1,
449 pszUserName, strlen((char *) pszUserName));
451 pszUserName, (unsigned) strlen((char *) pszUserName));
450452
451453 utils->MD5Update(&Md5Ctx, COLON, 1);
452454
455457 /* We have to convert UTF-8 to ISO-8859-1 if possible */
456458 In_8859_1 = UTF8_In_8859_1(pszRealm, strlen((char *) pszRealm));
457459 MD5_UTF8_8859_1(utils, &Md5Ctx, In_8859_1,
458 pszRealm, strlen((char *) pszRealm));
460 pszRealm, (unsigned) strlen((char *) pszRealm));
459461 }
460462
461463 utils->MD5Update(&Md5Ctx, COLON, 1);
507509 unsigned char *value,
508510 bool need_quotes)
509511 {
510 int namesize = strlen(name);
511 int valuesize = strlen((char *) value);
512 size_t namesize = strlen(name);
513 size_t valuesize = strlen((char *) value);
514 unsigned newlen;
512515 int ret;
513516
514 ret = _plug_buf_alloc(utils, str, buflen,
515 *curlen + 1 + namesize + 2 + valuesize + 2);
517 newlen = (unsigned) (*curlen + 1 + namesize + 2 + valuesize + 2);
518 ret = _plug_buf_alloc(utils, str, buflen, newlen);
516519 if(ret != SASL_OK) return ret;
517520
518521 if (*curlen > 0) {
531534 valuesize = strlen(quoted);
532535 /* As the quoted string is bigger, make sure we have enough
533536 space now */
534 ret = _plug_buf_alloc(utils, str, buflen,
535 *curlen + 1 + namesize + 2 + valuesize + 2);
537 ret = _plug_buf_alloc(utils, str, buflen, newlen);
536538 if (ret == SASL_OK) {
537539 strcat(*str, quoted);
538540 free (quoted);
549551 strcat(*str, (char *) value);
550552 }
551553
552 *curlen = *curlen + 1 + namesize + 2 + valuesize + 2;
554 *curlen = newlen;
553555 return SASL_OK;
554556 }
555557
558 static int is_lws_char (char c)
559 {
560 return (c == ' ' || c == HT || c == CR || c == LF);
561 }
562
556563 static char *skip_lws (char *s)
557564 {
558565 if (!s) return NULL;
559566
560567 /* skipping spaces: */
561 while (s[0] == ' ' || s[0] == HT || s[0] == CR || s[0] == LF) {
568 while (is_lws_char(s[0])) {
562569 if (s[0] == '\0') break;
563570 s++;
564571 }
747754 static void get_pair(char **in, char **name, char **value)
748755 {
749756 char *endpair;
750 /* int inQuotes; */
751757 char *curp = *in;
752758 *name = NULL;
753759 *value = NULL;
754760
755761 if (curp == NULL) return;
756 if (curp[0] == '\0') return;
757
758 /* skipping spaces: */
759 curp = skip_lws(curp);
760
762
763 while (curp[0] != '\0') {
764 /* skipping spaces: */
765 curp = skip_lws(curp);
766
767 /* 'LWS "," LWS "," ...' is allowed by the DIGEST-MD5 ABNF */
768 if (curp[0] == ',') {
769 curp++;
770 } else {
771 break;
772 }
773 }
774
775 if (curp[0] == '\0') {
776 /* End of the string is not an error */
777 *name = "";
778 return;
779 }
780
761781 *name = curp;
762782
763783 curp = skip_token(curp,1);
784804 endpair = unquote (curp);
785805 if (endpair == NULL) { /* Unbalanced quotes */
786806 *name = NULL;
807 *value = NULL;
787808 return;
788809 }
789 if (endpair[0] != ',') {
790 if (endpair[0]!='\0') {
791 *endpair++ = '\0';
792 }
793 }
794
795 endpair = skip_lws(endpair);
796
810
811 /* An optional LWS is allowed after the value. Skip it. */
812 if (is_lws_char (endpair[0])) {
813 /* Remove the trailing LWS from the value */
814 *endpair++ = '\0';
815 endpair = skip_lws(endpair);
816 }
817
797818 /* syntax check: MUST be '\0' or ',' */
798819 if (endpair[0] == ',') {
799820 endpair[0] = '\0';
800821 endpair++; /* skipping <,> */
801822 } else if (endpair[0] != '\0') {
802823 *name = NULL;
824 *value = NULL;
803825 return;
804826 }
805827
12641286 static int create_layer_keys(context_t *text,
12651287 const sasl_utils_t *utils,
12661288 HASH key, int keylen,
1267 char enckey[16], char deckey[16])
1289 unsigned char enckey[16],
1290 unsigned char deckey[16])
12681291 {
12691292 MD5_CTX Md5Ctx;
12701293
1294 utils->log(utils->conn, SASL_LOG_DEBUG,
1295 "DIGEST-MD5 create_layer_keys()");
1296
12711297 utils->MD5Init(&Md5Ctx);
12721298 utils->MD5Update(&Md5Ctx, key, keylen);
12731299 if (text->i_am == SERVER) {
12741300 utils->MD5Update(&Md5Ctx, (const unsigned char *) SEALING_SERVER_CLIENT,
1275 strlen(SEALING_SERVER_CLIENT));
1301 (unsigned) strlen(SEALING_SERVER_CLIENT));
12761302 } else {
12771303 utils->MD5Update(&Md5Ctx, (const unsigned char *) SEALING_CLIENT_SERVER,
1278 strlen(SEALING_CLIENT_SERVER));
1279 }
1280 utils->MD5Final((unsigned char *) enckey, &Md5Ctx);
1304 (unsigned) strlen(SEALING_CLIENT_SERVER));
1305 }
1306 utils->MD5Final(enckey, &Md5Ctx);
12811307
12821308 utils->MD5Init(&Md5Ctx);
12831309 utils->MD5Update(&Md5Ctx, key, keylen);
12841310 if (text->i_am != SERVER) {
1285 utils->MD5Update(&Md5Ctx, (const unsigned char *)SEALING_SERVER_CLIENT,
1286 strlen(SEALING_SERVER_CLIENT));
1311 utils->MD5Update(&Md5Ctx, (const unsigned char *) SEALING_SERVER_CLIENT,
1312 (unsigned) strlen(SEALING_SERVER_CLIENT));
12871313 } else {
1288 utils->MD5Update(&Md5Ctx, (const unsigned char *)SEALING_CLIENT_SERVER,
1289 strlen(SEALING_CLIENT_SERVER));
1290 }
1291 utils->MD5Final((unsigned char *) deckey, &Md5Ctx);
1314 utils->MD5Update(&Md5Ctx, (const unsigned char *) SEALING_CLIENT_SERVER,
1315 (unsigned) strlen(SEALING_CLIENT_SERVER));
1316 }
1317 utils->MD5Final(deckey, &Md5Ctx);
12921318
12931319 /* create integrity keys */
12941320 /* sending */
12961322 utils->MD5Update(&Md5Ctx, text->HA1, HASHLEN);
12971323 if (text->i_am == SERVER) {
12981324 utils->MD5Update(&Md5Ctx, (const unsigned char *)SIGNING_SERVER_CLIENT,
1299 strlen(SIGNING_SERVER_CLIENT));
1325 (unsigned) strlen(SIGNING_SERVER_CLIENT));
13001326 } else {
13011327 utils->MD5Update(&Md5Ctx, (const unsigned char *)SIGNING_CLIENT_SERVER,
1302 strlen(SIGNING_CLIENT_SERVER));
1328 (unsigned) strlen(SIGNING_CLIENT_SERVER));
13031329 }
13041330 utils->MD5Final(text->Ki_send, &Md5Ctx);
13051331
13081334 utils->MD5Update(&Md5Ctx, text->HA1, HASHLEN);
13091335 if (text->i_am != SERVER) {
13101336 utils->MD5Update(&Md5Ctx, (const unsigned char *)SIGNING_SERVER_CLIENT,
1311 strlen(SIGNING_SERVER_CLIENT));
1337 (unsigned) strlen(SIGNING_SERVER_CLIENT));
13121338 } else {
13131339 utils->MD5Update(&Md5Ctx, (const unsigned char *)SIGNING_CLIENT_SERVER,
1314 strlen(SIGNING_CLIENT_SERVER));
1340 (unsigned) strlen(SIGNING_CLIENT_SERVER));
13151341 }
13161342 utils->MD5Final(text->Ki_receive, &Md5Ctx);
13171343
13971423 text->utils->hmac_md5((const unsigned char *) text->encode_buf,
13981424 inblob->curlen + 4,
13991425 text->Ki_send, HASHLEN,
1400 text->encode_buf + inblob->curlen + 4);
1426 (unsigned char *) text->encode_buf +
1427 inblob->curlen + 4);
14011428
14021429 *outputlen = inblob->curlen + 10; /* for message + CMAC */
14031430 out+=inblob->curlen + 10;
14621489
14631490 if (seqnum != text->rec_seqnum) {
14641491 text->utils->seterror(text->utils->conn, 0,
1465 "Incorrect Sequence Number");
1492 "Incorrect Sequence Number: received %u, expected %u",
1493 seqnum,
1494 text->rec_seqnum);
14661495 return SASL_FAIL;
14671496 }
14681497
14931522 memcpy(*output, input, inputlen - 6);
14941523 *outputlen = inputlen - 16; /* -16 to skip HMAC, ver and seqnum */
14951524 }
1496 digest = *output + (inputlen - 16);
1525 digest = (unsigned char *) *output + (inputlen - 16);
14971526
14981527 /* check the CMAC */
14991528
15371566
15381567 if (!text || !utils) return;
15391568
1569 utils->log(utils->conn, SASL_LOG_DEBUG,
1570 "DIGEST-MD5 common mech dispose");
1571
15401572 if (text->authid) utils->free(text->authid);
15411573 if (text->realm) utils->free(text->realm);
15421574
15951627 reauth_cache_t *reauth_cache = my_glob_context->reauth;
15961628 size_t n;
15971629
1630 utils->log(utils->conn, SASL_LOG_DEBUG,
1631 "DIGEST-MD5 common mech free");
1632
15981633 if (!reauth_cache) return;
15991634
16001635 for (n = 0; n < reauth_cache->size; n++)
16331668 utils->MD5Init(&Md5Ctx);
16341669 utils->MD5Update(&Md5Ctx, HA1, HASHLEN);
16351670 utils->MD5Update(&Md5Ctx, COLON, 1);
1636 utils->MD5Update(&Md5Ctx, pszNonce, strlen((char *) pszNonce));
1671 utils->MD5Update(&Md5Ctx, pszNonce, (unsigned) strlen((char *) pszNonce));
16371672 utils->MD5Update(&Md5Ctx, COLON, 1);
1638 utils->MD5Update(&Md5Ctx, pszCNonce, strlen((char *) pszCNonce));
1673 utils->MD5Update(&Md5Ctx, pszCNonce, (unsigned) strlen((char *) pszCNonce));
16391674 if (authorization_id != NULL) {
16401675 utils->MD5Update(&Md5Ctx, COLON, 1);
1641 utils->MD5Update(&Md5Ctx, authorization_id, strlen((char *) authorization_id));
1676 utils->MD5Update(&Md5Ctx, authorization_id,
1677 (unsigned) strlen((char *) authorization_id));
16421678 }
16431679 utils->MD5Final(HA1, &Md5Ctx);
16441680
16931729 memcpy(result, Response, HASHHEXLEN);
16941730 result[HASHHEXLEN] = 0;
16951731
1696 /* response_value (used for reauth i think */
1732 /* response_value (used for reauth i think) */
16971733 if (response_value != NULL) {
1734 char * new_response_value;
1735
16981736 DigestCalcResponse(utils,
16991737 SessionKey, /* HEX(H(A1)) */
17001738 nonce, /* nonce from server */
17081746 Response /* request-digest or response-digest */
17091747 );
17101748
1711 *response_value = utils->malloc(HASHHEXLEN + 1);
1712 if (*response_value == NULL)
1749 new_response_value = utils->realloc(*response_value, HASHHEXLEN + 1);
1750 if (new_response_value == NULL) {
1751 free (*response_value);
1752 *response_value = NULL;
17131753 return NULL;
1754 }
1755 *response_value = new_response_value;
1756
17141757 memcpy(*response_value, Response, HASHHEXLEN);
17151758 (*response_value)[HASHHEXLEN] = 0;
17161759 }
17331776 *realm = (char *) params->serverFQDN;
17341777 } else {
17351778 params->utils->seterror(params->utils->conn, 0,
1736 "no way to obtain domain");
1779 "no way to obtain DIGEST-MD5 realm");
17371780 return SASL_FAIL;
17381781 }
17391782
17451788 */
17461789 static int htoi(unsigned char *hexin, unsigned int *res)
17471790 {
1748 int lup, inlen;
1791 size_t lup, inlen;
17491792 inlen = strlen((char *) hexin);
17501793
17511794 *res = 0;
18791922 * charset | cipher-opts | auth-param )
18801923 */
18811924
1882 /* FIXME: get nonce XXX have to clean up after self if fail */
18831925 nonce = create_nonce(sparams->utils);
18841926 if (nonce == NULL) {
18851927 SETERROR(sparams->utils, "internal erorr: failed creating a nonce");
19431985 if (stext->stale &&
19441986 add_to_challenge(sparams->utils,
19451987 &text->out_buf, &text->out_buf_len, &resplen,
1946 "stale", "true", FALSE) != SASL_OK) {
1988 "stale", (unsigned char *) "true", FALSE) != SASL_OK) {
19471989 SETERROR(sparams->utils, "internal error: add_to_challenge failed");
19481990 return SASL_FAIL;
19491991 }
19682010 }
19692011 }
19702012
1971
19722013 if (add_to_challenge(sparams->utils,
19732014 &text->out_buf, &text->out_buf_len, &resplen,
19742015 "charset",
19812022 /*
19822023 * algorithm
19832024 * This directive is required for backwards compatibility with HTTP
1984 * Digest., which supports other algorithms. . This directive is
2025 * Digest, which supports other algorithms. This directive is
19852026 * required and MUST appear exactly once; if not present, or if multiple
19862027 * instances are present, the client should abort the authentication
19872028 * exchange.
20072048 }
20082049
20092050 text->authid = NULL;
2010 _plug_strdup(sparams->utils, realm, &text->realm, NULL);
2051 if (_plug_strdup(sparams->utils, realm, &text->realm, NULL) != SASL_OK) {
2052 SETERROR(sparams->utils,
2053 "internal error: out of memory when saving realm");
2054 return SASL_FAIL;
2055 }
20112056 text->nonce = nonce;
20122057 text->nonce_count = 1;
20132058 text->cnonce = NULL;
20142059 stext->timestamp = time(0);
20152060
2016 *serveroutlen = strlen(text->out_buf);
2061 *serveroutlen = (unsigned) strlen(text->out_buf);
20172062 *serverout = text->out_buf;
20182063
20192064 text->state = 2;
20452090
20462091 /* setting the default value (65536) */
20472092 unsigned long client_maxbuf = 65536;
2048 int maxbuf_count = 0; /* How many maxbuf instaces was found */
2093 int maxbuf_count = 0; /* How many maxbuf instances was found */
20492094
20502095 char *charset = NULL;
20512096 char *cipher = NULL;
2052 unsigned int n=0;
2053
2054 HASH Secret;
2097 unsigned int n = 0;
2098
2099 HASH Secret;
20552100
20562101 /* password prop_request */
20572102 const char *password_request[] = { SASL_AUX_PASSWORD,
20582103 "*cmusaslsecretDIGEST-MD5",
20592104 NULL };
2060 unsigned len;
2105 size_t len;
20612106 struct propval auxprop_values[2];
20622107
20632108 /* can we mess with clientin? copy it to be safe */
20642109 char *in_start = NULL;
2065 char *in = NULL;
2110 char *in = NULL;
2111 cipher_free_t *old_cipher_free = NULL;
20662112
20672113 sparams->utils->log(sparams->utils->conn, SASL_LOG_DEBUG,
20682114 "DIGEST-MD5 server step 2");
20802126 char *name = NULL, *value = NULL;
20812127 get_pair(&in, &name, &value);
20822128
2083 if (name == NULL)
2129 if (name == NULL) {
2130 SETERROR(sparams->utils,
2131 "Parse error");
2132 result = SASL_BADAUTH;
2133 goto FreeAllMem;
2134 }
2135
2136 if (*name == '\0') {
20842137 break;
2085
2138 }
2139
20862140 /* Extracting parameters */
20872141
20882142 /*
21152169 } else if (strcasecmp(name, "nonce") == 0) {
21162170 _plug_strdup(sparams->utils, value, (char **) &nonce, NULL);
21172171 } else if (strcasecmp(name, "qop") == 0) {
2172 if (qop) {
2173 SETERROR(sparams->utils,
2174 "duplicate qop: authentication aborted");
2175 result = SASL_FAIL;
2176 goto FreeAllMem;
2177 }
21182178 _plug_strdup(sparams->utils, value, &qop, NULL);
21192179 } else if (strcasecmp(name, "digest-uri") == 0) {
21202180 size_t service_len;
22082268 * "6" | "7" | "8" | "9" | "a" | "b" | "c" | "d" | "e" | "f"
22092269 * cipher = "cipher" "=" cipher-value
22102270 */
2211 /* Verifing that all parameters was defined */
2212 if ((username == NULL) ||
2213 (nonce == NULL) ||
2214 (noncecount == 0) ||
2215 (cnonce == NULL) ||
2216 (digesturi == NULL) ||
2217 (response == NULL)) {
2218 SETERROR(sparams->utils, "required parameters missing");
2271 /* Verifing that all required parameters were received */
2272 if ((username == NULL)) {
2273 SETERROR(sparams->utils, "required parameters missing: username");
2274 result = SASL_BADAUTH;
2275 goto FreeAllMem;
2276 }
2277 if ((nonce == NULL)) {
2278 SETERROR(sparams->utils, "required parameters missing: nonce");
2279 result = SASL_BADAUTH;
2280 goto FreeAllMem;
2281 }
2282 if ((noncecount == 0)) {
2283 SETERROR(sparams->utils, "required parameters missing: noncecount");
2284 result = SASL_BADAUTH;
2285 goto FreeAllMem;
2286 }
2287 if ((cnonce == NULL)) {
2288 SETERROR(sparams->utils, "required parameters missing: cnonce");
2289 result = SASL_BADAUTH;
2290 goto FreeAllMem;
2291 }
2292 if ((digesturi == NULL)) {
2293 SETERROR(sparams->utils, "required parameters missing: digesturi");
2294 result = SASL_BADAUTH;
2295 goto FreeAllMem;
2296 }
2297 if ((response == NULL)) {
2298 SETERROR(sparams->utils, "required parameters missing: response");
22192299 result = SASL_BADAUTH;
22202300 goto FreeAllMem;
22212301 }
22302310
22312311 _plug_strdup(sparams->utils, text->reauth->e[val].realm,
22322312 &text->realm, NULL);
2233 _plug_strdup(sparams->utils, text->reauth->e[val].nonce,
2313 _plug_strdup(sparams->utils, (char *) text->reauth->e[val].nonce,
22342314 (char **) &text->nonce, NULL);
22352315 text->nonce_count = ++text->reauth->e[val].nonce_count;
2236 _plug_strdup(sparams->utils, text->reauth->e[val].cnonce,
2316 _plug_strdup(sparams->utils, (char *) text->reauth->e[val].cnonce,
22372317 (char **) &text->cnonce, NULL);
22382318 stext->timestamp = text->reauth->e[val].u.s.timestamp;
22392319 }
22492329
22502330 /* Sanity check the parameters */
22512331 if (realm == NULL) {
2252 /* From 2821bis:
2332 /* From 2831bis:
22532333 If the directive is missing, "realm-value" will set to
22542334 the empty string when computing A1. */
22552335 _plug_strdup(sparams->utils, "", &realm, NULL);
22702350 result = SASL_BADAUTH;
22712351 goto FreeAllMem;
22722352 }
2273 if (strcmp(nonce, (char *) text->nonce) != 0) {
2353 if (strcmp((char *) nonce, (char *) text->nonce) != 0) {
22742354 SETERROR(sparams->utils,
22752355 "nonce changed: authentication aborted");
22762356 result = SASL_BADAUTH;
22822362 result = SASL_BADAUTH;
22832363 goto FreeAllMem;
22842364 }
2285 if (text->cnonce && strcmp(cnonce, text->cnonce) != 0) {
2365 if (text->cnonce && strcmp((char *) cnonce, (char *) text->cnonce) != 0) {
22862366 SETERROR(sparams->utils,
22872367 "cnonce changed: authentication aborted");
22882368 result = SASL_BADAUTH;
23462426 goto FreeAllMem;
23472427 }
23482428
2349 sec->len = len;
2350 strncpy(sec->data, auxprop_values[0].values[0], len + 1);
2429 sec->len = (unsigned) len;
2430 strncpy((char *) sec->data, auxprop_values[0].values[0], len + 1);
23512431
23522432 /*
23532433 * Verifying response obtained from client
23642444 * (used to build A1)
23652445 */
23662446
2367 DigestCalcSecret(sparams->utils, username,
2368 text->realm, sec->data, sec->len, Secret);
2447 DigestCalcSecret(sparams->utils,
2448 (unsigned char *) username,
2449 (unsigned char *) text->realm,
2450 sec->data,
2451 sec->len,
2452 Secret);
23692453 Secret[HASHLEN] = '\0';
23702454 }
23712455
23722456 /* We're done with sec now. Let's get rid of it */
23732457 _plug_free_secret(sparams->utils, &sec);
23742458 } else if (auxprop_values[1].name && auxprop_values[1].values) {
2459 /* NB: This will most likely fail for clients that
2460 choose to ignore server-advertised realm */
23752461 memcpy(Secret, auxprop_values[1].values[0], HASHLEN);
23762462 Secret[HASHLEN] = '\0';
23772463 } else {
23862472 /* defaulting qop to "auth" if not specified */
23872473 if (qop == NULL) {
23882474 _plug_strdup(sparams->utils, "auth", &qop, NULL);
2475 }
2476
2477 if (oparams->mech_ssf > 1) {
2478 /* Remember the old cipher free function (if any).
2479 It will be called later, once we are absolutely
2480 sure that authentication was successful. */
2481 old_cipher_free = text->cipher_free;
2482 /* free the old cipher context first */
23892483 }
23902484
23912485 /* check which layer/cipher to use */
24972591 text->rec_seqnum = 0; /* for integrity/privacy */
24982592 text->utils = sparams->utils;
24992593
2594 /* Free the old security layer, if any */
2595 if (old_cipher_free) old_cipher_free(text);
2596
25002597 /* used by layers */
25012598 _plug_decode_init(&text->decode_context, text->utils,
25022599 sparams->props.maxbufsize ? sparams->props.maxbufsize :
25032600 DEFAULT_BUFSIZE);
25042601
25052602 if (oparams->mech_ssf > 0) {
2506 char enckey[16];
2507 char deckey[16];
2603 unsigned char enckey[16];
2604 unsigned char deckey[16];
25082605
25092606 create_layer_keys(text, sparams->utils,text->HA1,n,enckey,deckey);
25102607
25112608 /* initialize cipher if need be */
2512 if (text->cipher_init)
2609 if (text->cipher_init) {
25132610 if (text->cipher_init(text, enckey, deckey) != SASL_OK) {
25142611 sparams->utils->seterror(sparams->utils->conn, 0,
25152612 "couldn't init cipher");
25162613 }
2614 }
25172615 }
25182616
25192617 /*
25332631
25342632 /* add to challenge */
25352633 {
2536 unsigned resplen =
2537 strlen(text->response_value) + strlen("rspauth") + 3;
2634 unsigned resplen = (unsigned)
2635 (strlen(text->response_value) + strlen("rspauth") + 3);
25382636
25392637 result = _plug_buf_alloc(sparams->utils, &(text->out_buf),
25402638 &(text->out_buf_len), resplen);
25512649 }
25522650 }
25532651
2554 *serveroutlen = strlen(text->out_buf);
2652 *serveroutlen = (unsigned) strlen(text->out_buf);
25552653 *serverout = text->out_buf;
25562654
25572655 result = SASL_OK;
27142812 "DIGEST-MD5", /* mech_name */
27152813 #ifdef WITH_RC4
27162814 128, /* max_ssf */
2717 #elif WITH_DES
2815 #elif defined(WITH_DES)
27182816 112,
27192817 #else
27202818 1,
28282926 utils->MD5Init(&Md5Ctx);
28292927 utils->MD5Update(&Md5Ctx, HA1, HASHLEN);
28302928 utils->MD5Update(&Md5Ctx, COLON, 1);
2831 utils->MD5Update(&Md5Ctx, pszNonce, strlen((char *) pszNonce));
2929 utils->MD5Update(&Md5Ctx, pszNonce, (unsigned) strlen((char *) pszNonce));
28322930 utils->MD5Update(&Md5Ctx, COLON, 1);
2833 utils->MD5Update(&Md5Ctx, pszCNonce, strlen((char *) pszCNonce));
2931 utils->MD5Update(&Md5Ctx, pszCNonce, (unsigned) strlen((char *) pszCNonce));
28342932 if (pszAuthorization_id != NULL) {
28352933 utils->MD5Update(&Md5Ctx, COLON, 1);
28362934 utils->MD5Update(&Md5Ctx, pszAuthorization_id,
2837 strlen((char *) pszAuthorization_id));
2935 (unsigned) strlen((char *) pszAuthorization_id));
28382936 }
28392937 utils->MD5Final(HA1, &Md5Ctx);
28402938
29093007 result[HASHHEXLEN] = 0;
29103008
29113009 if (response_value != NULL) {
3010 char * new_response_value;
3011
29123012 DigestCalcResponse(utils,
29133013 SessionKey, /* HEX(H(A1)) */
29143014 nonce, /* nonce from server */
29223022 Response /* request-digest or response-digest */
29233023 );
29243024
2925 *response_value = utils->malloc(HASHHEXLEN + 1);
2926 if (*response_value == NULL)
3025 new_response_value = utils->realloc(*response_value, HASHHEXLEN + 1);
3026 if (new_response_value == NULL) {
3027 free (*response_value);
3028 *response_value = NULL;
29273029 return NULL;
3030 }
3031 *response_value = new_response_value;
29283032
29293033 memcpy(*response_value, Response, HASHHEXLEN);
29303034 (*response_value)[HASHHEXLEN] = 0;
29483052 char *response = NULL;
29493053 unsigned resplen = 0;
29503054 int result = SASL_OK;
3055 cipher_free_t *old_cipher_free = NULL;
3056
3057 params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
3058 "DIGEST-MD5 make_client_response()");
3059
3060 if (oparams->mech_ssf > 1) {
3061 /* Remember the old cipher free function (if any).
3062 It will be called later, once we are absolutely
3063 sure that authentication was successful. */
3064 old_cipher_free = text->cipher_free;
3065 /* free the old cipher context first */
3066 }
29513067
29523068 switch (ctext->protection) {
29533069 case DIGEST_PRIVACY:
29963112 response =
29973113 calculate_response(text,
29983114 params->utils,
2999 (char *) oparams->authid,
3115 (unsigned char *) oparams->authid,
30003116 (unsigned char *) text->realm,
30013117 text->nonce,
30023118 text->nonce_count,
30053121 digesturi,
30063122 ctext->password,
30073123 strcmp(oparams->user, oparams->authid) ?
3008 (char *) oparams->user : NULL,
3124 (unsigned char *) oparams->user : NULL,
30093125 &text->response_value);
30103126
30113127
30303146 if (strcmp(oparams->user, oparams->authid)) {
30313147 if (add_to_challenge(params->utils,
30323148 &text->out_buf, &text->out_buf_len, &resplen,
3033 "authzid", (char *) oparams->user, TRUE) != SASL_OK) {
3149 "authzid", (unsigned char *) oparams->user, TRUE) != SASL_OK) {
30343150 result = SASL_FAIL;
30353151 goto FreeAllocatedMem;
30363152 }
31273243 text->rec_seqnum = 0; /* for integrity/privacy */
31283244 text->utils = params->utils;
31293245
3246 /* Free the old security layer, if any */
3247 if (old_cipher_free) old_cipher_free(text);
3248
31303249 /* used by layers */
31313250 _plug_decode_init(&text->decode_context, text->utils,
31323251 params->props.maxbufsize ? params->props.maxbufsize :
31333252 DEFAULT_BUFSIZE);
31343253
31353254 if (oparams->mech_ssf > 0) {
3136 char enckey[16];
3137 char deckey[16];
3255 unsigned char enckey[16];
3256 unsigned char deckey[16];
31383257
31393258 create_layer_keys(text, params->utils, text->HA1, nbits,
31403259 enckey, deckey);
31413260
31423261 /* initialize cipher if need be */
3143 if (text->cipher_init)
3144 text->cipher_init(text, enckey, deckey);
3262 if (text->cipher_init) {
3263 text->cipher_init(text, enckey, deckey);
3264 }
31453265 }
31463266
31473267 result = SASL_OK;
31673287 sasl_ssf_t limit, musthave = 0;
31683288 sasl_ssf_t external;
31693289 int protection = 0;
3290 int saw_qop = 0;
31703291 int ciphers = 0;
31713292 int maxbuf_count = 0;
31723293 bool IsUTF8 = FALSE;
31733294 int algorithm_count = 0;
3295
3296 params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
3297 "DIGEST-MD5 parse_server_challenge()");
31743298
31753299 if (!serverin || !serverinlen) {
31763300 params->utils->seterror(params->utils->conn, 0,
32043328 /* if parse error */
32053329 if (name == NULL) {
32063330 params->utils->seterror(params->utils->conn, 0, "Parse error");
3207 result = SASL_FAIL;
3331 result = SASL_BADAUTH;
32083332 goto FreeAllocatedMem;
32093333 }
32103334
3335 if (*name == '\0') {
3336 break;
3337 }
3338
32113339 if (strcasecmp(name, "realm") == 0) {
32123340 nrealm++;
32133341
32293357 NULL);
32303358 text->nonce_count = 1;
32313359 } else if (strcasecmp(name, "qop") == 0) {
3360 saw_qop = 1;
32323361 while (value && *value) {
32333362 char *comma;
32343363 char *end_val;
32773406 }
32783407
32793408 value = comma;
3280 }
3281
3282 if (protection == 0) {
3283 result = SASL_BADAUTH;
3284 params->utils->seterror(params->utils->conn, 0,
3285 "Server doesn't support any known qop level");
3286 goto FreeAllocatedMem;
32873409 }
32883410 } else if (strcasecmp(name, "cipher") == 0) {
32893411 while (value && *value) {
34113533 }
34123534 }
34133535
3536 if (protection == 0) {
3537 /* From RFC 2831[bis]:
3538 This directive is optional; if not present it defaults to "auth". */
3539 if (saw_qop == 0) {
3540 protection = DIGEST_NOLAYER;
3541 } else {
3542 result = SASL_BADAUTH;
3543 params->utils->seterror(params->utils->conn, 0,
3544 "Server doesn't support any known qop level");
3545 goto FreeAllocatedMem;
3546 }
3547 }
3548
34143549 if (algorithm_count != 1) {
34153550 params->utils->seterror(params->utils->conn, 0,
34163551 "Must see 'algorithm' once. Didn't see at all");
35373672 int realm_result = SASL_FAIL;
35383673 int i;
35393674 size_t len;
3675
3676 params->utils->log(params->utils->conn, SASL_LOG_DEBUG,
3677 "DIGEST-MD5 ask_user_info()");
35403678
35413679 /* try to get the authid */
35423680 if (oparams->authid == NULL) {
37253863 !strcmp(text->reauth->e[val].authid, oparams->authid)) {
37263864
37273865 /* we have info, so use it */
3866 if (text->realm) params->utils->free(text->realm);
37283867 _plug_strdup(params->utils, text->reauth->e[val].realm,
37293868 &text->realm, NULL);
3730 _plug_strdup(params->utils, text->reauth->e[val].nonce,
3869 _plug_strdup(params->utils, (char *) text->reauth->e[val].nonce,
37313870 (char **) &text->nonce, NULL);
37323871 text->nonce_count = ++text->reauth->e[val].nonce_count;
3733 _plug_strdup(params->utils, text->reauth->e[val].cnonce,
3872 _plug_strdup(params->utils, (char *) text->reauth->e[val].cnonce,
37343873 (char **) &text->cnonce, NULL);
37353874 ctext->protection = text->reauth->e[val].u.c.protection;
37363875 ctext->cipher = text->reauth->e[val].u.c.cipher;
37543893 result = make_client_response(text, params, oparams);
37553894 if (result != SASL_OK) return result;
37563895
3757 *clientoutlen = strlen(text->out_buf);
3896 *clientoutlen = (unsigned) strlen(text->out_buf);
37583897 *clientout = text->out_buf;
37593898
37603899 text->state = 3;
38183957 result = make_client_response(text, params, oparams);
38193958 if (result != SASL_OK) goto FreeAllocatedMem;
38203959
3821 *clientoutlen = strlen(text->out_buf);
3960 *clientoutlen = (unsigned) strlen(text->out_buf);
38223961 *clientout = text->out_buf;
38233962
38243963 text->state = 3;
38624001 if (name == NULL) {
38634002 params->utils->seterror(params->utils->conn, 0,
38644003 "DIGEST-MD5 Received Garbage");
4004 result = SASL_BADAUTH;
38654005 break;
38664006 }
38674007
4008 if (*name == '\0') {
4009 break;
4010 }
4011
38684012 if (strcasecmp(name, "rspauth") == 0) {
38694013
38704014 if (strcmp(text->response_value, value) != 0) {
39964140 if (text->realm) params->utils->free(text->realm);
39974141 if (text->nonce) params->utils->free(text->nonce);
39984142 if (text->cnonce) params->utils->free(text->cnonce);
3999 text->realm = text->nonce = text->cnonce = NULL;
4143 text->realm = NULL;
4144 text->nonce = text->cnonce = NULL;
40004145 ctext->cipher = NULL;
40014146
40024147 case 2:
40224167
40234168 if (!ctext || !utils) return;
40244169
4170 utils->log(utils->conn, SASL_LOG_DEBUG,
4171 "DIGEST-MD5 client mech dispose");
4172
40254173 if (ctext->free_password) _plug_free_secret(utils, &ctext->password);
40264174
40274175 digestmd5_common_mech_dispose(conn_context, utils);
40334181 "DIGEST-MD5",
40344182 #ifdef WITH_RC4 /* mech_name */
40354183 128, /* max ssf */
4036 #elif WITH_DES
4184 #elif defined(WITH_DES)
40374185 112,
40384186 #else
40394187 1,
00 /* GSSAPI SASL plugin
11 * Leif Johansson
22 * Rob Siemborski (SASL v2 Conversion)
3 * $Id: gssapi.c,v 1.92 2004/07/21 14:39:06 rjs3 Exp $
3 * $Id: gssapi.c,v 1.100 2009/08/04 17:17:26 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
8181
8282 /***************************** Common Section *****************************/
8383
84 static const char plugin_id[] = "$Id: gssapi.c,v 1.92 2004/07/21 14:39:06 rjs3 Exp $";
84 static const char plugin_id[] = "$Id: gssapi.c,v 1.100 2009/08/04 17:17:26 mel Exp $";
8585
8686 static const char * GSSAPI_BLANK_STRING = "";
8787
319319
320320 if(!output) return SASL_BADPARAM;
321321
322 if(numiov > 1) {
322 if (numiov > 1) {
323323 ret = _plug_iovec_to_buf(text->utils, invec, numiov, &text->enc_in_buf);
324 if(ret != SASL_OK) return ret;
324 if (ret != SASL_OK) return ret;
325325 inblob = text->enc_in_buf;
326326 } else {
327327 bufinfo.data = invec[0].iov_base;
350350 output_token);
351351 GSS_UNLOCK_MUTEX(text->utils);
352352
353 if (GSS_ERROR(maj_stat))
354 {
355 sasl_gss_seterror(text->utils, maj_stat, min_stat);
356 if (output_token->value) {
357 GSS_LOCK_MUTEX(text->utils);
358 gss_release_buffer(&min_stat, output_token);
359 GSS_UNLOCK_MUTEX(text->utils);
360 }
361 return SASL_FAIL;
362 }
353 if (GSS_ERROR(maj_stat)) {
354 sasl_gss_seterror(text->utils, maj_stat, min_stat);
355 if (output_token->value) {
356 GSS_LOCK_MUTEX(text->utils);
357 gss_release_buffer(&min_stat, output_token);
358 GSS_UNLOCK_MUTEX(text->utils);
359 }
360 return SASL_FAIL;
361 }
363362
364363 if (output_token->value && output) {
365364 int len;
389388 GSS_LOCK_MUTEX(text->utils);
390389 gss_release_buffer(&min_stat, output_token);
391390 GSS_UNLOCK_MUTEX(text->utils);
392 }
391 }
392
393393 return SASL_OK;
394394 }
395395
407407 return sasl_gss_encode(context,invec,numiov,output,outputlen,0);
408408 }
409409
410 static int gssapi_decode_packet(void *context,
411 const char *input, unsigned inputlen,
412 char **output, unsigned *outputlen)
410 static int
411 gssapi_decode_packet(void *context,
412 const char *input,
413 unsigned inputlen,
414 char **output,
415 unsigned *outputlen)
413416 {
414417 context_t *text = (context_t *) context;
415418 OM_uint32 maj_stat, min_stat;
439442 NULL);
440443 GSS_UNLOCK_MUTEX(text->utils);
441444
442 if (GSS_ERROR(maj_stat))
443 {
444 sasl_gss_seterror(text->utils,maj_stat,min_stat);
445 if (output_token->value) {
446 GSS_LOCK_MUTEX(text->utils);
447 gss_release_buffer(&min_stat, output_token);
448 GSS_UNLOCK_MUTEX(text->utils);
449 }
450 return SASL_FAIL;
451 }
452
453 if (outputlen)
445 if (GSS_ERROR(maj_stat)) {
446 sasl_gss_seterror(text->utils,maj_stat,min_stat);
447 if (output_token->value) {
448 GSS_LOCK_MUTEX(text->utils);
449 gss_release_buffer(&min_stat, output_token);
450 GSS_UNLOCK_MUTEX(text->utils);
451 }
452 return SASL_FAIL;
453 }
454
455 if (outputlen) {
454456 *outputlen = output_token->length;
457 }
455458
456459 if (output_token->value) {
457460 if (output) {
458461 result = _plug_buf_alloc(text->utils, &text->decode_once_buf,
459462 &text->decode_once_buf_len,
460463 *outputlen);
461 if(result != SASL_OK) {
464 if (result != SASL_OK) {
462465 GSS_LOCK_MUTEX(text->utils);
463466 gss_release_buffer(&min_stat, output_token);
464467 GSS_UNLOCK_MUTEX(text->utils);
722725 input_token,
723726 GSS_C_NO_CHANNEL_BINDINGS,
724727 &text->client_name,
725 NULL,
728 NULL, /* resulting mech_name */
726729 output_token,
727730 &out_flags,
728 NULL,
731 NULL, /* context validity period */
729732 &(text->client_creds));
730733 GSS_UNLOCK_MUTEX(params->utils);
731734
773776 } else {
774777 /* No output token, send an empty string */
775778 *serverout = GSSAPI_BLANK_STRING;
776 serveroutlen = 0;
777 }
778
779 *serveroutlen = 0;
780 }
781
779782 if (maj_stat == GSS_S_COMPLETE) {
780783 /* Switch to ssf negotiation */
781784 text->state = SASL_GSSAPI_STATE_SSFCAP;
782 }
783
784 return SASL_CONTINUE;
785
786 if (*serveroutlen != 0) {
787 return SASL_CONTINUE;
788 }
789
790 /* Pretend that we just got an empty response from the client */
791 clientinlen = 0;
792
793 /* fall through */
794 } else {
795 return SASL_CONTINUE;
796 }
785797
786798 case SASL_GSSAPI_STATE_SSFCAP: {
787799 unsigned char sasldata[4];
793805 name_token.value = NULL;
794806 name_without_realm.value = NULL;
795807
796 /* We ignore whatever the client sent us at this stage */
808 if (clientinlen != 0) {
809 SETERROR(text->utils, "GSSAPI server is not expecting data at this stage");
810 sasl_gss_free_context_contents(text);
811 return SASL_BADAUTH;
812 }
797813
798814 GSS_LOCK_MUTEX(params->utils);
799815 maj_stat = gss_display_name (&min_stat,
803819 GSS_UNLOCK_MUTEX(params->utils);
804820
805821 if (GSS_ERROR(maj_stat)) {
806 if (without) {
807 GSS_LOCK_MUTEX(params->utils);
808 gss_release_name(&min_stat, &without);
809 GSS_UNLOCK_MUTEX(params->utils);
810 }
811822 SETERROR(text->utils, "GSSAPI Failure");
812823 sasl_gss_free_context_contents(text);
813824 return SASL_BADAUTH;
918929 }
919930 if (name_without_realm.value) {
920931 params->utils->free(name_without_realm.value);
921 }
932 }
922933
923934 /* we have to decide what sort of encryption/integrity/etc.,
924935 we support */
934945 }
935946
936947 /* build up our security properties token */
937 if (params->props.maxbufsize > 0xFFFFFF) {
938 /* make sure maxbufsize isn't too large */
939 /* maxbufsize = 0xFFFFFF */
940 sasldata[1] = sasldata[2] = sasldata[3] = 0xFF;
941 } else {
942 sasldata[1] = (params->props.maxbufsize >> 16) & 0xFF;
943 sasldata[2] = (params->props.maxbufsize >> 8) & 0xFF;
944 sasldata[3] = (params->props.maxbufsize >> 0) & 0xFF;
945 }
948 if (text->requiressf != 0) {
949 if (params->props.maxbufsize > 0xFFFFFF) {
950 /* make sure maxbufsize isn't too large */
951 /* maxbufsize = 0xFFFFFF */
952 sasldata[1] = sasldata[2] = sasldata[3] = 0xFF;
953 } else {
954 sasldata[1] = (params->props.maxbufsize >> 16) & 0xFF;
955 sasldata[2] = (params->props.maxbufsize >> 8) & 0xFF;
956 sasldata[3] = (params->props.maxbufsize >> 0) & 0xFF;
957 }
958 } else {
959 /* From RFC 4752: "The client verifies that the server maximum buffer is 0
960 if the server does not advertise support for any security layer." */
961 sasldata[1] = sasldata[2] = sasldata[3] = 0;
962 }
963
946964 sasldata[0] = 0;
947965 if(text->requiressf != 0 && !params->props.maxbufsize) {
948966 params->utils->seterror(params->utils->conn, 0,
10311049
10321050 if (GSS_ERROR(maj_stat)) {
10331051 sasl_gss_seterror(text->utils, maj_stat, min_stat);
1052 sasl_gss_free_context_contents(text);
1053 return SASL_FAIL;
1054 }
1055
1056 if (output_token->length < 4) {
1057 SETERROR(text->utils,
1058 "token too short");
1059 GSS_LOCK_MUTEX(params->utils);
1060 gss_release_buffer(&min_stat, output_token);
1061 GSS_UNLOCK_MUTEX(params->utils);
10341062 sasl_gss_free_context_contents(text);
10351063 return SASL_FAIL;
10361064 }
10821110 ret = params->canon_user(params->utils->conn,
10831111 text->authid,
10841112 0, /* strlen(text->authid) */
1085 SASL_CU_AUTHID, oparams);
1113 SASL_CU_AUTHID | SASL_CU_EXTERNALLY_VERIFIED, oparams);
10861114 if (ret != SASL_OK) {
10871115 sasl_gss_free_context_contents(text);
10881116 return ret;
10891117 }
1090 } else if(output_token->length == 4) {
1118 } else /* if (output_token->length == 4) */ {
10911119 /* null authzid */
10921120 int ret;
10931121
10941122 ret = params->canon_user(params->utils->conn,
10951123 text->authid,
10961124 0, /* strlen(text->authid) */
1097 SASL_CU_AUTHZID | SASL_CU_AUTHID,
1125 SASL_CU_AUTHZID | SASL_CU_AUTHID | SASL_CU_EXTERNALLY_VERIFIED,
10981126 oparams);
10991127
11001128 if (ret != SASL_OK) {
11011129 sasl_gss_free_context_contents(text);
11021130 return ret;
1103 }
1104 } else {
1105 SETERROR(text->utils,
1106 "token too short");
1107 GSS_LOCK_MUTEX(params->utils);
1108 gss_release_buffer(&min_stat, output_token);
1109 GSS_UNLOCK_MUTEX(params->utils);
1110 sasl_gss_free_context_contents(text);
1111 return SASL_FAIL;
1112 }
1131 }
1132 }
11131133
11141134 /* No matter what, set the rest of the oparams */
11151135
11491169 text->state = SASL_GSSAPI_STATE_AUTHENTICATED;
11501170
11511171 /* used by layers */
1152 _plug_decode_init(&text->decode_context, text->utils,
1172 _plug_decode_init(&text->decode_context,
1173 text->utils,
11531174 (params->props.maxbufsize > 0xFFFFFF) ? 0xFFFFFF :
11541175 params->props.maxbufsize);
11551176
11781199 | SASL_SEC_MUTUAL_AUTH /* security_flags */
11791200 | SASL_SEC_PASS_CREDENTIALS,
11801201 SASL_FEAT_WANT_CLIENT_FIRST
1181 | SASL_FEAT_ALLOWS_PROXY, /* features */
1202 | SASL_FEAT_ALLOWS_PROXY
1203 | SASL_FEAT_DONTUSE_USERPASSWD, /* features */
11821204 NULL, /* glob_context */
11831205 &gssapi_server_mech_new, /* mech_new */
11841206 &gssapi_server_mech_step, /* mech_step */
13471369 }
13481370
13491371 if (text->server_name == GSS_C_NO_NAME) { /* only once */
1372 if (params->serverFQDN == NULL
1373 || strlen(params->serverFQDN) == 0) {
1374 SETERROR(text->utils, "GSSAPI Failure: no serverFQDN");
1375 return SASL_FAIL;
1376 }
13501377 name_token.length = strlen(params->service) + 1 + strlen(params->serverFQDN);
13511378 name_token.value = (char *)params->utils->malloc((name_token.length + 1) * sizeof(char));
13521379 if (name_token.value == NULL) {
13531380 sasl_gss_free_context_contents(text);
13541381 return SASL_NOMEM;
1355 }
1356 if (params->serverFQDN == NULL
1357 || strlen(params->serverFQDN) == 0) {
1358 SETERROR(text->utils, "GSSAPI Failure: no serverFQDN");
1359 return SASL_FAIL;
13601382 }
13611383
13621384 sprintf(name_token.value,"%s@%s", params->service, params->serverFQDN);
15601582 return SASL_FAIL;
15611583 }
15621584
1585 if (output_token->length != 4) {
1586 SETERROR(text->utils,
1587 (output_token->length < 4) ? "token too short" : "token too long");
1588 GSS_LOCK_MUTEX(params->utils);
1589 gss_release_buffer(&min_stat, output_token);
1590 GSS_UNLOCK_MUTEX(params->utils);
1591 sasl_gss_free_context_contents(text);
1592 return SASL_FAIL;
1593 }
1594
15631595 /* taken from kerberos.c */
15641596 if (secprops->min_ssf > (K5_MAX_SSF + external)) {
15651597 return SASL_TOOWEAK;
15791611 /* good to go */
15801612 need = 0;
15811613 }
1582
1614
15831615 /* bit mask of server support */
15841616 serverhas = ((char *)output_token->value)[0];
15851617
16141646 (((unsigned char *) output_token->value)[2] << 8) |
16151647 (((unsigned char *) output_token->value)[3] << 0);
16161648
1617 if(oparams->mech_ssf) {
1649 if (oparams->mech_ssf) {
16181650 maj_stat = gss_wrap_size_limit( &min_stat,
16191651 text->gss_ctx,
16201652 1,
16221654 (OM_uint32) oparams->maxoutbuf,
16231655 &max_input);
16241656
1625 if(max_input > oparams->maxoutbuf) {
1657 if (max_input > oparams->maxoutbuf) {
16261658 /* Heimdal appears to get this wrong */
16271659 oparams->maxoutbuf -= (max_input - oparams->maxoutbuf);
16281660 } else {
16391671 * Make sure the client actually requested it though, by checking
16401672 * if our context was set.
16411673 */
1642 if (text->user && text->user[0])
1674 if (text->user && text->user[0]) {
16431675 alen = strlen(oparams->user);
1644 else
1676 } else {
16451677 alen = 0;
1678 }
16461679
16471680 input_token->length = 4 + alen;
16481681 input_token->value =
16561689 memcpy((char *)input_token->value+4,oparams->user,alen);
16571690
16581691 /* build up our security properties token */
1659 if (params->props.maxbufsize > 0xFFFFFF) {
1660 /* make sure maxbufsize isn't too large */
1661 /* maxbufsize = 0xFFFFFF */
1662 ((unsigned char *)input_token->value)[1] = 0xFF;
1663 ((unsigned char *)input_token->value)[2] = 0xFF;
1664 ((unsigned char *)input_token->value)[3] = 0xFF;
1665 } else {
1666 ((unsigned char *)input_token->value)[1] =
1667 (params->props.maxbufsize >> 16) & 0xFF;
1668 ((unsigned char *)input_token->value)[2] =
1669 (params->props.maxbufsize >> 8) & 0xFF;
1670 ((unsigned char *)input_token->value)[3] =
1671 (params->props.maxbufsize >> 0) & 0xFF;
1672 }
1692 if (mychoice > 1) {
1693 if (params->props.maxbufsize > 0xFFFFFF) {
1694 /* make sure maxbufsize isn't too large */
1695 /* maxbufsize = 0xFFFFFF */
1696 ((unsigned char *)input_token->value)[1] = 0xFF;
1697 ((unsigned char *)input_token->value)[2] = 0xFF;
1698 ((unsigned char *)input_token->value)[3] = 0xFF;
1699 } else {
1700 ((unsigned char *)input_token->value)[1] =
1701 (params->props.maxbufsize >> 16) & 0xFF;
1702 ((unsigned char *)input_token->value)[2] =
1703 (params->props.maxbufsize >> 8) & 0xFF;
1704 ((unsigned char *)input_token->value)[3] =
1705 (params->props.maxbufsize >> 0) & 0xFF;
1706 }
1707 } else {
1708 ((unsigned char *)input_token->value)[1] = 0;
1709 ((unsigned char *)input_token->value)[2] = 0;
1710 ((unsigned char *)input_token->value)[3] = 0;
1711 }
16731712 ((unsigned char *)input_token->value)[0] = mychoice;
16741713
16751714 GSS_LOCK_MUTEX(params->utils);
16961735 return SASL_FAIL;
16971736 }
16981737
1699 if (clientoutlen)
1738 if (clientoutlen) {
17001739 *clientoutlen = output_token->length;
1740 }
17011741 if (output_token->value) {
17021742 if (clientout) {
1703 ret = _plug_buf_alloc(text->utils, &(text->out_buf),
1704 &(text->out_buf_len), *clientoutlen);
1743 ret = _plug_buf_alloc(text->utils,
1744 &(text->out_buf),
1745 &(text->out_buf_len),
1746 *clientoutlen);
17051747 if (ret != SASL_OK) {
17061748 GSS_LOCK_MUTEX(params->utils);
17071749 gss_release_buffer(&min_stat, output_token);
00 /* Kerberos4 SASL plugin
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: kerberos4.c,v 1.99 2005/01/10 07:08:53 shadow Exp $
3 * $Id: kerberos4.c,v 1.100 2009/03/10 16:27:52 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
114114
115115 /***************************** Common Section *****************************/
116116
117 static const char plugin_id[] = "$Id: kerberos4.c,v 1.99 2005/01/10 07:08:53 shadow Exp $";
117 static const char plugin_id[] = "$Id: kerberos4.c,v 1.100 2009/03/10 16:27:52 mel Exp $";
118118
119119 #ifndef KEYFILE
120120 #define KEYFILE "/etc/srvtab";
744744 if (sparams->canon_user) {
745745 char *user=NULL, *authid=NULL;
746746 size_t ulen = 0, alen = strlen(text->pname);
747 int ret, cflag = SASL_CU_AUTHID;
747 int ret, cflag = SASL_CU_AUTHID | SASL_CU_EXTERNALLY_VERIFIED;
748748
749749 if (text->pinst[0]) {
750750 alen += strlen(text->pinst) + 1 /* for the . */;
00 /* $OpenLDAP: pkg/ldap/contrib/ldapsasl/ldapdb.c,v 1.1.2.7 2003/11/29 22:10:03 hyc Exp $ */
1 /* SASL LDAP auxprop implementation
2 * Copyright (C) 2002,2003 Howard Chu, All rights reserved. <hyc@symas.com>
1 /* SASL LDAP auxprop+canonuser implementation
2 * Copyright (C) 2002-2007 Howard Chu, All rights reserved. <hyc@symas.com>
33 *
44 * Redistribution and use in source and binary forms, with or without
55 * modification, are permitted only as authorized by the OpenLDAP
1313 #include <config.h>
1414
1515 #include <stdio.h>
16 #include <ctype.h>
1617
1718 #include "sasl.h"
1819 #include "saslutil.h"
2526 static char ldapdb[] = "ldapdb";
2627
2728 typedef struct ldapctx {
29 int inited; /* Have we already read the config? */
2830 const char *uri; /* URI of LDAP server */
2931 struct berval id; /* SASL authcid to bind as */
3032 struct berval pw; /* password for bind */
3133 struct berval mech; /* SASL mech */
3234 int use_tls; /* Issue StartTLS request? */
35 struct berval canon; /* Use attr in user entry for canonical name */
3336 } ldapctx;
37
38 static ldapctx ldapdb_ctx;
3439
3540 static int ldapdb_interact(LDAP *ld, unsigned flags __attribute__((unused)),
3641 void *def, void *inter)
7883 char *authzid;
7984
8085 if((i=ldap_initialize(&cp->ld, ctx->uri))) {
81 return i;
86 return i;
8287 }
8388
8489 authzid = sparams->utils->malloc(ulen + sizeof("u:"));
125130 return i;
126131 }
127132
128 static void ldapdb_auxprop_lookup(void *glob_context,
133 static int ldapdb_auxprop_lookup(void *glob_context,
129134 sasl_server_params_t *sparams,
130135 unsigned flags,
131136 const char *user,
134139 ldapctx *ctx = glob_context;
135140 connparm cp;
136141 int ret, i, n, *aindx;
142 int result;
143 int j;
137144 const struct propval *pr;
138145 struct berval **bvals;
139146 LDAPMessage *msg, *res;
140147 char **attrs = NULL;
141148
142 if(!ctx || !sparams || !user) return;
149 if(!ctx || !sparams || !user) return SASL_BADPARAM;
143150
144151 pr = sparams->utils->prop_get(sparams->propctx);
145 if(!pr) return;
152 if (!pr) return SASL_FAIL;
146153
147154 /* count how many attrs to fetch */
148155 for(i = 0, n = 0; pr[i].name; i++) {
152159 continue;
153160 n++;
154161 }
162
155163 /* nothing to do, bail out */
156 if (!n) return;
164 if (!n) return SASL_OK;
157165
158166 /* alloc an array of attr names for search, and index to the props */
159167 attrs = sparams->utils->malloc((n+1)*sizeof(char *)*2);
160 if (!attrs) return;
168 if (!attrs) {
169 result = SASL_NOMEM;
170 goto done;
171 }
161172
162173 aindx = (int *)(attrs + n + 1);
163174
174185 }
175186 attrs[n] = NULL;
176187
177 if(ldapdb_connect(ctx, sparams, user, ulen, &cp)) {
178 goto done;
188 if ((ret = ldapdb_connect(ctx, sparams, user, ulen, &cp)) != LDAP_SUCCESS) {
189 goto process_ldap_error;
179190 }
180191
181192 ret = ldap_search_ext_s(cp.ld, cp.dn->bv_val+3, LDAP_SCOPE_BASE,
182193 "(objectclass=*)", attrs, 0, cp.ctrl, NULL, NULL, 1, &res);
183194 ber_bvfree(cp.dn);
184195
185 if (ret != LDAP_SUCCESS) goto done;
186
187 for(msg=ldap_first_message(cp.ld, res); msg; msg=ldap_next_message(cp.ld, msg))
188 {
196 if (ret != LDAP_SUCCESS) {
197 goto process_ldap_error;
198 }
199
200 /* Assume no user by default */
201 ret = LDAP_NO_SUCH_OBJECT;
202
203 for (msg = ldap_first_message(cp.ld, res);
204 msg;
205 msg = ldap_next_message(cp.ld, msg)) {
189206 if (ldap_msgtype(msg) != LDAP_RES_SEARCH_ENTRY) continue;
190 for (i=0; i<n; i++)
191 {
207
208 /* Presence of a search result response indicates that the user exists */
209 ret = LDAP_SUCCESS;
210
211 for (i = 0; i < n; i++) {
192212 bvals = ldap_get_values_len(cp.ld, msg, attrs[i]);
193213 if (!bvals) continue;
194 if (pr[aindx[i]].values)
214
215 if (pr[aindx[i]].values) {
195216 sparams->utils->prop_erase(sparams->propctx, pr[aindx[i]].name);
196 sparams->utils->prop_set(sparams->propctx, pr[aindx[i]].name,
197 bvals[0]->bv_val, bvals[0]->bv_len);
217 }
218
219 for ( j = 0; bvals[j] != NULL; j++ ) {
220 sparams->utils->prop_set(sparams->propctx,
221 pr[aindx[i]].name,
222 bvals[j]->bv_val,
223 bvals[j]->bv_len);
224 }
198225 ber_bvecfree(bvals);
199226 }
200227 }
201228 ldap_msgfree(res);
202229
230 process_ldap_error:
231 switch (ret) {
232 case LDAP_SUCCESS:
233 result = SASL_OK;
234 break;
235
236 case LDAP_NO_SUCH_OBJECT:
237 result = SASL_NOUSER;
238 break;
239
240 case LDAP_NO_MEMORY:
241 result = SASL_NOMEM;
242 break;
243
244 case LDAP_SERVER_DOWN:
245 case LDAP_BUSY:
246 case LDAP_UNAVAILABLE:
247 case LDAP_CONNECT_ERROR:
248 result = SASL_UNAVAIL;
249 break;
250
251 case LDAP_PROXY_AUTHZ_FAILURE:
252 case LDAP_INAPPROPRIATE_AUTH:
253 case LDAP_INVALID_CREDENTIALS:
254 case LDAP_INSUFFICIENT_ACCESS:
255 result = SASL_BADAUTH;
256 break;
257
258 default:
259 result = SASL_FAIL;
260 break;
261 }
262
203263 done:
204264 if(attrs) sparams->utils->free(attrs);
205 if(cp.ld) ldap_unbind(cp.ld);
265 if(cp.ld) ldap_unbind_ext(cp.ld, NULL, NULL);
266
267 return result;
206268 }
207269
208270 static int ldapdb_auxprop_store(void *glob_context,
253315 if (i == LDAP_NO_MEMORY) i = SASL_NOMEM;
254316 else i = SASL_FAIL;
255317 }
256 if (cp.ld) ldap_unbind(cp.ld);
318 if(cp.ld) ldap_unbind_ext(cp.ld, NULL, NULL);
257319 return i;
258320 }
259321
260 static void ldapdb_auxprop_free(void *glob_ctx, const sasl_utils_t *utils)
261 {
262 utils->free(glob_ctx);
263 }
264
265 static sasl_auxprop_plug_t ldapdb_auxprop_plugin = {
266 0, /* Features */
267 0, /* spare */
268 NULL, /* glob_context */
269 ldapdb_auxprop_free, /* auxprop_free */
270 ldapdb_auxprop_lookup, /* auxprop_lookup */
271 ldapdb, /* name */
272 ldapdb_auxprop_store /* auxprop store */
273 };
274
275 int ldapdb_auxprop_plug_init(const sasl_utils_t *utils,
276 int max_version,
277 int *out_version,
278 sasl_auxprop_plug_t **plug,
279 const char *plugname __attribute__((unused)))
280 {
281 ldapctx tmp, *p;
322 static int
323 ldapdb_canon_server(void *glob_context,
324 sasl_server_params_t *sparams,
325 const char *user,
326 unsigned ulen,
327 unsigned flags,
328 char *out,
329 unsigned out_max,
330 unsigned *out_ulen)
331 {
332 ldapctx *ctx = glob_context;
333 connparm cp;
334 struct berval **bvals;
335 LDAPMessage *msg, *res;
336 char *rdn, *attrs[2];
337 unsigned len;
338 int ret;
339
340 if(!ctx || !sparams || !user) return SASL_BADPARAM;
341
342 /* If no canon attribute was configured, we can't do anything */
343 if(!ctx->canon.bv_val) return SASL_BADPARAM;
344
345 /* Trim whitespace */
346 while(isspace(*(unsigned char *)user)) {
347 user++;
348 ulen--;
349 }
350 while(isspace((unsigned char)user[ulen-1])) {
351 ulen--;
352 }
353
354 if (!ulen) {
355 sparams->utils->seterror(sparams->utils->conn, 0,
356 "All-whitespace username.");
357 return SASL_FAIL;
358 }
359
360 ret = ldapdb_connect(ctx, sparams, user, ulen, &cp);
361 if ( ret ) goto done;
362
363 /* See if the RDN uses the canon attr. If so, just use the RDN
364 * value, we don't need to do a search.
365 */
366 rdn = cp.dn->bv_val+3;
367 if (!strncasecmp(ctx->canon.bv_val, rdn, ctx->canon.bv_len) &&
368 rdn[ctx->canon.bv_len] == '=') {
369 char *comma;
370 rdn += ctx->canon.bv_len + 1;
371 comma = strchr(rdn, ',');
372 if ( comma )
373 len = comma - rdn;
374 else
375 len = cp.dn->bv_len - (rdn - cp.dn->bv_val);
376 if ( len > out_max )
377 len = out_max;
378 memcpy(out, rdn, len);
379 out[len] = '\0';
380 *out_ulen = len;
381 ret = SASL_OK;
382 ber_bvfree(cp.dn);
383 goto done;
384 }
385
386 /* Have to read the user's entry */
387 attrs[0] = ctx->canon.bv_val;
388 attrs[1] = NULL;
389 ret = ldap_search_ext_s(cp.ld, cp.dn->bv_val+3, LDAP_SCOPE_BASE,
390 "(objectclass=*)", attrs, 0, cp.ctrl, NULL, NULL, 1, &res);
391 ber_bvfree(cp.dn);
392
393 if (ret != LDAP_SUCCESS) goto done;
394
395 for(msg=ldap_first_message(cp.ld, res); msg; msg=ldap_next_message(cp.ld, msg))
396 {
397 if (ldap_msgtype(msg) != LDAP_RES_SEARCH_ENTRY) continue;
398 bvals = ldap_get_values_len(cp.ld, msg, attrs[0]);
399 if (!bvals) continue;
400 len = bvals[0]->bv_len;
401 if ( len > out_max )
402 len = out_max;
403 memcpy(out, bvals[0]->bv_val, len);
404 *out_ulen = len;
405 ber_bvecfree(bvals);
406 }
407 ldap_msgfree(res);
408
409 done:
410 if(cp.ld) ldap_unbind_ext(cp.ld, NULL, NULL);
411 if (ret) {
412 sparams->utils->seterror(sparams->utils->conn, 0,
413 ldap_err2string(ret));
414 if (ret == LDAP_NO_MEMORY) ret = SASL_NOMEM;
415 else ret = SASL_FAIL;
416 }
417 return ret;
418 }
419
420 static int
421 ldapdb_canon_client(void *glob_context,
422 sasl_client_params_t *cparams,
423 const char *user,
424 unsigned ulen,
425 unsigned flags,
426 char *out,
427 unsigned out_max,
428 unsigned *out_ulen)
429 {
430 if(!cparams || !user) return SASL_BADPARAM;
431
432 /* Trim whitespace */
433 while(isspace(*(unsigned char *)user)) {
434 user++;
435 ulen--;
436 }
437 while(isspace((unsigned char)user[ulen-1])) {
438 ulen--;
439 }
440
441 if (!ulen) {
442 cparams->utils->seterror(cparams->utils->conn, 0,
443 "All-whitespace username.");
444 return SASL_FAIL;
445 }
446 memcpy(out, user, ulen);
447 out[ulen] = '\0';
448 *out_ulen = ulen;
449 return SASL_OK;
450 }
451
452 static int
453 ldapdb_config(const sasl_utils_t *utils)
454 {
455 ldapctx *p = &ldapdb_ctx;
282456 const char *s;
283457 unsigned len;
284458
285 if(!out_version || !plug) return SASL_BADPARAM;
286
287 if(max_version < SASL_AUXPROP_PLUG_VERSION) return SASL_BADVERS;
288
289 memset(&tmp, 0, sizeof(tmp));
290
291 utils->getopt(utils->getopt_context, ldapdb, "ldapdb_uri", &tmp.uri, NULL);
292 if(!tmp.uri) return SASL_BADPARAM;
459 if(p->inited) return SASL_OK;
460
461 utils->getopt(utils->getopt_context, ldapdb, "ldapdb_uri", &p->uri, NULL);
462 if(!p->uri) return SASL_BADPARAM;
293463
294464 utils->getopt(utils->getopt_context, ldapdb, "ldapdb_id",
295 (const char **)&tmp.id.bv_val, &len);
296 tmp.id.bv_len = len;
465 (const char **)&p->id.bv_val, &len);
466 p->id.bv_len = len;
297467 utils->getopt(utils->getopt_context, ldapdb, "ldapdb_pw",
298 (const char **)&tmp.pw.bv_val, &len);
299 tmp.pw.bv_len = len;
468 (const char **)&p->pw.bv_val, &len);
469 p->pw.bv_len = len;
300470 utils->getopt(utils->getopt_context, ldapdb, "ldapdb_mech",
301 (const char **)&tmp.mech.bv_val, &len);
302 tmp.mech.bv_len = len;
471 (const char **)&p->mech.bv_val, &len);
472 p->mech.bv_len = len;
303473 utils->getopt(utils->getopt_context, ldapdb, "ldapdb_starttls", &s, NULL);
304474 if (s)
305475 {
306 if (!strcasecmp(s, "demand")) tmp.use_tls = 2;
307 else if (!strcasecmp(s, "try")) tmp.use_tls = 1;
476 if (!strcasecmp(s, "demand")) p->use_tls = 2;
477 else if (!strcasecmp(s, "try")) p->use_tls = 1;
308478 }
309479 utils->getopt(utils->getopt_context, ldapdb, "ldapdb_rc", &s, &len);
310480 if (s)
319489 return SASL_NOMEM;
320490 }
321491 }
322
323 p = utils->malloc(sizeof(ldapctx));
324 if (!p) return SASL_NOMEM;
325 *p = tmp;
326 ldapdb_auxprop_plugin.glob_context = p;
492 utils->getopt(utils->getopt_context, ldapdb, "ldapdb_canon_attr",
493 (const char **)&p->canon.bv_val, &len);
494 p->canon.bv_len = len;
495 p->inited = 1;
496
497 return SASL_OK;
498 }
499
500 static sasl_auxprop_plug_t ldapdb_auxprop_plugin = {
501 0, /* Features */
502 0, /* spare */
503 &ldapdb_ctx, /* glob_context */
504 NULL, /* auxprop_free */
505 ldapdb_auxprop_lookup, /* auxprop_lookup */
506 ldapdb, /* name */
507 ldapdb_auxprop_store /* auxprop store */
508 };
509
510 int ldapdb_auxprop_plug_init(const sasl_utils_t *utils,
511 int max_version,
512 int *out_version,
513 sasl_auxprop_plug_t **plug,
514 const char *plugname __attribute__((unused)))
515 {
516 int rc;
517
518 if(!out_version || !plug) return SASL_BADPARAM;
519
520 if(max_version < SASL_AUXPROP_PLUG_VERSION) return SASL_BADVERS;
521
522 rc = ldapdb_config(utils);
327523
328524 *out_version = SASL_AUXPROP_PLUG_VERSION;
329525
330526 *plug = &ldapdb_auxprop_plugin;
331527
332 return SASL_OK;
333 }
528 return rc;
529 }
530
531 static sasl_canonuser_plug_t ldapdb_canonuser_plugin = {
532 0, /* features */
533 0, /* spare */
534 &ldapdb_ctx, /* glob_context */
535 ldapdb, /* name */
536 NULL, /* canon_user_free */
537 ldapdb_canon_server, /* canon_user_server */
538 ldapdb_canon_client, /* canon_user_client */
539 NULL,
540 NULL,
541 NULL
542 };
543
544 int ldapdb_canonuser_plug_init(const sasl_utils_t *utils,
545 int max_version,
546 int *out_version,
547 sasl_canonuser_plug_t **plug,
548 const char *plugname __attribute__((unused)))
549 {
550 int rc;
551
552 if(!out_version || !plug) return SASL_BADPARAM;
553
554 if(max_version < SASL_CANONUSER_PLUG_VERSION) return SASL_BADVERS;
555
556 rc = ldapdb_config(utils);
557
558 *out_version = SASL_CANONUSER_PLUG_VERSION;
559
560 *plug = &ldapdb_canonuser_plugin;
561
562 return rc;
563 }
3535
3636 SASL_AUXPROP_PLUG_INIT( ldapdb )
3737
38 SASL_CANONUSER_PLUG_INIT( ldap )
11 * Rob Siemborski (SASLv2 Conversion)
22 * contributed by Rainer Schoepf <schoepf@uni-mainz.de>
33 * based on PLAIN, by Tim Martin <tmartin@andrew.cmu.edu>
4 * $Id: login.c,v 1.27 2004/09/08 11:09:10 mel Exp $
4 * $Id: login.c,v 1.30 2008/10/30 14:19:46 mel Exp $
55 */
66 /*
77 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
5353
5454 /***************************** Common Section *****************************/
5555
56 static const char plugin_id[] = "$Id: login.c,v 1.27 2004/09/08 11:09:10 mel Exp $";
56 static const char plugin_id[] = "$Id: login.c,v 1.30 2008/10/30 14:19:46 mel Exp $";
5757
5858 /***************************** Server Section *****************************/
5959
168168 return SASL_NOMEM;
169169 }
170170
171 strncpy(password->data, clientin, clientinlen);
171 strncpy((char *) password->data, clientin, clientinlen);
172172 password->data[clientinlen] = '\0';
173173 password->len = clientinlen;
174174
182182 /* verify_password - return sasl_ok on success */
183183 result = params->utils->checkpass(params->utils->conn,
184184 oparams->authid, oparams->alen,
185 password->data, password->len);
185 (char *) password->data, password->len);
186186
187187 if (result != SASL_OK) {
188188 _plug_free_secret(params->utils, &password);
233233 {
234234 "LOGIN", /* mech_name */
235235 0, /* max_ssf */
236 SASL_SEC_NOANONYMOUS, /* security_flags */
236 SASL_SEC_NOANONYMOUS
237 | SASL_SEC_PASS_CREDENTIALS, /* security_flags */
237238 0, /* features */
238239 NULL, /* glob_context */
239240 &login_server_mech_new, /* mech_new */
314315 switch (text->state) {
315316
316317 case 1: {
317 const char *user;
318 const char *user = NULL;
318319 int auth_result = SASL_OK;
319320 int pass_result = SASL_OK;
320321 int result;
413414 }
414415
415416 if (clientoutlen) *clientoutlen = text->password->len;
416 *clientout = text->password->data;
417 *clientout = (char *) text->password->data;
417418
418419 /* set oparams */
419420 oparams->doneflag = 1;
454455 {
455456 "LOGIN", /* mech_name */
456457 0, /* max_ssf */
457 SASL_SEC_NOANONYMOUS, /* security_flags */
458 SASL_SEC_NOANONYMOUS
459 | SASL_SEC_PASS_CREDENTIALS, /* security_flags */
458460 SASL_FEAT_SERVER_FIRST, /* features */
459461 NULL, /* required_prompts */
460462 NULL, /* glob_context */
0 # mechanism plugins
01 for mech in anonymous crammd5 digestmd5 gssapiv2 kerberos4 login ntlm otp passdss plain srp; do
12
23 echo "
4445 " > ${mech}_init.c
4546 done
4647
47 for mech in sasldb sql ldapdb; do
48 # auxprop plugins
49 for auxprop in sasldb sql ldapdb; do
4850
4951 echo "
5052 #include <config.h>
8284 }
8385 #endif
8486
85 SASL_AUXPROP_PLUG_INIT( $mech )
86 " > ${mech}_init.c
87 SASL_AUXPROP_PLUG_INIT( $auxprop )
88 " > ${auxprop}_init.c
8789 done
8890
91 # ldapdb is also a canon_user plugin
92 echo "SASL_CANONUSER_PLUG_INIT( ldap )" >> ldapdb_init.c
00 /* NTLM SASL plugin
11 * Ken Murchison
2 * $Id: ntlm.c,v 1.30 2005/07/07 16:10:14 mel Exp $
2 * $Id: ntlm.c,v 1.33 2008/10/30 14:19:46 mel Exp $
33 *
44 * References:
55 * http://www.innovation.ch/java/ntlm.html
9999
100100 /***************************** Common Section *****************************/
101101
102 static const char plugin_id[] = "$Id: ntlm.c,v 1.30 2005/07/07 16:10:14 mel Exp $";
102 static const char plugin_id[] = "$Id: ntlm.c,v 1.33 2008/10/30 14:19:46 mel Exp $";
103103
104104 #ifdef WIN32
105105 static ssize_t writev (SOCKET fd, const struct iovec *iov, size_t iovcnt);
426426 HMAC_CTX ctx;
427427 unsigned char hash[EVP_MAX_MD_SIZE];
428428 char *upper;
429 int len;
429 unsigned int len;
430430
431431 /* Allocate enough space for the unicode target */
432 len = (int) (strlen(authid) + xstrlen(target));
432 len = (unsigned int) (strlen(authid) + xstrlen(target));
433433 if (_plug_buf_alloc(utils, buf, buflen, 2 * len + 1) != SASL_OK) {
434434 SETERROR(utils, "cannot allocate NTLMv2 hash");
435435 *result = SASL_NOMEM;
696696
697697 if (!iovcnt) return written;
698698
699 n = writev(fd, iov, iovcnt > iov_max ? iov_max : iovcnt);
699 n = (int) writev(fd, iov, iovcnt > iov_max ? iov_max : iovcnt);
700700 if (n == -1) {
701701 #ifndef WIN32
702702 if (errno == EINVAL && iov_max > 10) {
13351335 return SASL_FAIL;
13361336 }
13371337
1338 *outlen = offset + 2 * xstrlen(target);
1338 *outlen = offset + 2 * (unsigned) xstrlen(target);
13391339
13401340 if (_plug_buf_alloc(utils, buf, buflen, *outlen) != SASL_OK) {
13411341 SETERROR(utils, "cannot allocate NTLM challenge");
13691369 sparams->utils->getopt(sparams->utils->getopt_context,
13701370 "NTLM", "ntlm_server", &serv, &len);
13711371 if (serv) {
1372 /* try to start a NetBIOS session with the server */
1373 sock = smb_connect_server(sparams->utils, sparams->serverFQDN, serv);
1372 unsigned int i,j;
1373 char *tmp, *next;
1374
1375 /* strip any whitespace */
1376 if(_plug_strdup(sparams->utils, serv, &tmp, NULL) != SASL_OK) {
1377 MEMERROR( sparams->utils );
1378 return SASL_NOMEM;
1379 }
1380 for(i=0, j=0; i<len; i++) {
1381 if(!isspace(tmp[i])) tmp[j++] = tmp[i];
1382 }
1383 tmp[j] = '\0';
1384 next = tmp;
1385
1386 /* try to connect to a list of servers */
1387 do {
1388 serv = next;
1389 next = strchr(serv, ',');
1390 if(next) *(next++) = '\0';
1391 /* try to start a NetBIOS session with the server */
1392 sock = smb_connect_server(sparams->utils, sparams->serverFQDN, serv);
1393 } while(sock == (SOCKET) -1 && next);
1394
1395 sparams->utils->free(tmp);
13741396 if (sock == (SOCKET) -1) return SASL_UNAVAIL;
13751397 }
13761398
15711593 sparams->utils->log(NULL, SASL_LOG_DEBUG,
15721594 "calculating NTv2 response");
15731595 V2(resp, password, authid, domain, text->nonce,
1574 lm_resp + MD5_DIGEST_LENGTH, nt_resp_len - MD5_DIGEST_LENGTH,
1596 nt_resp + MD5_DIGEST_LENGTH, nt_resp_len - MD5_DIGEST_LENGTH,
15751597 sparams->utils, &text->out_buf, &text->out_buf_len,
15761598 &result);
15771599
17711793 uint32 offset = NTLM_TYPE1_DATA_OFFSET;
17721794 u_char *base;
17731795
1774 *outlen = offset + xstrlen(domain) + xstrlen(wkstn);
1796 *outlen = (unsigned) (offset + xstrlen(domain) + xstrlen(wkstn));
17751797 if (_plug_buf_alloc(utils, buf, buflen, *outlen) != SASL_OK) {
17761798 SETERROR(utils, "cannot allocate NTLM request");
17771799 return SASL_NOMEM;
18191841 return SASL_FAIL;
18201842 }
18211843
1822 *outlen = offset + (flags & NTLM_USE_UNICODE ? 2 : 1) *
1823 (xstrlen(domain) + xstrlen(user) + xstrlen(wkstn));
1844 *outlen = (unsigned) (offset + (flags & NTLM_USE_UNICODE ? 2 : 1) *
1845 (xstrlen(domain) + xstrlen(user) + xstrlen(wkstn)));
18241846 if (lm_resp) *outlen += NTLM_RESP_LENGTH;
18251847 if (nt_resp) *outlen += NTLM_RESP_LENGTH;
18261848 if (key) *outlen += NTLM_SESSKEY_LENGTH;
00 /* OTP SASL plugin
11 * Ken Murchison
2 * $Id: otp.c,v 1.36 2004/06/23 18:43:37 rjs3 Exp $
2 * $Id: otp.c,v 1.41 2009/02/14 12:45:29 mel Exp $
33 */
44 /*
5 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
5 * Copyright (c) 1998-2009 Carnegie Mellon University. All rights reserved.
66 *
77 * Redistribution and use in source and binary forms, with or without
88 * modification, are permitted provided that the following conditions
6767
6868 /***************************** Common Section *****************************/
6969
70 static const char plugin_id[] = "$Id: otp.c,v 1.36 2004/06/23 18:43:37 rjs3 Exp $";
70 static const char plugin_id[] = "$Id: otp.c,v 1.41 2009/02/14 12:45:29 mel Exp $";
7171
7272 #define OTP_SEQUENCE_MAX 9999
7373 #define OTP_SEQUENCE_DEFAULT 499
114114 * Hash the data using the given algorithm and fold it into 64 bits,
115115 * swabbing bytes if necessary.
116116 */
117 static void otp_hash(const EVP_MD *md, char *in, int inlen,
117 static void otp_hash(const EVP_MD *md, char *in, size_t inlen,
118118 unsigned char *out, int swab)
119119 {
120120 EVP_MD_CTX mdctx;
121121 char hash[EVP_MAX_MD_SIZE];
122 int i, j, hashlen;
122 unsigned int i;
123 int j;
124 unsigned hashlen;
123125
124126 EVP_DigestInit(&mdctx, md);
125127 EVP_DigestUpdate(&mdctx, in, inlen);
189191 if (!is_init) {
190192 /* check the prefix */
191193 if (!*c || strncmp(c, "otp-", 4)) {
192 SETERROR(utils, "not a OTP challenge");
194 SETERROR(utils, "not an OTP challenge");
193195 return SASL_BADPROT;
194196 }
195197
402404 result = _plug_buf_alloc(params->utils, &(text->out_buf),
403405 &(text->out_buf_len), OTP_CHALLENGE_MAX+1);
404406 if (result != SASL_OK) return result;
405
407
406408 /* create challenge - return sasl_continue on success */
407409 result = opiechallenge(&text->opie, text->authid, text->out_buf);
408410
531533 | SASL_SEC_NOANONYMOUS
532534 | SASL_SEC_FORWARD_SECRECY,
533535 SASL_FEAT_WANT_CLIENT_FIRST
536 | SASL_FEAT_DONTUSE_USERPASSWD
534537 | SASL_FEAT_ALLOWS_PROXY,
535538 NULL,
536539 &otp_server_mech_new,
582585 const char *alg, unsigned seq, char *seed, char *otp,
583586 time_t timeout, sasl_secret_t **secret)
584587 {
585 unsigned sec_len;
588 size_t sec_len;
586589 unsigned char *data;
587590 char buf[2*OTP_HASH_SIZE+1];
588591
600603 return SASL_NOMEM;
601604 }
602605
603 (*secret)->len = sec_len;
606 (*secret)->len = (unsigned) sec_len;
604607 data = (*secret)->data;
605608
606609 bin2hex(otp, OTP_HASH_SIZE, buf);
690693 char *c, *word, buf[OTP_RESPONSE_MAX+1];
691694 void *base;
692695 int nmemb;
693 long x = 0;
696 unsigned long x = 0;
694697 unsigned char bits[OTP_HASH_SIZE+1]; /* 1 for checksum */
695698 unsigned char chksum;
696699 int bit, fbyte, lbyte;
728731 sizeof(const char*),
729732 strptrcasecmp);
730733 if (str_ptr) {
731 x = str_ptr - otp_std_dict;
734 x = (unsigned long) (str_ptr - otp_std_dict);
732735 }
733736 else if (i == 0) {
734737 /* couldn't find first word, try alternate dictionary */
990993 if (result < 0 ||
991994 (!auxprop_values[0].name || !auxprop_values[0].values)) {
992995 /* We didn't find this username */
993 params->utils->seterror(params->utils->conn,0,
994 "no OTP secret in database");
996 SETERROR(params->utils, "no OTP secret in database");
995997 result = params->transition ? SASL_TRANS : SASL_NOUSER;
996998 return (result);
997999 }
10051007
10061008 if (result != SASL_OK) return result;
10071009 } else {
1008 params->utils->seterror(params->utils->conn, 0,
1009 "don't have a OTP secret");
1010 SETERROR(params->utils, "don't have an OTP secret");
10101011 return SASL_FAIL;
10111012 }
10121013
10891090 text->alg->name, text->seq-1, text->seed);
10901091
10911092 *serverout = text->out_buf;
1092 *serveroutlen = strlen(text->out_buf);
1093 *serveroutlen = (unsigned) strlen(text->out_buf);
10931094
10941095 text->state = 2;
10951096
11541155 params->utils->prop_dispose(&propctx);
11551156
11561157 if (result) {
1157 params->utils->seterror(params->utils->conn, 0,
1158 "Error putting OTP secret");
1158 SETERROR(params->utils, "Error putting OTP secret");
11591159 }
11601160
11611161 text->locked = 0;
12851285 return SASL_NOMECH;
12861286 }
12871287
1288 r = _plug_parseuser(sparams->utils, &user_only, &realm, sparams->user_realm,
1289 sparams->serverFQDN, userstr);
1288 r = _plug_parseuser(sparams->utils,
1289 &user_only,
1290 &realm,
1291 sparams->user_realm,
1292 sparams->serverFQDN,
1293 userstr);
12901294 if (r) {
1291 sparams->utils->seterror(sparams->utils->conn, 0,
1292 "OTP: Error parsing user");
1295 SETERROR(sparams->utils, "OTP: Error parsing user");
12931296 return r;
12941297 }
12951298
13631366 sparams->utils->prop_dispose(&propctx);
13641367
13651368 if (r) {
1366 sparams->utils->seterror(sparams->utils->conn, 0,
1367 "Error putting OTP secret");
1369 SETERROR(sparams->utils, "Error putting OTP secret");
13681370 goto cleanup;
13691371 }
13701372
13871389 /* Do we have a backend that can store properties? */
13881390 if (!sparams->utils->auxprop_store ||
13891391 sparams->utils->auxprop_store(NULL, NULL, NULL) != SASL_OK) {
1390 SETERROR(sparams->utils, "OTP: auxprop backend can't store properties");
1392 sparams->utils->log(NULL,
1393 SASL_LOG_DEBUG,
1394 "OTP: auxprop backend can't store properties");
13911395 return SASL_NOMECH;
13921396 }
13931397
14511455
14521456 char *out_buf;
14531457 unsigned out_buf_len;
1458
1459 char challenge[OTP_CHALLENGE_MAX+1];
14541460 } client_context_t;
14551461
14561462 static int otp_client_mech_new(void *glob_context __attribute__((unused)),
15951601 sasl_out_params_t *oparams)
15961602 {
15971603 int echo_result = SASL_OK;
1598 char challenge[OTP_CHALLENGE_MAX+1];
15991604 int result;
16001605
16011606 if (serverinlen > OTP_CHALLENGE_MAX) {
16041609 }
16051610
16061611 /* we can't assume that challenge is null-terminated */
1607 strncpy(challenge, serverin, serverinlen);
1608 challenge[serverinlen] = '\0';
1609
1610 /* try to get the one-time password if we don't ave the secret */
1612 strncpy(text->challenge, serverin, serverinlen);
1613 text->challenge[serverinlen] = '\0';
1614
1615 /* try to get the one-time password if we don't have the secret */
16111616 if ((text->password == NULL) && (text->otpassword == NULL)) {
1612 echo_result = _plug_challenge_prompt(params->utils, SASL_CB_ECHOPROMPT,
1613 challenge,
1617 echo_result = _plug_challenge_prompt(params->utils,
1618 SASL_CB_ECHOPROMPT,
1619 text->challenge,
16141620 "Please enter your one-time password",
1615 &text->otpassword, prompt_need);
1621 &text->otpassword,
1622 prompt_need);
16161623
16171624 if ((echo_result != SASL_OK) && (echo_result != SASL_INTERACT))
16181625 return echo_result;
16281635 if (echo_result == SASL_INTERACT) {
16291636 /* make the prompt list */
16301637 result =
1631 _plug_make_prompts(params->utils, prompt_need,
1632 NULL, NULL,
1633 NULL, NULL,
1634 NULL, NULL,
1635 challenge, echo_result == SASL_INTERACT ?
1636 "Please enter your one-time password" : NULL,
1638 _plug_make_prompts(params->utils,
1639 prompt_need,
16371640 NULL,
1638 NULL, NULL, NULL);
1641 NULL,
1642 NULL,
1643 NULL,
1644 NULL,
1645 NULL,
1646 text->challenge,
1647 "Please enter your one-time password",
1648 NULL,
1649 NULL,
1650 NULL,
1651 NULL);
16391652 if (result != SASL_OK) return result;
16401653
16411654 return SASL_INTERACT;
16441657 /* the application provided us with a one-time password so use it */
16451658 if (text->otpassword) {
16461659 *clientout = text->otpassword;
1647 *clientoutlen = strlen(text->otpassword);
1648 }
1649
1660 *clientoutlen = (unsigned) strlen(text->otpassword);
1661 }
16501662 /* generate our own response using the user's secret pass-phrase */
16511663 else {
16521664 algorithm_option_t *alg;
16571669
16581670 /* parse challenge */
16591671 result = parse_challenge(params->utils,
1660 challenge, &alg, &seq, seed, 0);
1672 text->challenge,
1673 &alg,
1674 &seq,
1675 seed,
1676 0);
16611677 if (result != SASL_OK) return result;
16621678
16631679 if (!text->password) {
17201736 }
17211737
17221738 *clientout = text->out_buf;
1723 *clientoutlen = strlen(text->out_buf);
1739 *clientoutlen = (unsigned) strlen(text->out_buf);
17241740 }
17251741
17261742 /* set oparams */
00 /* PASSDSS-3DES-1 SASL plugin
11 * Ken Murchison
2 * $Id: passdss.c,v 1.4 2006/04/24 19:21:44 mel Exp $
2 * $Id: passdss.c,v 1.5 2008/10/29 17:59:41 murch Exp $
33 */
44 /*
55 * Copyright (c) 1998-2004 Carnegie Mellon University. All rights reserved.
8282
8383 /***************************** Common Section *****************************/
8484
85 static const char plugin_id[] = "$Id: passdss.c,v 1.4 2006/04/24 19:21:44 mel Exp $";
85 static const char plugin_id[] = "$Id: passdss.c,v 1.5 2008/10/29 17:59:41 murch Exp $";
8686
8787 const char g[] = "2";
8888 const char N[] = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF";
11691169 | SASL_SEC_NOACTIVE
11701170 | SASL_SEC_NODICTIONARY
11711171 | SASL_SEC_FORWARD_SECRECY
1172 | SASL_SEC_PASS_CREDENTIALS
11721173 | SASL_SEC_MUTUAL_AUTH, /* security_flags */
11731174 SASL_FEAT_WANT_CLIENT_FIRST
11741175 | SASL_FEAT_ALLOWS_PROXY, /* features */
16451646 | SASL_SEC_NOACTIVE
16461647 | SASL_SEC_NODICTIONARY
16471648 | SASL_SEC_FORWARD_SECRECY
1649 | SASL_SEC_PASS_CREDENTIALS
16481650 | SASL_SEC_MUTUAL_AUTH, /* security_flags */
16491651 SASL_FEAT_WANT_CLIENT_FIRST
16501652 | SASL_FEAT_ALLOWS_PROXY, /* features */
00 /* Plain SASL plugin
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: plain.c,v 1.64 2004/09/08 11:06:11 mel Exp $
3 * $Id: plain.c,v 1.67 2009/06/10 16:05:19 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
5656
5757 /***************************** Common Section *****************************/
5858
59 static const char plugin_id[] = "$Id: plain.c,v 1.64 2004/09/08 11:06:11 mel Exp $";
59 static const char plugin_id[] = "$Id: plain.c,v 1.67 2009/06/10 16:05:19 mel Exp $";
6060
6161 /***************************** Server Section *****************************/
6262
8989 const char *authen;
9090 const char *password;
9191 unsigned password_len;
92 unsigned lup=0;
92 unsigned lup = 0;
9393 int result;
9494 char *passcopy;
95
95 unsigned canon_flags = 0;
96
9697 *serverout = NULL;
9798 *serveroutlen = 0;
9899
145146
146147 /* Canonicalize userid first, so that password verification is only
147148 * against the canonical id */
148 if (!author || !*author)
149 if (!author || !*author) {
149150 author = authen;
150
151 canon_flags = SASL_CU_AUTHZID;
152 } else if (strcmp(author, authen) == 0) {
153 /* While this isn't going to find out that <user> and <user>@<defaultdomain>
154 are the same thing, this is good enough for many cases */
155 canon_flags = SASL_CU_AUTHZID;
156 }
157
151158 result = params->canon_user(params->utils->conn,
152 authen, 0, SASL_CU_AUTHID, oparams);
159 authen,
160 0,
161 SASL_CU_AUTHID | canon_flags,
162 oparams);
153163 if (result != SASL_OK) {
154164 _plug_free_string(params->utils, &passcopy);
155165 return result;
156166 }
157
158 /* verify password - return sasl_ok on success*/
167
168 /* verify password (and possibly fetch both authentication and
169 authorization identity related properties) - return SASL_OK
170 on success */
159171 result = params->utils->checkpass(params->utils->conn,
160 oparams->authid, oparams->alen,
161 passcopy, password_len);
172 oparams->authid,
173 oparams->alen,
174 passcopy,
175 password_len);
162176
163177 _plug_free_string(params->utils, &passcopy);
164178
171185 /* Canonicalize and store the authorization ID */
172186 /* We need to do this after calling verify_user just in case verify_user
173187 * needed to get auxprops itself */
174 result = params->canon_user(params->utils->conn,
175 author, 0, SASL_CU_AUTHZID, oparams);
176 if (result != SASL_OK) return result;
177
188 if (canon_flags == 0) {
189 const struct propval *pr;
190 int i;
191
192 pr = params->utils->prop_get(params->propctx);
193 if (!pr) {
194 return SASL_FAIL;
195 }
196
197 /* params->utils->checkpass() might have fetched authorization identity related properties
198 for the wrong user name. Free these values. */
199 for (i = 0; pr[i].name; i++) {
200 if (pr[i].name[0] == '*') {
201 continue;
202 }
203
204 if (pr[i].values) {
205 params->utils->prop_erase(params->propctx, pr[i].name);
206 }
207 }
208
209 result = params->canon_user(params->utils->conn,
210 author,
211 0,
212 SASL_CU_AUTHZID,
213 oparams);
214 if (result != SASL_OK) {
215 return result;
216 }
217 }
218
178219 /* set oparams */
179220 oparams->doneflag = 1;
180221 oparams->mech_ssf = 0;
193234 {
194235 "PLAIN", /* mech_name */
195236 0, /* max_ssf */
196 SASL_SEC_NOANONYMOUS, /* security_flags */
237 SASL_SEC_NOANONYMOUS
238 | SASL_SEC_PASS_CREDENTIALS, /* security_flags */
197239 SASL_FEAT_WANT_CLIENT_FIRST
198240 | SASL_FEAT_ALLOWS_PROXY, /* features */
199241 NULL, /* glob_context */
413455 {
414456 "PLAIN", /* mech_name */
415457 0, /* max_ssf */
416 SASL_SEC_NOANONYMOUS, /* security_flags */
458 SASL_SEC_NOANONYMOUS
459 | SASL_SEC_PASS_CREDENTIALS, /* security_flags */
417460 SASL_FEAT_WANT_CLIENT_FIRST
418461 | SASL_FEAT_ALLOWS_PROXY, /* features */
419462 NULL, /* required_prompts */
00 /* Generic SASL plugin utility functions
11 * Rob Siemborski
2 * $Id: plugin_common.c,v 1.20 2004/06/23 18:43:37 rjs3 Exp $
2 * $Id: plugin_common.c,v 1.21 2008/10/29 13:10:38 mel Exp $
33 */
44 /*
55 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
289289 {
290290 if(!utils || !secret || !(*secret)) return;
291291
292 utils->erasebuffer((*secret)->data, (*secret)->len);
292 utils->erasebuffer((char *)(*secret)->data, (*secret)->len);
293293 utils->free(*secret);
294294 *secret = NULL;
295295 }
00 /* SASL server API implementation
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: sasldb.c,v 1.11 2006/04/03 10:58:19 mel Exp $
3 * $Id: sasldb.c,v 1.17 2009/03/10 14:37:03 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
5555
5656 #include "plugin_common.h"
5757
58 static void sasldb_auxprop_lookup(void *glob_context __attribute__((unused)),
58 static int sasldb_auxprop_lookup(void *glob_context __attribute__((unused)),
5959 sasl_server_params_t *sparams,
6060 unsigned flags,
6161 const char *user,
6969 char value[8192];
7070 size_t value_len;
7171 char *user_buf;
72
73 if(!sparams || !user) return;
72 int verify_against_hashed_password;
73 int saw_user_password = 0;
74
75 if (!sparams || !user) return SASL_BADPARAM;
7476
7577 user_buf = sparams->utils->malloc(ulen + 1);
7678 if(!user_buf) {
79 ret = SASL_NOMEM;
7780 goto done;
7881 }
7982
9194 if(ret != SASL_OK) goto done;
9295
9396 to_fetch = sparams->utils->prop_get(sparams->propctx);
94 if(!to_fetch) goto done;
95
97 if (!to_fetch) {
98 ret = SASL_NOMEM;
99 goto done;
100 }
101
102 verify_against_hashed_password = flags & SASL_AUXPROP_VERIFY_AGAINST_HASH;
103
104 /* Use a fake value to signal that we have no property to lookup */
105 ret = SASL_CONTINUE;
96106 for(cur = to_fetch; cur->name; cur++) {
107 int cur_ret;
97108 const char *realname = cur->name;
98109
99110 /* Only look up properties that apply to this lookup! */
104115 }
105116
106117 /* If it's there already, we want to see if it needs to be
107 * overridden */
108 if(cur->values && !(flags & SASL_AUXPROP_OVERRIDE))
118 * overridden. userPassword is a special case, because it's value
119 is always present if SASL_AUXPROP_VERIFY_AGAINST_HASH is specified.
120 When SASL_AUXPROP_VERIFY_AGAINST_HASH is set, we just clear userPassword. */
121 if (cur->values && !(flags & SASL_AUXPROP_OVERRIDE) &&
122 (verify_against_hashed_password == 0 ||
123 strcasecmp(realname, SASL_AUX_PASSWORD_PROP) != 0)) {
109124 continue;
110 else if(cur->values)
125 } else if (cur->values) {
111126 sparams->utils->prop_erase(sparams->propctx, cur->name);
112
113 ret = _sasldb_getdata(sparams->utils,
127 }
128
129 if (strcasecmp(realname, SASL_AUX_PASSWORD_PROP) == 0) {
130 saw_user_password = 1;
131 }
132
133 cur_ret = _sasldb_getdata(sparams->utils,
114134 sparams->utils->conn, userid, realm,
115135 realname, value, sizeof(value), &value_len);
116 if(ret != SASL_OK) {
136
137 /* Assumption: cur_ret is never SASL_CONTINUE */
138
139 /* If this is the first property we've tried to fetch ==>
140 always set the global error code.
141 If we had SASL_NOUSER ==> any other error code overrides it
142 (including SASL_NOUSER). */
143 if (ret == SASL_CONTINUE || ret == SASL_NOUSER) {
144 ret = cur_ret;
145 } else if (ret == SASL_OK) {
146 /* Any error code other than SASL_NOUSER overrides SASL_OK.
147 (And SASL_OK overrides SASL_OK as well) */
148 if (cur_ret != SASL_NOUSER) {
149 ret = cur_ret;
150 }
151 }
152 /* Any other global error code is left as is */
153
154 if (cur_ret != SASL_OK) {
155 if (cur_ret != SASL_NOUSER) {
156 /* No point in continuing if we hit any serious error */
157 break;
158 }
117159 /* We didn't find it, leave it as not found */
118160 continue;
119161 }
120162
121163 sparams->utils->prop_set(sparams->propctx, cur->name,
122164 value, (unsigned) value_len);
165 }
166
167 /* [Keep in sync with LDAPDB, SQL]
168 If ret is SASL_CONTINUE, it means that no properties were requested
169 (or maybe some were requested, but they already have values and
170 SASL_AUXPROP_OVERRIDE flag is not set).
171 Always return SASL_OK in this case. */
172 if (ret == SASL_CONTINUE) {
173 ret = SASL_OK;
174 }
175
176 if (flags & SASL_AUXPROP_AUTHZID) {
177 /* This is a lie, but the caller can't handle
178 when we return SASL_NOUSER for authorization identity lookup. */
179 if (ret == SASL_NOUSER) {
180 ret = SASL_OK;
181 }
182 } else {
183 if (ret == SASL_NOUSER && saw_user_password == 0) {
184 /* Verify user existence by checking presence of
185 the userPassword attribute */
186 ret = _sasldb_getdata(sparams->utils,
187 sparams->utils->conn,
188 userid,
189 realm,
190 SASL_AUX_PASSWORD_PROP,
191 value,
192 sizeof(value),
193 &value_len);
194 }
123195 }
124196
125197 done:
126198 if (userid) sparams->utils->free(userid);
127199 if (realm) sparams->utils->free(realm);
128200 if (user_buf) sparams->utils->free(user_buf);
201
202 return ret;
129203 }
130204
131205 static int sasldb_auxprop_store(void *glob_context __attribute__((unused)),
138212 char *realm = NULL;
139213 const char *user_realm = NULL;
140214 int ret = SASL_FAIL;
141 int tmp_res;
142215 const struct propval *to_store, *cur;
143216 char *user_buf;
144217
172245 goto done;
173246 }
174247
175 /* All iterations return SASL_NOUSER ==> ret = SASL_NOUSER
176 Some iterations return SASL_OK and some SASL_NOUSER ==> ret = SASL_OK
177 At least one iteration returns any other error ==> ret = the error */
178 ret = SASL_NOUSER;
179 for(cur = to_store; cur->name; cur++) {
180 /* We only support one value at a time right now. */
181 tmp_res = _sasldb_putdata(sparams->utils, sparams->utils->conn,
182 userid, realm, cur->name,
183 cur->values && cur->values[0] ?
184 cur->values[0] : NULL,
185 cur->values && cur->values[0] ?
186 strlen(cur->values[0]) : 0);
187 /* SASL_NOUSER is returned when _sasldb_putdata fails to delete
188 a non-existent entry, which should not be treated as an error */
189 if ((tmp_res != SASL_NOUSER) &&
190 (ret == SASL_NOUSER || ret == SASL_OK)) {
191 ret = tmp_res;
192 }
193
194 /* Abort the loop if an error has occurred */
195 if (ret != SASL_NOUSER && ret != SASL_OK) {
196 break;
197 }
248 ret = SASL_OK;
249 for (cur = to_store; cur->name; cur++) {
250 char * value = (cur->values && cur->values[0]) ? cur->values[0] : NULL;
251
252 if (cur->name[0] == '*') {
253 continue;
254 }
255
256 /* WARN: We only support one value right now. */
257 ret = _sasldb_putdata(sparams->utils,
258 sparams->utils->conn,
259 userid,
260 realm,
261 cur->name,
262 value,
263 value ? strlen(value) : 0);
264
265 if (value == NULL && ret == SASL_NOUSER) {
266 /* Deleting something which is not there is not an error */
267 ret = SASL_OK;
268 }
269
270 if (ret != SASL_OK) {
271 /* We've already failed, no point in continuing */
272 break;
273 }
198274 }
199275
200276 done:
229305 if(_sasl_check_db(utils, NULL) != SASL_OK)
230306 return SASL_NOMECH;
231307
308 /* Check if libsasl API is older than ours. If it is, fail */
232309 if(max_version < SASL_AUXPROP_PLUG_VERSION) return SASL_BADVERS;
233310
234311 *out_version = SASL_AUXPROP_PLUG_VERSION;
66 ** Simon Loader -- original mysql plugin
77 ** Patrick Welche -- original pgsql plugin
88 **
9 ** $Id: sql.c,v 1.29 2006/04/07 13:42:16 jeaton Exp $
9 ** $Id: sql.c,v 1.38 2009/04/11 10:48:07 mel Exp $
1010 **
1111 */
1212
466466 sqlite_close((sqlite*)db);
467467 }
468468 #endif /* HAVE_SQLITE */
469
470 #ifdef HAVE_SQLITE3
471 #include <sqlite3.h>
472
473 static void *_sqlite3_open(char *host __attribute__((unused)),
474 char *port __attribute__((unused)),
475 int usessl __attribute__((unused)),
476 const char *user __attribute__((unused)),
477 const char *password __attribute__((unused)),
478 const char *database, const sasl_utils_t *utils)
479 {
480 int rc;
481 sqlite3 *db;
482 char *zErrMsg = NULL;
483
484 rc = sqlite3_open(database, &db);
485 if (SQLITE_OK != rc) {
486 if (db)
487 utils->log(NULL, SASL_LOG_ERR, "sql plugin: %s", sqlite3_errmsg(db));
488 else
489 utils->log(NULL, SASL_LOG_ERR, "sql plugin: %d", rc);
490 sqlite3_close(db);
491 return NULL;
492 }
493
494 rc = sqlite3_exec(db, "PRAGMA empty_result_callbacks = ON", NULL, NULL, &zErrMsg);
495 if (rc != SQLITE_OK) {
496 if (zErrMsg) {
497 utils->log(NULL, SASL_LOG_ERR, "sql plugin: %s", zErrMsg);
498 sqlite3_free(zErrMsg);
499 } else
500 utils->log(NULL, SASL_LOG_DEBUG, "sql plugin: %d", rc);
501 sqlite3_close(db);
502 return NULL;
503 }
504
505 return (void*)db;
506 }
507
508 static int _sqlite3_escape_str(char *to, const char *from)
509 {
510 char s;
511
512 while ( (s = *from++) != '\0' ) {
513 if (s == '\'' || s == '\\') {
514 *to++ = '\\';
515 }
516 *to++ = s;
517 }
518 *to = '\0';
519
520 return 0;
521 }
522
523 static int sqlite3_my_callback(void *pArg, int argc __attribute__((unused)),
524 char **argv,
525 char **columnNames __attribute__((unused)))
526 {
527 char **result = (char**)pArg;
528
529 if (argv == NULL) {
530 *result = NULL; /* no record */
531 } else if (argv[0] == NULL) {
532 *result = strdup(SQL_NULL_VALUE); /* NULL IS SQL_NULL_VALUE */
533 } else {
534 *result = strdup(argv[0]);
535 }
536
537 return 0;
538 }
539
540 static int _sqlite3_exec(void *db,
541 const char *cmd,
542 char *value,
543 size_t size,
544 size_t *value_len,
545 const sasl_utils_t *utils)
546 {
547 int rc;
548 char *result = NULL;
549 char *zErrMsg = NULL;
550
551 rc = sqlite3_exec((sqlite3*)db, cmd, sqlite3_my_callback, (void*)&result, &zErrMsg);
552 if (rc != SQLITE_OK) {
553 if (zErrMsg) {
554 utils->log(NULL, SASL_LOG_DEBUG, "sql plugin: %s", zErrMsg);
555 sqlite3_free(zErrMsg);
556 } else {
557 utils->log(NULL, SASL_LOG_DEBUG, "sql plugin: %d", rc);
558 }
559 return -1;
560 }
561
562 if (value == NULL && rc == SQLITE_OK) {
563 /* no results (BEGIN, COMMIT, DELETE, INSERT, UPDATE) */
564 return 0;
565 }
566
567 if (result == NULL) {
568 /* umm nothing found */
569 utils->log(NULL, SASL_LOG_NOTE, "sql plugin: no result found");
570 return -1;
571 }
572
573 /* XXX: Duplication cannot be found by this method. */
574
575 /* now get the result set value and value_len */
576 /* we only fetch one because we don't care about the rest */
577 if (value) {
578 strncpy(value, result, size - 2);
579 value[size - 1] = '\0';
580 if (value_len) {
581 *value_len = strlen(value);
582 }
583 }
584
585 free(result);
586 return 0;
587 }
588
589 static int _sqlite3_begin_txn(void *db, const sasl_utils_t *utils)
590 {
591 return _sqlite3_exec(db, "BEGIN TRANSACTION;", NULL, 0, NULL, utils);
592 }
593
594 static int _sqlite3_commit_txn(void *db, const sasl_utils_t *utils)
595 {
596 return _sqlite3_exec(db, "COMMIT TRANSACTION;", NULL, 0, NULL, utils);
597 }
598
599 static int _sqlite3_rollback_txn(void *db, const sasl_utils_t *utils)
600 {
601 return _sqlite3_exec(db, "ROLLBACK TRANSACTION;", NULL, 0, NULL, utils);
602 }
603
604 static void _sqlite3_close(void *db)
605 {
606 sqlite3_close((sqlite3*)db);
607 }
608 #endif /* HAVE_SQLITE3 */
469609
470610 static const sql_engine_t sql_engines[] = {
471611 #ifdef HAVE_MYSQL
483623 &_sqlite_begin_txn, &_sqlite_commit_txn, &_sqlite_rollback_txn,
484624 &_sqlite_exec, &_sqlite_close },
485625 #endif
626 #ifdef HAVE_SQLITE3
627 { "sqlite3", &_sqlite3_open, &_sqlite3_escape_str,
628 &_sqlite3_begin_txn, &_sqlite3_commit_txn, &_sqlite3_rollback_txn,
629 &_sqlite3_exec, &_sqlite3_close },
630 #endif
486631 { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
487632 };
488633
496641 ** %p = prop
497642 ** %r = realm
498643 ** %v = value of prop
499 ** e.g select %p from auth where user = %p and domain = %r;
644 ** e.g select %p from auth where user = %u and domain = %r;
500645 ** Note: calling function must free memory.
501646 **
502647 */
515660 size_t i;
516661
517662 /* calculate memory needed for creating the complete query string. */
518 ulen = strlen(user);
519 rlen = strlen(realm);
520 plen = strlen(prop);
521 vlen = sql_len(value);
663 ulen = (int)strlen(user);
664 rlen = (int)strlen(realm);
665 plen = (int)strlen(prop);
666 vlen = (int)sql_len(value);
522667
523668 /* what if we have multiple %foo occurrences in the input query? */
524669 for (i = 0; i < strlen(statement); i++) {
531676 biggest = sql_max(sql_max(ulen, rlen), sql_max(plen, vlen));
532677
533678 /* plus one for the semicolon...and don't forget the trailing 0x0 */
534 filtersize = strlen(statement) + 1 + (numpercents*biggest)+1;
679 filtersize = (int)strlen(statement) + 1 + (numpercents*biggest)+1;
535680
536681 /* ok, now try to allocate a chunk of that size */
537682 buf = (char *) utils->malloc(filtersize);
742887 return conn;
743888 }
744889
745 static void sql_auxprop_lookup(void *glob_context,
890 static int sql_auxprop_lookup(void *glob_context,
746891 sasl_server_params_t *sparams,
747892 unsigned flags,
748893 const char *user,
755900 const struct propval *to_fetch, *cur;
756901 char value[8192];
757902 size_t value_len;
758
759903 char *user_buf;
760904 char *query = NULL;
761905 char *escap_userid = NULL;
762906 char *escap_realm = NULL;
763907 sql_settings_t *settings;
908 int verify_against_hashed_password;
909 int saw_user_password = 0;
764910 void *conn = NULL;
765911 int do_txn = 0;
766
767 if (!glob_context || !sparams || !user) return;
912 int ret;
913
914 if (!glob_context || !sparams || !user) return SASL_BADPARAM;
768915
769916 /* setup the settings */
770917 settings = (sql_settings_t *) glob_context;
773920 "sql plugin Parse the username %s\n", user);
774921
775922 user_buf = sparams->utils->malloc(ulen + 1);
776 if (!user_buf) goto done;
923 if (!user_buf) {
924 ret = SASL_NOMEM;
925 goto done;
926 }
777927
778928 memcpy(user_buf, user, ulen);
779929 user_buf[ulen] = '\0';
784934 user_realm = sparams->serverFQDN;
785935 }
786936
787 if (_plug_parseuser(sparams->utils, &userid, &realm, user_realm,
788 sparams->serverFQDN, user_buf) != SASL_OK )
937 if ((ret = _plug_parseuser(sparams->utils,
938 &userid,
939 &realm,
940 user_realm,
941 sparams->serverFQDN,
942 user_buf)) != SASL_OK ) {
789943 goto done;
944 }
790945
791946 /* just need to escape userid and realm now */
792947 /* allocate some memory */
794949 escap_realm = (char *)sparams->utils->malloc(strlen(realm)*2+1);
795950
796951 if (!escap_userid || !escap_realm) {
797 MEMERROR(sparams->utils);
952 ret = SASL_NOMEM;
798953 goto done;
799954 }
800955
803958 /* find out what we need to get */
804959 /* this corrupts const char *user */
805960 to_fetch = sparams->utils->prop_get(sparams->propctx);
806 if (!to_fetch) goto done;
961 if (!to_fetch) {
962 ret = SASL_NOMEM;
963 goto done;
964 }
807965
808966 conn = sql_connect(settings, sparams->utils);
809967 if (!conn) {
810968 sparams->utils->log(NULL, SASL_LOG_ERR,
811969 "sql plugin couldn't connect to any host\n");
812
970 /* TODO: in the future we might want to extend the internal
971 SQL driver API to return a more detailed error */
972 ret = SASL_FAIL;
813973 goto done;
814974 }
815975
816976 /* escape out */
817977 settings->sql_engine->sql_escape_str(escap_userid, userid);
818978 settings->sql_engine->sql_escape_str(escap_realm, realm);
819
979
980 verify_against_hashed_password = flags & SASL_AUXPROP_VERIFY_AGAINST_HASH;
981
982 /* Assume that nothing is found */
983 ret = SASL_NOUSER;
820984 for (cur = to_fetch; cur->name; cur++) {
821985 char *realname = (char *) cur->name;
822986
832996 }
833997
834998 /* If it's there already, we want to see if it needs to be
835 * overridden */
836 if (cur->values && !(flags & SASL_AUXPROP_OVERRIDE))
999 * overridden. userPassword is a special case, because it's value
1000 is always present if SASL_AUXPROP_VERIFY_AGAINST_HASH is specified.
1001 When SASL_AUXPROP_VERIFY_AGAINST_HASH is set, we just clear userPassword. */
1002 if (cur->values && !(flags & SASL_AUXPROP_OVERRIDE) &&
1003 (verify_against_hashed_password == 0 ||
1004 strcasecmp(realname, SASL_AUX_PASSWORD_PROP) != 0)) {
8371005 continue;
838 else if (cur->values)
1006 } else if (cur->values) {
8391007 sparams->utils->prop_erase(sparams->propctx, cur->name);
1008 }
1009
1010 if (strcasecmp(realname, SASL_AUX_PASSWORD_PROP) == 0) {
1011 saw_user_password = 1;
1012 }
8401013
8411014 if (!do_txn) {
8421015 do_txn = 1;
8561029 realname,escap_userid,
8571030 escap_realm, NULL,
8581031 sparams->utils);
1032 if (query == NULL) {
1033 ret = SASL_NOMEM;
1034 break;
1035 }
8591036
8601037 sparams->utils->log(NULL, SASL_LOG_DEBUG,
8611038 "sql plugin doing query %s\n", query);
8621039
1040 value[0] = '\0';
1041 value_len = 0;
8631042 /* run the query */
8641043 if (!settings->sql_engine->sql_exec(conn, query, value, sizeof(value),
8651044 &value_len, sparams->utils)) {
866 sparams->utils->prop_set(sparams->propctx, cur->name,
867 value, value_len);
1045 sparams->utils->prop_set(sparams->propctx,
1046 cur->name,
1047 value,
1048 (int)value_len);
1049 ret = SASL_OK;
8681050 }
8691051
8701052 sparams->utils->free(query);
8711053 }
1054
1055 if (flags & SASL_AUXPROP_AUTHZID) {
1056 /* This is a lie, but the caller can't handle
1057 when we return SASL_NOUSER for authorization identity lookup. */
1058 if (ret == SASL_NOUSER) {
1059 ret = SASL_OK;
1060 }
1061 } else {
1062 if (ret == SASL_NOUSER && saw_user_password == 0) {
1063 /* Verify user existence by checking presence of
1064 the userPassword attribute */
1065 if (!do_txn) {
1066 do_txn = 1;
1067 sparams->utils->log(NULL, SASL_LOG_DEBUG, "begin transaction");
1068 if (settings->sql_engine->sql_begin_txn(conn, sparams->utils)) {
1069 sparams->utils->log(NULL, SASL_LOG_ERR,
1070 "Unable to begin transaction\n");
1071 }
1072 }
1073
1074 sparams->utils->log(NULL, SASL_LOG_DEBUG,
1075 "sql plugin create statement from %s %s %s\n",
1076 SASL_AUX_PASSWORD_PROP,
1077 escap_userid,
1078 escap_realm);
1079
1080 /* create a statement that we will use */
1081 query = sql_create_statement(settings->sql_select,
1082 SASL_AUX_PASSWORD_PROP,
1083 escap_userid,
1084 escap_realm,
1085 NULL,
1086 sparams->utils);
1087 if (query == NULL) {
1088 ret = SASL_NOMEM;
1089 } else {
1090 sparams->utils->log(NULL, SASL_LOG_DEBUG,
1091 "sql plugin doing query %s\n", query);
1092
1093 value[0] = '\0';
1094 value_len = 0;
1095 /* run the query */
1096 if (!settings->sql_engine->sql_exec(conn,
1097 query,
1098 value,
1099 sizeof(value),
1100 &value_len,
1101 sparams->utils)) {
1102 ret = SASL_OK;
1103 }
1104
1105 sparams->utils->free(query);
1106 }
1107 }
1108 }
1109
8721110
8731111 if (do_txn) {
8741112 sparams->utils->log(NULL, SASL_LOG_DEBUG, "commit transaction");
8751113 if (settings->sql_engine->sql_commit_txn(conn, sparams->utils)) {
8761114 sparams->utils->log(NULL, SASL_LOG_ERR,
8771115 "Unable to commit transaction\n");
1116 /* Failure of the commit is non fatal when reading values */
8781117 }
8791118 }
8801119
8851124 if (userid) sparams->utils->free(userid);
8861125 if (realm) sparams->utils->free(realm);
8871126 if (user_buf) sparams->utils->free(user_buf);
1127
1128 return (ret);
8881129 }
8891130
8901131 static int sql_auxprop_store(void *glob_context,
9741215 "Unable to begin transaction\n");
9751216 }
9761217 for (cur = to_store; ret == SASL_OK && cur->name; cur++) {
1218
1219 if (cur->name[0] == '*') {
1220 continue;
1221 }
1222
9771223 /* determine which command we need */
9781224 /* see if we already have a row for this user */
9791225 statement = sql_create_statement(settings->sql_select,
112112 LIB_PGSQL = @LIB_PGSQL@
113113 LIB_SOCKET = @LIB_SOCKET@
114114 LIB_SQLITE = @LIB_SQLITE@
115 LIB_SQLITE3 = @LIB_SQLITE3@
115116 LN_S = @LN_S@
116117 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
117118 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
132132 LIB_PGSQL = @LIB_PGSQL@
133133 LIB_SOCKET = @LIB_SOCKET@
134134 LIB_SQLITE = @LIB_SQLITE@
135 LIB_SQLITE3 = @LIB_SQLITE3@
135136 LN_S = @LN_S@
136137 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
137138 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
5959 server.exe: $(server_objs) $(common_objs)
6060 $(LINK32EXE) @<< $(LINK32EXE_FLAGS) /pdb:"server.pdb" /out:"server.exe" $(server_objs) $(common_objs)
6161 <<
62 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;1
6263
6364 client.exe: $(client_objs) $(common_objs)
6465 $(LINK32EXE) @<< $(LINK32EXE_FLAGS) /pdb:"client.pdb" /out:"client.exe" $(client_objs) $(common_objs)
6566 <<
67 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;1
6668
6769 sample-server.exe: $(sample_server_objs)
6870 $(LINK32EXE) @<< $(LINK32EXE_FLAGS) /pdb:"sample-server.pdb" /out:"sample-server.exe" $(sample_server_objs)
6971 <<
72 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;1
7073
7174 sample-client.exe: $(sample_client_objs)
7275 $(LINK32EXE) @<< $(LINK32EXE_FLAGS) /pdb:"sample-client.pdb" /out:"sample-client.exe" $(sample_client_objs)
7376 <<
77 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;1
7478
7579 getaddrinfo.c: ..\lib\getaddrinfo.c
7680 copy ..\lib\getaddrinfo.c .
8387 -@erase "*.idb"
8488 -@erase "*.pch"
8589 -@erase "*.pdb"
90 -@erase "*.manifest"
8691 -@erase $(all_out)
8792 -@erase getaddrinfo.c
8893
00 /* sample-client.c -- sample SASL client
11 * Rob Earhart
2 * $Id: sample-client.c,v 1.31 2004/10/26 11:14:33 mel Exp $
2 * $Id: sample-client.c,v 1.32 2009/05/04 21:35:51 mel Exp $
33 */
44 /*
55 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
394394 unsigned len;
395395 int result;
396396
397 if (! fgets(buf, SAMPLE_SEC_BUF_SIZE, stdin)
398 || strncmp(buf, "S: ", 3))
397 if (! fgets(buf, SAMPLE_SEC_BUF_SIZE, stdin)) {
399398 fail("Unable to parse input");
399 }
400
401 if (strncmp(buf, "S: ", 3) != 0) {
402 fail("Line must start with 'S: '");
403 }
404
405 len = strlen(buf);
406 if (len > 0 && buf[len-1] == '\n') {
407 buf[len-1] = '\0';
408 }
409
400410 result = sasl_decode64(buf + 3, (unsigned) strlen(buf + 3), buf,
401411 SAMPLE_SEC_BUF_SIZE, &len);
402412 if (result != SASL_OK)
00 /* sample-server.c -- sample SASL server
11 * Rob Earhart
2 * $Id: sample-server.c,v 1.31 2004/10/26 11:14:34 mel Exp $
2 * $Id: sample-server.c,v 1.33 2009/05/04 21:35:51 mel Exp $
33 */
44 /*
55 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
253253 unsigned len;
254254 int result;
255255
256 if (! fgets(buf, SAMPLE_SEC_BUF_SIZE, stdin))
256 if (! fgets(buf, SAMPLE_SEC_BUF_SIZE, stdin)) {
257257 fail("Unable to parse input");
258
259 if (strncmp(buf, "C: ", 3)!=0)
258 }
259
260 if (strncmp(buf, "C: ", 3) != 0) {
260261 fail("Line must start with 'C: '");
262 }
261263
264 len = strlen(buf);
265 if (len > 0 && buf[len-1] == '\n') {
266 buf[len-1] = '\0';
267 }
268
262269 result = sasl_decode64(buf + 3, (unsigned) strlen(buf + 3), buf,
263270 SAMPLE_SEC_BUF_SIZE, &len);
264271 if (result != SASL_OK)
548555 if (strlen(buf) < len) {
549556 /* Hmm, there's an initial response here */
550557 data = buf + strlen(buf) + 1;
551 len = len - strlen(buf) - 1;
558 len = len - (unsigned) strlen(buf) - 1;
552559 } else {
553560 data = NULL;
554561 len = 0;
842842 ])
843843
844844 dnl
845 dnl $Id: c-attribute.m4,v 1.3 2003/10/08 20:35:24 rjs3 Exp $
845 dnl $Id: c-attribute.m4,v 1.4 2007/08/30 16:57:55 murch Exp $
846846 dnl
847847
848848 dnl
854854 AC_CACHE_VAL(ac_cv___attribute__, [
855855 AC_TRY_COMPILE([
856856 #include <stdlib.h>
857 ],
858 [
859857 static void foo(void) __attribute__ ((noreturn));
860858
861859 static void
864862 exit(1);
865863 }
866864 ],
865 [
866 ],
867867 ac_cv___attribute__=yes,
868868 ac_cv___attribute__=no)])
869869 if test "$ac_cv___attribute__" = "yes"; then
875875
876876 dnl
877877 dnl Additional macros for configure.in packaged up for easier theft.
878 dnl $Id: cyrus.m4,v 1.4 2003/10/08 20:35:24 rjs3 Exp $
878 dnl $Id: cyrus.m4,v 1.5 2009/03/31 04:09:47 brong Exp $
879879 dnl tjs@andrew.cmu.edu 6-may-1998
880880 dnl
881881
886886 dnl (so the runpath for shared libraries is set).
887887 AC_DEFUN([CMU_ADD_LIBPATH], [
888888 # this is CMU ADD LIBPATH
889 if test "$andrew_runpath_switch" = "none" ; then
889 if test "$andrew_cv_runpath_switch" = "none" ; then
890890 LDFLAGS="-L$1 ${LDFLAGS}"
891891 else
892 LDFLAGS="-L$1 $andrew_runpath_switch$1 ${LDFLAGS}"
892 LDFLAGS="-L$1 $andrew_cv_runpath_switch$1 ${LDFLAGS}"
893893 fi
894894 ])
895895
897897 dnl (so the runpath for shared libraries is set).
898898 AC_DEFUN([CMU_ADD_LIBPATH_TO], [
899899 # this is CMU ADD LIBPATH TO
900 if test "$andrew_runpath_switch" = "none" ; then
900 if test "$andrew_cv_runpath_switch" = "none" ; then
901901 $2="-L$1 ${$2}"
902902 else
903 $2="-L$1 ${$2} $andrew_runpath_switch$1"
903 $2="-L$1 ${$2} $andrew_cv_runpath_switch$1"
904904 fi
905905 ])
906906
907907 dnl runpath initialization
908908 AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [
909909 # CMU GUESS RUNPATH SWITCH
910 AC_CACHE_CHECK(for runpath switch, andrew_runpath_switch, [
910 AC_CACHE_CHECK(for runpath switch, andrew_cv_runpath_switch, [
911911 # first, try -R
912912 SAVE_LDFLAGS="${LDFLAGS}"
913913 LDFLAGS="-R /usr/lib"
914 AC_TRY_LINK([],[],[andrew_runpath_switch="-R"], [
914 AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-R"], [
915915 LDFLAGS="-Wl,-rpath,/usr/lib"
916 AC_TRY_LINK([],[],[andrew_runpath_switch="-Wl,-rpath,"],
917 [andrew_runpath_switch="none"])
916 AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-Wl,-rpath,"],
917 [andrew_cv_runpath_switch="none"])
918918 ])
919919 LDFLAGS="${SAVE_LDFLAGS}"
920920 ])])
12111211 if test "$krb4" != no; then
12121212 AC_MSG_RESULT(enabled)
12131213 SASL_MECHS="$SASL_MECHS libkerberos4.la"
1214 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/kerberos4.c"
1214 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/kerberos4.c"
12151215 SASL_STATIC_OBJS="$SASL_STATIC_OBJS kerberos4.o"
12161216 AC_DEFINE(STATIC_KERBEROS4,[],[User KERBEROS_V4 Staticly])
12171217 AC_DEFINE(HAVE_KRB,[],[Do we have Kerberos 4 Support?])
12251225
12261226 # sasl2.m4--sasl2 libraries and includes
12271227 # Rob Siemborski
1228 # $Id: sasl2.m4,v 1.52 2006/05/18 19:25:00 murch Exp $
1228 # $Id: sasl2.m4,v 1.54 2009/05/20 12:24:48 murch Exp $
12291229
12301230 # SASL2_CRYPT_CHK
12311231 # ---------------
12871287 fi
12881288 fi
12891289 fi
1290 AC_CHECK_HEADER([gssapi.h],
1291 [AC_DEFINE(HAVE_GSSAPI_H,,
1292 [Define if you have the gssapi.h header file])],
1290 AC_CHECK_HEADER([gssapi.h],,
12931291 [AC_CHECK_HEADER([gssapi/gssapi.h],,
12941292 [AC_WARN([Disabling GSSAPI - no include files found]); gssapi=no])])
12951293
12981296 fi
12991297
13001298 if test "$gssapi" != no; then
1299 if test "$ac_cv_header_gssapi_h" = "yes" -o "$ac_cv_header_gssapi_gssapi_h" = "yes"; then
1300 AC_DEFINE(HAVE_GSSAPI_H,,[Define if you have the gssapi.h header file])
1301 fi
1302
13011303 # We need to find out which gssapi implementation we are
13021304 # using. Supported alternatives are: MIT Kerberos 5,
13031305 # Heimdal Kerberos 5 (http://www.pdc.kth.se/heimdal),
14751477 AC_CHECK_LIB(resolv,res_search,GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lresolv")
14761478 SASL_MECHS="$SASL_MECHS libgssapiv2.la"
14771479 SASL_STATIC_OBJS="$SASL_STATIC_OBJS gssapi.o"
1478 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/gssapi.c"
1480 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/gssapi.c"
14791481
14801482 cmu_save_LIBS="$LIBS"
14811483 LIBS="$LIBS $GSSAPIBASE_LIBS"
17921794
17931795 SASL_DB_BACKEND="db_${dblib}.lo"
17941796 SASL_DB_BACKEND_STATIC="db_${dblib}.o allockey.o"
1795 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_${dblib}.c ../sasldb/allockey.c"
1797 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_${dblib}.c \$(top_srcdir)/sasldb/allockey.c"
17961798 SASL_DB_UTILS="saslpasswd2 sasldblistusers2"
17971799 SASL_DB_MANS="saslpasswd2.8 sasldblistusers2.8"
17981800
18151817 dnl will just fail to load anyway.
18161818 SASL_DB_BACKEND="db_none.lo"
18171819 SASL_DB_BACKEND_STATIC="db_none.o"
1818 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_none.c"
1820 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_none.c"
18191821 SASL_DB_UTILS=""
18201822 SASL_DB_MANS=""
18211823 SASL_DB_LIB=""
18241826
18251827 if test "$enable_static" = yes; then
18261828 if test "$dblib" != "none"; then
1827 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
1829 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
18281830 SASL_STATIC_OBJS="$SASL_STATIC_OBJS sasldb.o $SASL_DB_BACKEND_STATIC"
18291831 AC_DEFINE(STATIC_SASLDB,[],[Link SASLdb Staticly])
18301832 else
18501852 AC_MSG_RESULT($dbpath)
18511853 AC_DEFINE_UNQUOTED(SASL_DB_PATH, "$dbpath", [Path to default SASLdb database])])
18521854
1853 dnl $Id: berkdb.m4,v 1.20 2005/04/26 19:14:07 shadow Exp $
1855 dnl $Id: berkdb.m4,v 1.22 2007/08/15 17:18:01 murch Exp $
18541856
18551857 AC_DEFUN([CMU_DB_INC_WHERE1], [
18561858 saved_CPPFLAGS=$CPPFLAGS
20652067 fi
20662068
20672069 saved_LIBS=$LIBS
2068 for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
2070 for dbname in ${with_bdb} db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
20692071 do
20702072 LIBS="$saved_LIBS -l$dbname"
2071 AC_TRY_LINK([#include <db.h>],
2073 AC_TRY_LINK([#include <stdio.h>
2074 #include <db.h>],
20722075 [db_create(NULL, NULL, 0);],
20732076 BDB_LIBADD="$BDB_LIBADD -l$dbname"; dblib="berkeley"; dbname=db,
20742077 dblib="no")
20762079 done
20772080 if test "$dblib" = "no"; then
20782081 LIBS="$saved_LIBS -ldb"
2079 AC_TRY_LINK([#include <db.h>],
2082 AC_TRY_LINK([#include <stdio.h>
2083 #include <db.h>],
20802084 [db_open(NULL, 0, 0, 0, NULL, NULL, NULL);],
20812085 BDB_LIBADD="$BDB_LIBADD -ldb"; dblib="berkeley"; dbname=db,
20822086 dblib="no")
3131 * END SYNOPSIS */
3232
3333 #ifdef __GNUC__
34 #ident "$Id: auth_getpwent.c,v 1.7 2005/01/27 04:39:52 shadow Exp $"
34 #ident "$Id: auth_getpwent.c,v 1.9 2009/02/13 14:23:26 mel Exp $"
3535 #endif
3636
3737 /* PUBLIC DEPENDENCIES */
4040 #include <string.h>
4141 #include <pwd.h>
4242
43 #ifdef HAVE_CRYPT_H
44 #include <crypt.h>
45 #endif
46
4347 # ifdef WITH_DES
4448 # ifdef WITH_SSL_DES
49 # ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
50 # define OPENSSL_DISABLE_OLD_DES_SUPPORT
51 # endif
4552 # include <openssl/des.h>
4653 # else
4754 # include <des.h>
4855 # endif /* WITH_SSL_DES */
4956 # endif /* WITH_DES */
50
51 #ifdef HAVE_CRYPT_H
52 #include <crypt.h>
53 #endif
5457 /* END PUBLIC DEPENDENCIES */
5558
5659 #define RETURN(x) return strdup(x)
2727 * END COPYRIGHT */
2828
2929 #ifdef __GNUC__
30 #ident "$Id: auth_krb5.c,v 1.17 2005/02/14 05:50:49 shadow Exp $"
30 #ident "$Id: auth_krb5.c,v 1.18 2008/01/23 15:39:34 murch Exp $"
3131 #endif
3232
3333 /* ok, this is wrong but the most convenient way of doing
253253
254254 #else /* !KRB5_HEIMDAL */
255255
256 static void k5support_log_err(krb5_context context,
257 krb5_error_code code,
258 char const *msg)
259 {
260 const char *k5_msg = krb5_get_error_message(context, code);
261
262 syslog(LOG_DEBUG, "auth_krb5: %s: %s (%d)\n", msg, k5_msg, code);
263 krb5_free_error_message(context, k5_msg);
264 }
265
256266 /* returns 0 for failure, 1 for success */
257267 static int k5support_verify_tgt(krb5_context context,
258268 krb5_ccache ccache)
268278
269279 memset(&packet, 0, sizeof(packet));
270280
271 if (krb5_sname_to_principal(context, NULL, verify_principal,
272 KRB5_NT_SRV_HST, &server)) {
281 if ((k5_retcode = krb5_sname_to_principal(context, NULL, verify_principal,
282 KRB5_NT_SRV_HST, &server))) {
283 k5support_log_err(context, k5_retcode, "krb5_sname_to_principal()");
273284 return 0;
274285 }
275286
276287 if (keytabname) {
277 if (krb5_kt_resolve(context, keytabname, &kt)) {
288 if ((k5_retcode = krb5_kt_resolve(context, keytabname, &kt))) {
289 k5support_log_err(context, k5_retcode, "krb5_kt_resolve()");
278290 goto fini;
279291 }
280292 }
281293
282 if (krb5_kt_read_service_key(context, kt, server, 0,
283 0, &keyblock)) {
294 if ((k5_retcode = krb5_kt_read_service_key(context, kt, server, 0,
295 0, &keyblock))) {
296 k5support_log_err(context, k5_retcode, "krb5_kt_read_service_key()");
284297 goto fini;
285298 }
286299
296309 }
297310 thishost[BUFSIZ-1] = '\0';
298311
299 k5_retcode = krb5_mk_req(context, &auth_context, 0, verify_principal,
300 thishost, NULL, ccache, &packet);
312 if ((k5_retcode = krb5_mk_req(context, &auth_context, 0, verify_principal,
313 thishost, NULL, ccache, &packet))) {
314 k5support_log_err(context, k5_retcode, "krb5_mk_req()");
315 }
301316
302317 if (auth_context) {
303318 krb5_auth_con_free(context, auth_context);
308323 goto fini;
309324 }
310325
311 if (krb5_rd_req(context, &auth_context, &packet,
312 server, NULL, NULL, NULL)) {
326 if ((k5_retcode = krb5_rd_req(context, &auth_context, &packet,
327 server, NULL, NULL, NULL))) {
328 k5support_log_err(context, k5_retcode, "krb5_rd_req()");
313329 goto fini;
314330 }
315331
5252 * END SYNOPSIS */
5353
5454 #ifdef __GNUC__
55 #ident "$Id: auth_rimap.c,v 1.12 2006/04/06 20:19:54 jeaton Exp $"
55 #ident "$Id: auth_rimap.c,v 1.13 2008/01/23 19:54:54 murch Exp $"
5656 #endif
5757
5858 /* PUBLIC DEPENDENCIES */
161161 num_quotes = 0;
162162 p1 = s;
163163 while ((p1 = strchr(p1, '"')) != NULL) {
164 p1++;
164165 num_quotes++;
165166 }
166167
437438 syslog(LOG_WARNING, "auth_rimap: writev: %m");
438439 memset(qlogin, 0, strlen(qlogin));
439440 free(qlogin);
440 memset(qpass, 0, strlen(qlogin));
441 memset(qpass, 0, strlen(qpass));
441442 free(qpass);
442443 (void)close(s);
443444 return strdup(RESP_IERROR);
446447 /* don't need these any longer */
447448 memset(qlogin, 0, strlen(qlogin));
448449 free(qlogin);
449 memset(qpass, 0, strlen(qlogin));
450 memset(qpass, 0, strlen(qpass));
450451 free(qpass);
451452
452453 /* read and parse the LOGIN response */
3131 * END SYNOPSIS */
3232
3333 #ifdef __GNUC__
34 #ident "$Id: auth_sasldb.c,v 1.5 2002/07/27 18:44:46 rjs3 Exp $"
34 #ident "$Id: auth_sasldb.c,v 1.6 2009/02/20 22:08:56 mel Exp $"
3535 #endif
3636
3737 /* PUBLIC DEPENDENCIES */
4040 #include <string.h>
4141 #include <stdlib.h>
4242 #include <pwd.h>
43 #include <config.h>
4344 /* END PUBLIC DEPENDENCIES */
4445
4546 #define RETURN(x) return strdup(x)
0 #define PWBUFSZ 256 /***SWB***/
1
20 /* MODULE: auth_shadow */
31
42 /* COPYRIGHT
2927 * END COPYRIGHT */
3028
3129 #ifdef __GNUC__
32 #ident "$Id: auth_shadow.c,v 1.8 2006/04/19 19:36:25 murch Exp $"
30 #ident "$Id: auth_shadow.c,v 1.12 2009/08/14 14:58:38 mel Exp $"
3331 #endif
3432
3533 /* PUBLIC DEPENDENCIES */
3634 #include "mechanisms.h"
3735
3836 #ifdef AUTH_SHADOW
37
38 #define PWBUFSZ 256 /***SWB***/
3939
4040 # include <unistd.h>
4141 # include <stdlib.h>
4444 # include <time.h>
4545 # include <pwd.h>
4646 # include <syslog.h>
47
48 #ifdef HAVE_CRYPT_H
49 #include <crypt.h>
50 #endif
51
4752 # ifndef HAVE_GETSPNAM
4853
4954 # ifdef WITH_DES
16501650
16511651 # Define the identity of the package.
16521652 PACKAGE=saslauthd
1653 VERSION=2.1.23
1653 VERSION=2.1.24
16541654
16551655
16561656 cat >>confdefs.h <<_ACEOF
32253225 /* end confdefs.h. */
32263226
32273227 #include <stdlib.h>
3228
3229 int
3230 main ()
3231 {
3232
32333228 static void foo(void) __attribute__ ((noreturn));
32343229
32353230 static void
32383233 exit(1);
32393234 }
32403235
3236 int
3237 main ()
3238 {
3239
3240
32413241 ;
32423242 return 0;
32433243 }
32783278 # CMU GUESS RUNPATH SWITCH
32793279 echo "$as_me:$LINENO: checking for runpath switch" >&5
32803280 echo $ECHO_N "checking for runpath switch... $ECHO_C" >&6
3281 if test "${andrew_runpath_switch+set}" = set; then
3281 if test "${andrew_cv_runpath_switch+set}" = set; then
32823282 echo $ECHO_N "(cached) $ECHO_C" >&6
32833283 else
32843284
33133313 ac_status=$?
33143314 echo "$as_me:$LINENO: \$? = $ac_status" >&5
33153315 (exit $ac_status); }; }; then
3316 andrew_runpath_switch="-R"
3316 andrew_cv_runpath_switch="-R"
33173317 else
33183318 echo "$as_me: failed program was:" >&5
33193319 sed 's/^/| /' conftest.$ac_ext >&5
33483348 ac_status=$?
33493349 echo "$as_me:$LINENO: \$? = $ac_status" >&5
33503350 (exit $ac_status); }; }; then
3351 andrew_runpath_switch="-Wl,-rpath,"
3351 andrew_cv_runpath_switch="-Wl,-rpath,"
33523352 else
33533353 echo "$as_me: failed program was:" >&5
33543354 sed 's/^/| /' conftest.$ac_ext >&5
33553355
3356 andrew_runpath_switch="none"
3356 andrew_cv_runpath_switch="none"
33573357 fi
33583358 rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
33593359
33623362 LDFLAGS="${SAVE_LDFLAGS}"
33633363
33643364 fi
3365 echo "$as_me:$LINENO: result: $andrew_runpath_switch" >&5
3366 echo "${ECHO_T}$andrew_runpath_switch" >&6
3365 echo "$as_me:$LINENO: result: $andrew_cv_runpath_switch" >&5
3366 echo "${ECHO_T}$andrew_cv_runpath_switch" >&6
33673367
33683368
33693369 save_LIBS="$LIBS"
44274427 CPPFLAGS="${CPPFLAGS} -I${with_openssl}/include"
44284428
44294429 # this is CMU ADD LIBPATH
4430 if test "$andrew_runpath_switch" = "none" ; then
4430 if test "$andrew_cv_runpath_switch" = "none" ; then
44314431 LDFLAGS="-L${with_openssl}/$CMU_LIB_SUBDIR ${LDFLAGS}"
44324432 else
4433 LDFLAGS="-L${with_openssl}/$CMU_LIB_SUBDIR $andrew_runpath_switch${with_openssl}/$CMU_LIB_SUBDIR ${LDFLAGS}"
4433 LDFLAGS="-L${with_openssl}/$CMU_LIB_SUBDIR $andrew_cv_runpath_switch${with_openssl}/$CMU_LIB_SUBDIR ${LDFLAGS}"
44344434 fi
44354435
44364436 fi
62646264 echo "$as_me:$LINENO: result: enabled" >&5
62656265 echo "${ECHO_T}enabled" >&6
62666266 SASL_MECHS="$SASL_MECHS libkerberos4.la"
6267 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/kerberos4.c"
6267 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/kerberos4.c"
62686268 SASL_STATIC_OBJS="$SASL_STATIC_OBJS kerberos4.o"
62696269
62706270 cat >>confdefs.h <<\_ACEOF
66176617
66186618 fi
66196619 if test $ac_cv_header_gssapi_h = yes; then
6620
6621 cat >>confdefs.h <<\_ACEOF
6622 #define HAVE_GSSAPI_H
6623 _ACEOF
6624
6620 :
66256621 else
66266622 if test "${ac_cv_header_gssapi_gssapi_h+set}" = set; then
66276623 echo "$as_me:$LINENO: checking for gssapi/gssapi.h" >&5
67696765 fi
67706766
67716767 if test "$gssapi" != no; then
6768 if test "$ac_cv_header_gssapi_h" = "yes" -o "$ac_cv_header_gssapi_gssapi_h" = "yes"; then
6769
6770 cat >>confdefs.h <<\_ACEOF
6771 #define HAVE_GSSAPI_H
6772 _ACEOF
6773
6774 fi
6775
67726776 # We need to find out which gssapi implementation we are
67736777 # using. Supported alternatives are: MIT Kerberos 5,
67746778 # Heimdal Kerberos 5 (http://www.pdc.kth.se/heimdal),
75197523
75207524 SASL_MECHS="$SASL_MECHS libgssapiv2.la"
75217525 SASL_STATIC_OBJS="$SASL_STATIC_OBJS gssapi.o"
7522 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/gssapi.c"
7526 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/gssapi.c"
75237527
75247528 cmu_save_LIBS="$LIBS"
75257529 LIBS="$LIBS $GSSAPIBASE_LIBS"
80128016 if test -d $with_bdb_lib; then
80138017
80148018 # this is CMU ADD LIBPATH TO
8015 if test "$andrew_runpath_switch" = "none" ; then
8019 if test "$andrew_cv_runpath_switch" = "none" ; then
80168020 LDFLAGS="-L$with_bdb_lib ${LDFLAGS}"
80178021 else
8018 LDFLAGS="-L$with_bdb_lib ${LDFLAGS} $andrew_runpath_switch$with_bdb_lib"
8022 LDFLAGS="-L$with_bdb_lib ${LDFLAGS} $andrew_cv_runpath_switch$with_bdb_lib"
80198023 fi
80208024
80218025
80228026 # this is CMU ADD LIBPATH TO
8023 if test "$andrew_runpath_switch" = "none" ; then
8027 if test "$andrew_cv_runpath_switch" = "none" ; then
80248028 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD}"
80258029 else
8026 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD} $andrew_runpath_switch$with_bdb_lib"
8030 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD} $andrew_cv_runpath_switch$with_bdb_lib"
80278031 fi
80288032
80298033 else
80318035 fi
80328036
80338037 saved_LIBS=$LIBS
8034 for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
8038 for dbname in ${with_bdb} db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
80358039 do
80368040 LIBS="$saved_LIBS -l$dbname"
80378041 cat >conftest.$ac_ext <<_ACEOF
80418045 cat confdefs.h >>conftest.$ac_ext
80428046 cat >>conftest.$ac_ext <<_ACEOF
80438047 /* end confdefs.h. */
8048 #include <stdio.h>
80448049 #include <db.h>
80458050 int
80468051 main ()
80818086 cat confdefs.h >>conftest.$ac_ext
80828087 cat >>conftest.$ac_ext <<_ACEOF
80838088 /* end confdefs.h. */
8089 #include <stdio.h>
80848090 #include <db.h>
80858091 int
80868092 main ()
87698775 if test -d $with_bdb_lib; then
87708776
87718777 # this is CMU ADD LIBPATH TO
8772 if test "$andrew_runpath_switch" = "none" ; then
8778 if test "$andrew_cv_runpath_switch" = "none" ; then
87738779 LDFLAGS="-L$with_bdb_lib ${LDFLAGS}"
87748780 else
8775 LDFLAGS="-L$with_bdb_lib ${LDFLAGS} $andrew_runpath_switch$with_bdb_lib"
8781 LDFLAGS="-L$with_bdb_lib ${LDFLAGS} $andrew_cv_runpath_switch$with_bdb_lib"
87768782 fi
87778783
87788784
87798785 # this is CMU ADD LIBPATH TO
8780 if test "$andrew_runpath_switch" = "none" ; then
8786 if test "$andrew_cv_runpath_switch" = "none" ; then
87818787 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD}"
87828788 else
8783 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD} $andrew_runpath_switch$with_bdb_lib"
8789 BDB_LIBADD="-L$with_bdb_lib ${BDB_LIBADD} $andrew_cv_runpath_switch$with_bdb_lib"
87848790 fi
87858791
87868792 else
87888794 fi
87898795
87908796 saved_LIBS=$LIBS
8791 for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
8797 for dbname in ${with_bdb} db-4.6 db4.6 db46 db-4.5 db4.5 db45 db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
87928798 do
87938799 LIBS="$saved_LIBS -l$dbname"
87948800 cat >conftest.$ac_ext <<_ACEOF
87988804 cat confdefs.h >>conftest.$ac_ext
87998805 cat >>conftest.$ac_ext <<_ACEOF
88008806 /* end confdefs.h. */
8807 #include <stdio.h>
88018808 #include <db.h>
88028809 int
88038810 main ()
88388845 cat confdefs.h >>conftest.$ac_ext
88398846 cat >>conftest.$ac_ext <<_ACEOF
88408847 /* end confdefs.h. */
8848 #include <stdio.h>
88418849 #include <db.h>
88428850 int
88438851 main ()
93859393
93869394 SASL_DB_BACKEND="db_${dblib}.lo"
93879395 SASL_DB_BACKEND_STATIC="db_${dblib}.o allockey.o"
9388 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_${dblib}.c ../sasldb/allockey.c"
9396 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_${dblib}.c \$(top_srcdir)/sasldb/allockey.c"
93899397 SASL_DB_UTILS="saslpasswd2 sasldblistusers2"
93909398 SASL_DB_MANS="saslpasswd2.8 sasldblistusers2.8"
93919399
94199427 echo "$as_me: WARNING: Disabling SASL authentication database support" >&2;}
94209428 SASL_DB_BACKEND="db_none.lo"
94219429 SASL_DB_BACKEND_STATIC="db_none.o"
9422 SASL_DB_BACKEND_STATIC_SRCS="../sasldb/db_none.c"
9430 SASL_DB_BACKEND_STATIC_SRCS="\$(top_srcdir)/sasldb/db_none.c"
94239431 SASL_DB_UTILS=""
94249432 SASL_DB_MANS=""
94259433 SASL_DB_LIB=""
94289436
94299437 if test "$enable_static" = yes; then
94309438 if test "$dblib" != "none"; then
9431 SASL_STATIC_SRCS="$SASL_STATIC_SRCS ../plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
9439 SASL_STATIC_SRCS="$SASL_STATIC_SRCS \$(top_srcdir)/plugins/sasldb.c $SASL_DB_BACKEND_STATIC_SRCS"
94329440 SASL_STATIC_OBJS="$SASL_STATIC_OBJS sasldb.o $SASL_DB_BACKEND_STATIC"
94339441
94349442 cat >>confdefs.h <<\_ACEOF
98009808 CPPFLAGS="$CPPFLAGS -I${with_ldap}/include"
98019809
98029810 # this is CMU ADD LIBPATH
9803 if test "$andrew_runpath_switch" = "none" ; then
9811 if test "$andrew_cv_runpath_switch" = "none" ; then
98049812 LDFLAGS="-L${with_ldap}/lib ${LDFLAGS}"
98059813 else
9806 LDFLAGS="-L${with_ldap}/lib $andrew_runpath_switch${with_ldap}/lib ${LDFLAGS}"
9814 LDFLAGS="-L${with_ldap}/lib $andrew_cv_runpath_switch${with_ldap}/lib ${LDFLAGS}"
98079815 fi
98089816
98099817 fi
1414 AC_DEFINE_UNQUOTED(PATH_SASLAUTHD_RUNDIR, "$with_saslauthd",[Location of saslauthd socket])
1515 AM_CONDITIONAL(SASLAUTHD, test "$with_saslauthd" != no)
1616
17 AM_INIT_AUTOMAKE(saslauthd,2.1.23)
17 AM_INIT_AUTOMAKE(saslauthd,2.1.24)
1818 CMU_INIT_AUTOMAKE
1919
2020 dnl Checks for programs.
5454 #include <openssl/des.h>
5555 #endif
5656
57 #define LDAP_DEPRECATED 1
5758 #include <ldap.h>
5859 #include <lber.h>
5960 #include <sasl.h>
158159 if (buf[strlen(buf)-1] == '\n')
159160 buf[strlen(buf)-1] = '\0';
160161 for (p = buf; *p && isspace((int) *p); p++);
161 if (!*p || *p == '#')
162 continue;
162 if (!*p || *p == '#')
163 continue;
163164
164165 key = p;
165166 while (*p && (isalnum((int) *p) || *p == '-' || *p == '_')) {
154154 char *auth_mech_name = NULL;
155155 size_t pid_file_size;
156156
157 /* XXX force openlog() before any of our mechs try syslog() */
158 logger(L_INFO, L_FUNC, "starting %s", argv[0]);
159
157160 SET_AUTH_PARAMETERS(argc, argv);
158161
159162 g_argc = argc;
247250 exit(1);
248251 }
249252
253 /* Create our working directory */
254 if (mkdir(run_path, 0755) == -1 && errno != EEXIST) {
255 logger(L_ERR, L_FUNC, "can not mkdir: %s", run_path);
256 logger(L_ERR, L_FUNC, "Check to make sure the parent directory exists and is");
257 logger(L_ERR, L_FUNC, "writeable by the user this process runs as.");
258 exit(1);
259 }
260
250261 set_auth_mech(auth_mech_name);
251262
252263 if (flags & VERBOSE) {
275286 exit(1);
276287 }
277288
278 umask(077);
289 umask(0077);
279290
280291 pid_file_size = strlen(run_path) + sizeof(PID_FILE_LOCK) + 1;
281292 if ((pid_file_lock = malloc(pid_file_size)) == NULL) {
286297 strlcpy(pid_file_lock, run_path, pid_file_size);
287298 strlcat(pid_file_lock, PID_FILE_LOCK, pid_file_size);
288299
289 if ((pid_file_lock_fd = open(pid_file_lock, O_CREAT|O_TRUNC|O_RDWR, 644)) < 0) {
300 if ((pid_file_lock_fd = open(pid_file_lock, O_CREAT|O_TRUNC|O_RDWR, 0644)) < 0) {
290301 rc = errno;
291302 logger(L_ERR, L_FUNC, "could not open pid lock file: %s", pid_file_lock);
292303 logger(L_ERR, L_FUNC, "open: %s", strerror(rc));
3636
3737 --HH _h_o_s_t_n_a_m_e
3838 The remote host to be contacted by the rimap authentication mech-
39 anism. (Depricated, use -O instead)
39 anism. (Deprecated, use -O instead)
4040
4141 --mm _p_a_t_h
4242 Use _p_a_t_h as the pathname to the named socket to listen on for
5050 Use _t_h_r_e_a_d_s processes for responding to authentication queries.
5151 (default: 5) A value of zero will indicate that saslauthd should
5252 fork an individual process for each connection. This can solve
53 leaks that occur in some deployments..
53 leaks that occur in some deployments.
5454
5555 --ss _s_i_z_e
5656 Use _s_i_z_e as the table size of the hash table (in kilobytes)
6363
6464 --hh Show usage information
6565
66 --cc Enable cacheing of authentication credentials
66 --cc Enable caching of authentication credentials
6767
6868 --ll Disable the use of a lock file for controlling access to
6969 accept().
7171 --rr Combine the realm with the login (with an ’@’ sign in between).
7272 e.g. login: "foo" realm: "bar" will get passed as login:
7373 "foo@bar". Note that the realm will still be passed, which may
74 lead to unexpected behavior.
74 lead to unexpected behaviour.
7575
7676 --vv Print the version number and available authentication mechanisms
7777 on standard error, then exit.
7979 --dd Debugging mode.
8080
8181 LLooggggiinngg
82 ssaassllaauutthhdd logs it’s activities via ssyyssllooggdd using the LOG_AUTH facility.
82 ssaassllaauutthhdd logs its activities via ssyyssllooggdd using the LOG_AUTH facility.
8383
8484 AAUUTTHHEENNTTIICCAATTIIOONN MMEECCHHAANNIISSMMSS
8585 ssaassllaauutthhdd supports one or more "authentication mechanisms", dependent
9595
9696 Authenticate using the ggeettppwweenntt() library function. Typically
9797 this authenticates against the local password file. See your
98 systems getpwent(3) man page for details.
98 system’s getpwent(3) man page for details.
9999
100100 kerberos4 _(_A_l_l _p_l_a_t_f_o_r_m_s_)
101101
144144 sasldb _(_A_l_l _p_l_a_t_f_o_r_m_s_)
145145
146146 Authenticate against the SASL authentication database. Note
147 that this is probabally not what you want to be using, and is
148 even disabled at compile-time by default. If you want to use
147 that this is probably not what you want to use, and is even
148 disabled at compile-time by default. If you want to use
149149 sasldb with the SASL library, you probably want to use the
150150 pwcheck_method of "auxprop" along with the sasldb auxprop plu-
151151 gin instead.
0 .\" $Id: saslauthd.mdoc,v 1.18 2004/03/25 18:24:26 rjs3 Exp $
0 .\" $Id: saslauthd.mdoc,v 1.19 2009/04/11 20:08:48 mel Exp $
11 .\" Copyright 1997-2001 Messaging Direct Ltd. All rights reserved.
22 .\"
33 .\" This manpage uses the BSD mdoc manpage macros. Please don't
6363 .It Fl H Ar hostname
6464 The remote host to be contacted by the
6565 .Li rimap
66 authentication mechanism. (Depricated, use -O instead)
66 authentication mechanism. (Deprecated, use -O instead)
6767 .It Fl m Ar path
6868 Use
6969 .Ar path
7878 processes for responding to authentication queries. (default: 5) A
7979 value of zero will indicate that saslauthd should fork an individual
8080 process for each connection. This can solve leaks that occur in some
81 deployments..
81 deployments.
8282 .It Fl s Ar size
8383 Use
8484 .Ar size
9292 .It Fl h
9393 Show usage information
9494 .It Fl c
95 Enable cacheing of authentication credentials
95 Enable caching of authentication credentials
9696 .It Fl l
9797 Disable the use of a lock file for controlling access to accept().
9898 .It Fl r
9999 Combine the realm with the login (with an '@' sign in between). e.g.
100100 login: "foo" realm: "bar" will get passed as login: "foo@bar". Note that
101 the realm will still be passed, which may lead to unexpected behavior.
101 the realm will still be passed, which may lead to unexpected behaviour.
102102 .It Fl v
103103 Print the version number and available authentication
104104 mechanisms on standard error, then exit.
107107 .El
108108 .Ss Logging
109109 .Nm
110 logs it's activities via
110 logs its activities via
111111 .Nm syslogd
112112 using the
113113 .Dv LOG_AUTH
131131 Authenticate using the
132132 .Fn getpwent
133133 library function. Typically this authenticates against the
134 local password file. See your systems
134 local password file. See your system's
135135 .Xr getpwent 3
136136 man page for details.
137137 .It Li kerberos4
206206 .Em (All platforms)
207207 .Pp
208208 Authenticate against the
209 SASL authentication database. Note that this is probabally not what you
210 want to be using, and is even disabled at compile-time by default.
209 SASL authentication database. Note that this is probably not what you
210 want to use, and is even disabled at compile-time by default.
211211 If you want to use sasldb with the SASL library, you probably want to
212212 use the pwcheck_method of "auxprop" along with the sasldb auxprop plugin
213213 instead.
00 # Makefile.am for the SASLdb library
11 # Rob Siemborski
2 # $Id: Makefile.am,v 1.31.2.1 2009/04/27 17:58:26 murch Exp $
2 # $Id: Makefile.am,v 1.32 2009/05/07 13:49:31 murch Exp $
33 # Copyright (c) 2000 Carnegie Mellon University. All rights reserved.
44 #
55 # Redistribution and use in source and binary forms, with or without
4141
4242 # Library version info - here at the top, for sanity
4343 # Note that this doesn't necessaraly follow the libsasl2 verison info
44 sasl_version = 1:23:0
44 sasl_version = 1:24:0
4545
4646 INCLUDES=-I$(top_srcdir)/include -I$(top_builddir)/include @SASL_DB_INC@
4747
1515
1616 # Makefile.am for the SASLdb library
1717 # Rob Siemborski
18 # $Id: Makefile.am,v 1.31.2.1 2009/04/27 17:58:26 murch Exp $
18 # $Id: Makefile.am,v 1.32 2009/05/07 13:49:31 murch Exp $
1919 # Copyright (c) 2000 Carnegie Mellon University. All rights reserved.
2020 #
2121 # Redistribution and use in source and binary forms, with or without
130130 LIB_PGSQL = @LIB_PGSQL@
131131 LIB_SOCKET = @LIB_SOCKET@
132132 LIB_SQLITE = @LIB_SQLITE@
133 LIB_SQLITE3 = @LIB_SQLITE3@
133134 LN_S = @LN_S@
134135 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
135136 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
231232
232233 # Library version info - here at the top, for sanity
233234 # Note that this doesn't necessaraly follow the libsasl2 verison info
234 sasl_version = 1:23:0
235 sasl_version = 1:24:0
235236
236237 INCLUDES = -I$(top_srcdir)/include -I$(top_builddir)/include @SASL_DB_INC@
237238
00 /* db_berkeley.c--SASL berkeley db interface
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: allockey.c,v 1.8 2006/04/10 13:26:51 mel Exp $
3 * $Id: allockey.c,v 1.9 2008/10/30 14:17:08 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
186186 const char *param = SASL_AUX_PASSWORD;
187187 param++; /* skip leading * */
188188 return _sasldb_putdata(utils, context, authid, realm, param,
189 (secret ? secret->data : NULL),
189 (const char *) (secret ? secret->data : NULL),
190190 (secret ? secret->len : 0));
191191 }
192192
00 /* db_berkeley.c--SASL berkeley db interface
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: db_berkeley.c,v 1.8 2006/04/03 10:58:19 mel Exp $
3 * $Id: db_berkeley.c,v 1.9 2008/10/23 19:24:46 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
4949 #include <sys/stat.h>
5050 #include <stdlib.h>
5151 #include <assert.h>
52 #include <errno.h>
5253 #include "sasldb.h"
5354
5455 static int db_ok = 0;
113114 #endif /* DB_VERSION_MAJOR < 3 */
114115
115116 if (ret != 0) {
117 if (rdwr == 0 && ret == ENOENT) {
118 /* File not found and we are only reading the data.
119 Treat as SASL_NOUSER. */
120 return SASL_NOUSER;
121 }
116122 utils->log(conn, SASL_LOG_ERR,
117123 "unable to open Berkeley db %s: %s",
118124 path, db_strerror(ret));
132132 LIB_PGSQL = @LIB_PGSQL@
133133 LIB_SOCKET = @LIB_SOCKET@
134134 LIB_SQLITE = @LIB_SQLITE@
135 LIB_SQLITE3 = @LIB_SQLITE3@
135136 LN_S = @LN_S@
136137 LTGETADDRINFOOBJS = @LTGETADDRINFOOBJS@
137138 LTGETNAMEINFOOBJS = @LTGETNAMEINFOOBJS@
4646 saslpasswd2.exe: $(saslpwd_objs)
4747 $(LINK32EXE) @<< $(LINK32EXE_FLAGS) /pdb:"saslpasswd2.pdb" /out:"saslpasswd2.exe" $(saslpwd_objs)
4848 <<
49 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;1
4950
5051 sasldblistusers2.exe: $(sasldblistusers_objs)
5152 $(LINK32EXE) @<< $(LINK32EXE_FLAGS) $(SASL_DB_LIB) /pdb:"sasldblistusers2.pdb" /out:"sasldblistusers2.exe" $(sasldblistusers_objs)
5253 <<
54 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;1
5355
5456 testsuite.exe: $(testsuite_objs)
5557 $(LINK32EXE) @<< $(LINK32EXE_FLAGS) /pdb:"testsuite.pdb" /out:"testsuite.exe" $(testsuite_objs)
5658 <<
59 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;1
5760
5861 pluginviewer.exe: $(pluginviewer_objs)
5962 $(LINK32EXE) @<< $(LINK32EXE_FLAGS) /pdb:"pluginviewer.pdb" /out:"pluginviewer.exe" $(pluginviewer_objs)
6063 <<
64 IF EXIST $@.manifest mt -manifest $@.manifest -outputresource:$@;1
6165
6266 CLEAN :
6367 -@erase $(all_objs)
6468 -@erase "*.idb"
6569 -@erase "*.pch"
6670 -@erase "*.pdb"
71 -@erase "*.manifest"
6772 -@erase $(all_out)
6873
6974 .c.obj::
100100 Specifies a colon-separated search path for plugins.
101101 .SH SEE ALSO
102102 .TP
103 rfc2222 \- Simple Authentication and Security Layer (SASL)
103 rfc4422 \- Simple Authentication and Security Layer (SASL)
00 /* pluginviewer.c -- Plugin Viewer for CMU SASL
11 * Alexey Melnikov, Isode Ltd.
22 *
3 * $Id: pluginviewer.c,v 1.4 2006/04/26 15:34:34 mel Exp $
3 * $Id: pluginviewer.c,v 1.7 2009/02/14 14:42:46 mel Exp $
44 */
55 /*
66 * Copyright (c) 2004 Carnegie Mellon University. All rights reserved.
9292
9393 static const char *progname = NULL;
9494 /* SASL authentication methods (client or server side). NULL means all. */
95 static char *mech = NULL;
95 static char *sasl_mech = NULL;
9696 /* auxprop methods. NULL means all. */
9797 static char *auxprop_mech = NULL;
9898
228228 Used to restrict the mechanisms to a subset of the installed plugins.
229229 Default: NULL (i.e. all available) */
230230 if (result != NULL) {
231 *result = mech;
231 *result = sasl_mech;
232232 }
233233
234234 if (len != NULL) {
235235 /* This might be NULL, which means "all mechanisms" */
236 *len = mech ? strlen(mech) : 0;
236 *len = sasl_mech ? strlen(sasl_mech) : 0;
237237 }
238238 return (SASL_OK);
239239 }
484484 break;
485485
486486 case 'm':
487 mech = optarg;
487 sasl_mech = optarg;
488488 break;
489489
490490 case 'f':
535535 fprintf(stderr, "%s: Usage: %s [-a] [-s] [-c] [-b min=N,max=N] [-e ssf=N,id=ID] [-m MECHS] [-x AUXPROP_MECH] [-f FLAGS] [-i local=IP,remote=IP] [-p PATH]\n"
536536 "\t-a\tlist auxprop plugins\n"
537537 "\t-s\tlist server authentication (SASL) plugins\n"
538 "\t-s\tlist client authentication (SASL) plugins\n"
538 "\t-c\tlist client authentication (SASL) plugins\n"
539539 "\t-b ...\t#bits to use for encryption\n"
540540 "\t\tmin=N\tminumum #bits to use (1 => integrity)\n"
541541 "\t\tmax=N\tmaximum #bits to use\n"
554554 #ifdef WIN32
555555 "\t-p PATH\tsemicolon-separated search path for mechanisms\n",
556556 #else
557 "\t-p PATH\tcolon-seperated search path for mechanisms\n",
557 "\t-p PATH\tcolon-separated search path for mechanisms\n",
558558 #endif
559559 progname, progname);
560560 exit(EXIT_FAILURE);
578578 }
579579
580580 /* getopt */
581 /* NOTE: this will return "sasl_mech" option, however this HAS NO EFFECT
582 on client side SASL plugins, which just never query this option */
581583 callback->id = SASL_CB_GETOPT;
582584 callback->proc = &sasl_getopt;
583585 callback->context = NULL;
619621 saslfail(result, "Initializing server side of libsasl", NULL);
620622 }
621623
624 if (list_all_plugins || list_auxprop_plugins) {
625 list_of_auxprop_mechs = NULL;
626
627 auxprop_plugin_info (NULL, /* list all auxprop mechanisms */
628 &list_installed_auxprop_mechanisms,
629 (void *) &list_of_auxprop_mechs);
630
631 printf ("Installed and properly configured auxprop mechanisms are:\n%s\n",
632 (list_of_auxprop_mechs == NULL) ? "<none>" : list_of_auxprop_mechs);
633
634 free (list_of_auxprop_mechs);
635
636
637 auxprop_plugin_info (auxprop_mech, NULL, NULL);
638 }
639
640 /* TODO: add listing of canonicalization plugins, if needed. */
641
622642 if (list_all_plugins || list_server_auth_plugins) {
623
624643 /* SASL server plugins */
644 /* List all loaded plugins first */
645 list_of_server_mechs = NULL;
646
647 sasl_server_plugin_info (NULL, /* list all SASL mechanisms */
648 &list_installed_server_mechanisms,
649 (void *) &list_of_server_mechs);
650
651 printf ("Installed and properly configured SASL (server side) mechanisms are:\n %s\n", list_of_server_mechs);
652
653 free (list_of_server_mechs);
654
655 /* Now list plugins matching the criteria */
625656 result = sasl_server_new(service,
626657 /* Has to be any non NULL value */
627658 "test.example.com", /* localdomain */
635666 saslfail(result, "Allocating sasl connection state (server side)", NULL);
636667 }
637668
638 /* The following two options are required for SSF */
669 /* The following two options are required for SASL EXTERNAL */
639670 if (extssf) {
640671 result = sasl_setprop(server_conn,
641672 SASL_SSF_EXTERNAL,
664695 saslfail(result, "Setting security properties", NULL);
665696 }
666697
667 /* This will use getopt callback, which is using the "mech" global variable */
698 /* NOTE - available_mechs must not be freed */
668699 result = sasl_listmech(server_conn,
669700 ext_authid,
670701 NULL,
677708 saslfail(result, "Setting security properties", NULL);
678709 }
679710
711 /* NOTE: available_mechs contains subset of sasl_mech */
712
680713 if (count > 0) {
681 list_of_server_mechs = NULL;
682
683 sasl_server_plugin_info (NULL, /* list all SASL mechanisms */
684 &list_installed_server_mechanisms,
685 (void *) &list_of_server_mechs);
686
687 printf ("Installed SASL (server side) mechanisms are:\n%s\n", list_of_server_mechs);
688
689 free (list_of_server_mechs);
714 printf ("Available SASL (server side) mechanisms matching your criteria are:\n %s\n", available_mechs);
690715
691716 /* Dump information about the requested SASL mechanism */
692 /* NOTE - available_mechs must not be freed */
693717 sasl_server_plugin_info (available_mechs, NULL, NULL);
694718 } else {
695 printf ("No server side SASL mechanisms installed\n");
696 }
697 }
698
699 if (list_all_plugins || list_auxprop_plugins) {
700 list_of_auxprop_mechs = NULL;
701
702 auxprop_plugin_info (NULL, /* list all auxprop mechanisms */
703 &list_installed_auxprop_mechanisms,
704 (void *) &list_of_auxprop_mechs);
705
706 printf ("Installed auxprop mechanisms are:\n%s\n", list_of_auxprop_mechs);
707
708 free (list_of_auxprop_mechs);
709
710
711 auxprop_plugin_info (auxprop_mech, NULL, NULL);
712 }
713
714 /* TODO: add listing of canonicalization plugins, if needed. */
719 printf ("No server side SASL mechanisms matching your criteria found\n");
720 }
721 }
715722
716723 if (list_all_plugins || list_client_auth_plugins) {
717724 /* SASL client plugins */
725 /* List all loaded plugins first */
726 list_of_client_mechs = NULL;
727
728 sasl_client_plugin_info (NULL, /* list all SASL mechanisms */
729 &list_installed_client_mechanisms,
730 (void *) &list_of_client_mechs);
731
732 printf ("Installed and properly configured SASL (client side) mechanisms are:\n %s\n",
733 (list_of_client_mechs != NULL) ? list_of_client_mechs : "<none>");
734
735 free (list_of_client_mechs);
736
737 /* Now list plugins matching the criteria */
718738 result = sasl_client_new(service,
719739 /* Has to be any non NULL value */
720740 "test.example.com", /* fqdn */
757777 saslfail(result, "Setting security properties", NULL);
758778 }
759779
760 /* This will use getopt callback, which is using the "mech" global variable */
780 /* NOTE - available_mechs must not be freed */
761781 result = sasl_listmech(client_conn,
762 ext_authid,
763 NULL,
764 " ",
765 NULL,
766 &available_mechs,
767 &len,
768 &count);
782 ext_authid,
783 NULL,
784 " ",
785 NULL,
786 &available_mechs,
787 &len,
788 &count);
769789 if (result != SASL_OK) {
770790 saslfail(result, "Setting security properties", NULL);
771791 }
772792
773793 if (count > 0) {
774 list_of_client_mechs = NULL;
775
776 sasl_client_plugin_info (NULL, /* list all SASL mechanisms */
777 &list_installed_client_mechanisms,
778 (void *) &list_of_client_mechs);
779
780 printf ("Installed SASL (client side) mechanisms are:\n%s\n", list_of_client_mechs);
781
782 free (list_of_client_mechs);
783
794 printf ("Available SASL (client side) mechanisms matching your criteria are:\n %s\n", available_mechs);
784795
785796 /* Dump information about the requested SASL mechanism */
786 /* NOTE - available_mechs must not be freed */
787 sasl_client_plugin_info (available_mechs, NULL, NULL);
797 sasl_client_plugin_info (sasl_mech, NULL, NULL);
788798 } else {
789 printf ("No client side SASL mechanisms installed\n");
799 printf ("No client side SASL mechanisms matching your criteria found\n");
790800 }
791801 }
792802
00 /* sasldblistusers.c -- list users in sasldb
1 * $Id: sasldblistusers.c,v 1.22 2003/10/03 20:30:14 rjs3 Exp $
1 * $Id: sasldblistusers.c,v 1.23 2009/01/25 13:03:07 mel Exp $
22 * Rob Siemborski
33 * Tim Martin
44 */
7575 if (sasldb_path && !strcmp(option, "sasldb_path")) {
7676 *result = sasldb_path;
7777 if (len)
78 *len = strlen(sasldb_path);
78 *len = (unsigned) strlen(sasldb_path);
7979 return SASL_OK;
8080 }
8181
6464 .SH SEE ALSO
6565 saslpasswd2(8)
6666 .TP
67 rfc2222 \- Simple Authentication and Security Layer (SASL)
67 rfc4422 \- Simple Authentication and Security Layer (SASL)
194194 fflush(stdout);
195195 }
196196 #else
197 SetConsoleMode(hStdin, fdwOldMode);
197 SetConsoleMode(hStdin, fdwOldMode);
198198 putchar('\n');
199199 fflush(stdout);
200200 #endif /*WIN32*/
242242 if (sasldb_path && !strcmp(option, "sasldb_path")) {
243243 *result = sasldb_path;
244244 if (len)
245 *len = strlen(sasldb_path);
245 *len = (unsigned) strlen(sasldb_path);
246246 return SASL_OK;
247247 }
248248
260260 int flag_pipe = 0, flag_create = 0, flag_disable = 0, flag_error = 0;
261261 int flag_nouserpass = 0;
262262 int c;
263 char *userid, *password, *verify;
264 unsigned passlen, verifylen;
263 char *userid;
264 char *password = NULL;
265 char *verify;
266 unsigned passlen = 0;
267 unsigned verifylen;
265268 const char *errstr = NULL;
266269 int result;
267270 sasl_conn_t *conn;
101101 .SH SEE ALSO
102102 sasldblistusers2(8)
103103 .TP
104 rfc2222 \- Simple Authentication and Security Layer (SASL)
104 rfc4422 \- Simple Authentication and Security Layer (SASL)
209209 char in[4096];
210210 const char *out;
211211 unsigned int inlen, outlen;
212 unsigned len;
212213 char out64[4096];
213214 int c;
214215
466467 } else if (code != 334) {
467468 /* unexpected response */
468469 break;
470 }
471 len = strlen(buf);
472 if (len > 0 && buf[len-1] == '\n') {
473 buf[len-1] = '\0';
469474 }
470475 r = sasl_decode64(buf + 4, strlen(buf) - 6, in, 4096, &inlen);
471476 if (r != SASL_OK) break;
00 /* testsuite.c -- Stress the library a little
11 * Rob Siemborski
22 * Tim Martin
3 * $Id: testsuite.c,v 1.46 2006/04/25 14:39:04 mel Exp $
3 * $Id: testsuite.c,v 1.47 2008/10/30 14:16:51 mel Exp $
44 */
55 /*
66 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
246246 out = malloc(size);
247247
248248 if(DETAILED_MEMORY_DEBUGGING)
249 fprintf(stderr, " %X = malloc(%u)\n", (unsigned)out, (unsigned) size);
249 fprintf(stderr, " %p = malloc(%u)\n", out, (unsigned) size);
250250
251251 if(out) {
252252 new_data = malloc(sizeof(mem_info_t));
269269 out = realloc(ptr, size);
270270
271271 if(DETAILED_MEMORY_DEBUGGING)
272 fprintf(stderr, " %X = realloc(%X,%d)\n",
273 (unsigned)out, (unsigned)ptr, size);
272 fprintf(stderr, " %p = realloc(%p,%d)\n",
273 out, ptr, size);
274274
275275 prev = &head; cur = head;
276276
309309 out = calloc(nmemb, size);
310310
311311 if(DETAILED_MEMORY_DEBUGGING)
312 fprintf(stderr, " %X = calloc(%d, %d)\n",
313 (unsigned)out, nmemb, size);
312 fprintf(stderr, " %p = calloc(%d, %d)\n",
313 out, nmemb, size);
314314
315315 if(out) {
316316 new_data = malloc(sizeof(mem_info_t));
331331 mem_info_t **prev, *cur;
332332
333333 if(DETAILED_MEMORY_DEBUGGING)
334 fprintf(stderr, " free(%X)\n",
335 (unsigned)ptr);
334 fprintf(stderr, " free(%p)\n",
335 ptr);
336336
337337 prev = &head; cur = head;
338338
371371
372372 fprintf(stderr, " Currently Still Allocated:\n");
373373 for(cur = head; cur; cur = cur->next) {
374 fprintf(stderr, " %X (%5d)\t", (unsigned)cur->addr, cur->size);
374 fprintf(stderr, " %p (%5d)\t", cur->addr, cur->size);
375375 for(data = (unsigned char *) cur->addr,
376376 n = 0; n < (cur->size > 12 ? 12 : cur->size); n++) {
377377 if (isprint((int) data[n]))
704704 sasl_conn_t *saslconn, *cconn;
705705 int result;
706706 const char *str = NULL;
707 unsigned int plen;
708 unsigned lup, flag, pcount;
707 unsigned plen;
708 unsigned lup, flag;
709 int pcount;
709710 const char **list;
710711
711712 /* test without initializing library */
927928
928929 for (lup=0;lup<(int) sizeof(buf);lup++)
929930 {
930 buf[lup] = (rand() % 256);
931 buf[lup] = (char) (rand() % 256);
931932 }
932933 sasl_randseed(rpool, buf, sizeof(buf));
933934 sasl_churn(rpool, buf, sizeof(buf));
0 #Can this be autogenerated?
1 #Keep in sync with include/sasl.h and win32/include/config.h
2 SASL_VERSION_MAJOR=2
3 SASL_VERSION_MINOR=1
4 SASL_VERSION_STEP=25
5
6 !IF "$(STATIC)" == ""
7 STATIC=yes
8 !ENDIF
9
10 # Uncomment the following line, if you want to use Visual Studio 6
11 #VCVER=6
12
13 # Use in Visual Studio 6 & 7:
14 #EXCEPTHANDLING=/GX
15
16 # Use in Visual Studio 8:
17 EXCEPTHANDLING=/EHsc
18
19 # Define compiler/linker/etc.
20
21 CPP=cl.exe /nologo
22 LINK32=link.exe /nologo
23 LINK32DLL=$(LINK32) /dll
24 LINK32EXE=$(LINK32)
25 # It seems that -lib must be the first parameter
26 LINK32LIB=link.exe /lib /nologo
27
28 SYS_LIBS=ws2_32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib
29
30 !IF "$(BITS)" == "64"
31 SYS_LIBS=$(SYS_LIBS) bufferoverflowU.lib
32 !ENDIF
33
34 # Define the minimal Windows OS you want to run on:40 (NT), 50 (W2K), 51 (XP)
35 # Default is no restrictions. Currently we only check for 51 or later.
36 #TARGET_WIN_SYSTEM=51
37
38 !IF "$(TARGET_WIN_SYSTEM)" == ""
39 !IF "$(VERBOSE)" != "0"
40 !MESSAGE Applications and libraries should run on any Win32 system.
41 !ENDIF
42 TARGET_WIN_SYSTEM=0
43 !ENDIF
44
45 # prefix variable is currently only being used by install target
46 !IF "$(prefix)" == ""
47 prefix=C:\CMU
48 !IF "$(VERBOSE)" != "0"
49 !MESSAGE Default installation directory is $(prefix).
50 !ENDIF
51 !ENDIF
52
53 !IF "$(CFG)" == ""
54 CFG=Release
55 !IF "$(VERBOSE)" != "0"
56 !MESSAGE No configuration specified. Defaulting to $(CFG).
57 !ENDIF
58 !ENDIF
59
60 !IF "$(DB_LIB)" == ""
61 DB_LIB=libdb41s.lib
62 !IF "$(VERBOSE)" != "0"
63 !MESSAGE Defaulting SleepyCat library name to $(DB_LIB).
64 !ENDIF
65 !ENDIF
66
67 !IF "$(DB_INCLUDE)" == ""
68 DB_INCLUDE=c:\work\isode\db\build_win32
69 !IF "$(VERBOSE)" != "0"
70 !MESSAGE Defaulting SleepyCat include path to $(DB_INCLUDE).
71 !ENDIF
72 !ENDIF
73
74 !IF "$(DB_LIBPATH)" == ""
75 DB_LIBPATH=c:\work\isode\db\build_win32\Release_static
76 !IF "$(VERBOSE)" != "0"
77 !MESSAGE Defaulting SleepyCat library path to $(DB_LIBPATH).
78 !ENDIF
79 !ENDIF
80
81 !IF "$(OPENSSL_INCLUDE)" == ""
82 OPENSSL_INCLUDE="D:\openssl\engine-0.9.6g-md3\include"
83 !IF "$(VERBOSE)" != "0"
84 !MESSAGE Defaulting OpenSSL Include path to $(OPENSSL_INCLUDE).
85 !ENDIF
86 !ENDIF
87
88 !IF "$(OPENSSL_LIBPATH)" == ""
89 OPENSSL_LIBPATH="D:\openssl\engine-0.9.6g-md3\lib"
90 !IF "$(VERBOSE)" != "0"
91 !MESSAGE Defaulting OpenSSL library path to $(OPENSSL_LIBPATH).
92 !ENDIF
93 !ENDIF
94
95 !IF "$(GSSAPI_INCLUDE)" == ""
96 GSSAPI_INCLUDE="C:\Program Files\CyberSafe\Developer Pack\ApplicationSecuritySDK\include"
97 !IF "$(VERBOSE)" != "0"
98 !MESSAGE Defaulting GSSAPI Include path to $(GSSAPI_INCLUDE).
99 !ENDIF
100 !ENDIF
101
102 !IF "$(GSSAPI_LIBPATH)" == ""
103 GSSAPI_LIBPATH="C:\Program Files\CyberSafe\Developer Pack\ApplicationSecuritySDK\lib"
104 !IF "$(VERBOSE)" != "0"
105 !MESSAGE Defaulting GSSAPI library path to $(GSSAPI_LIBPATH).
106 !ENDIF
107 !ENDIF
108
109 !IF "$(SQLITE_INCLUDE)" == ""
110 SQLITE_INCLUDES=/I"C:\work\open_source\sqllite\sqlite\src" /I"C:\work\open_source\sqllite\sqlite\win32"
111 !IF "$(VERBOSE)" != "0"
112 !MESSAGE Defaulting SQLITE_INCLUDES includes to $(SQLITE_INCLUDES).
113 !ENDIF
114 !ENDIF
115
116 !IF "$(SQLITE_LIBPATH)" == ""
117 SQLITE_LIBPATH="C:\work\open_source\sqllite\sqlite\objs"
118 !IF "$(VERBOSE)" != "0"
119 !MESSAGE Defaulting SQLITE library path to $(SQLITE_LIBPATH).
120 !ENDIF
121 !ENDIF
122
123 !IF "$(SQLITE_INCLUDE3)" == ""
124 SQLITE_INCLUDES3=/I"c:\work\sqlite\generated"
125 !IF "$(VERBOSE)" != "0"
126 !MESSAGE Defaulting SQLITE_INCLUDES3 includes to $(SQLITE_INCLUDES3).
127 !ENDIF
128 !ENDIF
129
130 !IF "$(SQLITE_LIBPATH3)" == ""
131 SQLITE_LIBPATH3="c:\work\sqlite\objs.NT"
132 !IF "$(VERBOSE)" != "0"
133 !MESSAGE Defaulting SQLITE library path to $(SQLITE_LIBPATH3).
134 !ENDIF
135 !ENDIF
136
137 !IF "$(LDAP_LIB_BASE)" == ""
138 LDAP_LIB_BASE = c:\work\open_source\openldap\openldap-head\ldap\Debug
139 !IF "$(VERBOSE)" != "0"
140 !MESSAGE Defaulting LDAP library path to $(LDAP_LIB_BASE).
141 !ENDIF
142 !ENDIF
143
144 !IF "$(LDAP_INCLUDE)" == ""
145 LDAP_INCLUDE = c:\work\open_source\openldap\openldap-head\ldap\include
146 !IF "$(VERBOSE)" != "0"
147 !MESSAGE Defaulting LDAP include path to $(LDAP_INCLUDE).
148 !ENDIF
149 !ENDIF
150
151 !IF "$(OS)" == "Windows_NT"
152 NULL=
153 !ELSE
154 NULL=nul
155 !ENDIF
156
157
158 !IF "$(CFG)" == "Release"
159
160 !IF "$(CODEGEN)" == ""
161 !IF "$(STATIC)" == "yes"
162 CODEGEN=/MT
163 !ELSE
164 CODEGEN=/MD
165 !ENDIF
166 !IF "$(VERBOSE)" != "0"
167 !MESSAGE Codegeneration defaulting to $(CODEGEN).
168 !ENDIF
169 !ENDIF
170
171 !IF "$(VCVER)" != "6"
172 ENABLE_WIN64_WARNINGS=/Wp64
173 !ENDIF
174
175 CPP_PROJ= $(CODEGEN) /W3 $(EXCEPTHANDLING) /O2 $(ENABLE_WIN64_WARNINGS) /Zi /D "NDEBUG" $(CPPFLAGS) /FD /c
176
177 incremental=no
178
179 # This use to contain /machine:I386. This breaks cross compiling to Windows 64.
180 # It doesn't seem that the /machine option is needed anyway.
181 LINK32_FLAGS=/debug
182
183 !ELSEIF "$(CFG)" == "Debug"
184
185 !IF "$(CODEGEN)" == ""
186 !IF "$(STATIC)" == "yes"
187 CODEGEN=/MTd
188 !ELSE
189 CODEGEN=/MDd
190 !ENDIF
191 !IF "$(VERBOSE)" != "0"
192 !MESSAGE Codegeneration defaulting to $(CODEGEN).
193 !ENDIF
194 !ENDIF
195
196 CPP_PROJ=$(CODEGEN) /W3 /Gm $(EXCEPTHANDLING) /ZI /Od /D "_DEBUG" $(CPPFLAGS) /FD /GZ /c
197
198 incremental=yes
199
200 # This use to contain /machine:I386. This breaks cross compiling to Windows 64.
201 # It doesn't seem that the /machine option is needed anyway.
202 LINK32_FLAGS=/debug /pdbtype:sept
203
204 !ENDIF
205
206 LINK32DLL_FLAGS=/incremental:$(incremental) $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
207
208 # Assume we are only building console applications
209 LINK32EXE_FLAGS=/subsystem:console /incremental:$(incremental) $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
210
211 # Assume we are only building console applications
212 LINK32EXE_FLAGS=/subsystem:console /incremental:$(incremental) $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
213
214 LINK32LIB_FLAGS=$(LINK32_FLAGS)
11 #Keep in sync with include/sasl.h and win32/include/config.h
22 SASL_VERSION_MAJOR=2
33 SASL_VERSION_MINOR=1
4 SASL_VERSION_STEP=23
4 SASL_VERSION_STEP=24
5
6 !IF "$(STATIC)" == ""
7 STATIC=yes
8 !ENDIF
59
610 # Uncomment the following line, if you want to use Visual Studio 6
711 #VCVER=6
12
13 # Use in Visual Studio 6 & 7:
14 #EXCEPTHANDLING=/GX
15
16 # Use in Visual Studio 8:
17 EXCEPTHANDLING=/EHsc
818
919 # Define compiler/linker/etc.
1020
1222 LINK32=link.exe /nologo
1323 LINK32DLL=$(LINK32) /dll
1424 LINK32EXE=$(LINK32)
25 # It seems that -lib must be the first parameter
26 LINK32LIB=link.exe /lib /nologo
1527
1628 SYS_LIBS=ws2_32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib
29
30 !IF "$(BITS)" == "64"
31 SYS_LIBS=$(SYS_LIBS) bufferoverflowU.lib
32 !ENDIF
1733
1834 # Define the minimal Windows OS you want to run on:40 (NT), 50 (W2K), 51 (XP)
1935 # Default is no restrictions. Currently we only check for 51 or later.
101117 SQLITE_LIBPATH="C:\work\open_source\sqllite\sqlite\objs"
102118 !IF "$(VERBOSE)" != "0"
103119 !MESSAGE Defaulting SQLITE library path to $(SQLITE_LIBPATH).
120 !ENDIF
121 !ENDIF
122
123 !IF "$(SQLITE_INCLUDE3)" == ""
124 SQLITE_INCLUDES3=/I"c:\work\sqlite\generated"
125 !IF "$(VERBOSE)" != "0"
126 !MESSAGE Defaulting SQLITE_INCLUDES3 includes to $(SQLITE_INCLUDES3).
127 !ENDIF
128 !ENDIF
129
130 !IF "$(SQLITE_LIBPATH3)" == ""
131 SQLITE_LIBPATH3="c:\work\sqlite\objs.NT"
132 !IF "$(VERBOSE)" != "0"
133 !MESSAGE Defaulting SQLITE library path to $(SQLITE_LIBPATH3).
104134 !ENDIF
105135 !ENDIF
106136
142172 ENABLE_WIN64_WARNINGS=/Wp64
143173 !ENDIF
144174
145 CPP_PROJ= $(CODEGEN) /W3 /GX /O2 $(ENABLE_WIN64_WARNINGS) /Zi /D "NDEBUG" $(CPPFLAGS) /FD /c
146
147 LINK32_FLAGS=/incremental:no /debug /machine:I386
175 CPP_PROJ= $(CODEGEN) /W3 $(EXCEPTHANDLING) /O2 $(ENABLE_WIN64_WARNINGS) /Zi /D "NDEBUG" $(CPPFLAGS) /FD /c
176
177 incremental=no
178
179 # This use to contain /machine:I386. This breaks cross compiling to Windows 64.
180 # It doesn't seem that the /machine option is needed anyway.
181 LINK32_FLAGS=/debug
148182
149183 !ELSEIF "$(CFG)" == "Debug"
150184
159193 !ENDIF
160194 !ENDIF
161195
162 CPP_PROJ=$(CODEGEN) /W3 /Gm /GX /ZI /Od /D "_DEBUG" $(CPPFLAGS) /FD /GZ /c
163
164 LINK32_FLAGS=/incremental:yes /debug /machine:I386 /pdbtype:sept
165
166 !ENDIF
167
168 LINK32DLL_FLAGS=$(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
196 CPP_PROJ=$(CODEGEN) /W3 /Gm $(EXCEPTHANDLING) /ZI /Od /D "_DEBUG" $(CPPFLAGS) /FD /GZ /c
197
198 incremental=yes
199
200 # This use to contain /machine:I386. This breaks cross compiling to Windows 64.
201 # It doesn't seem that the /machine option is needed anyway.
202 LINK32_FLAGS=/debug /pdbtype:sept
203
204 !ENDIF
205
206 LINK32DLL_FLAGS=/incremental:$(incremental) $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
169207
170208 # Assume we are only building console applications
171 LINK32EXE_FLAGS=/subsystem:console $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
172
209 LINK32EXE_FLAGS=/subsystem:console /incremental:$(incremental) $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
210
211 # Assume we are only building console applications
212 LINK32EXE_FLAGS=/subsystem:console /incremental:$(incremental) $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
213
214 LINK32LIB_FLAGS=$(LINK32_FLAGS)
0 #Can this be autogenerated?
1 #Keep in sync with include/sasl.h and win32/include/config.h
2 SASL_VERSION_MAJOR=2
3 SASL_VERSION_MINOR=1
4 SASL_VERSION_STEP=24
5
6 !IF "$(STATIC)" == ""
7 STATIC=yes
8 !ENDIF
9
10 # Uncomment the following line, if you want to use Visual Studio 6
11 #VCVER=6
12
13 # Use in Visual Studio 6 & 7:
14 #EXCEPTHANDLING=/GX
15
16 # Use in Visual Studio 8:
17 EXCEPTHANDLING=/EHsc
18
19 # Define compiler/linker/etc.
20
21 CPP=cl.exe /nologo
22 LINK32=link.exe /nologo
23 LINK32DLL=$(LINK32) /dll
24 LINK32EXE=$(LINK32)
25 # It seems that -lib must be the first parameter
26 LINK32LIB=link.exe /lib /nologo
27
28 SYS_LIBS=ws2_32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib
29
30 !IF "$(BITS)" == "64"
31 SYS_LIBS=$(SYS_LIBS) bufferoverflowU.lib
32 !ENDIF
33
34 # Define the minimal Windows OS you want to run on:40 (NT), 50 (W2K), 51 (XP)
35 # Default is no restrictions. Currently we only check for 51 or later.
36 #TARGET_WIN_SYSTEM=51
37
38 !IF "$(TARGET_WIN_SYSTEM)" == ""
39 !IF "$(VERBOSE)" != "0"
40 !MESSAGE Applications and libraries should run on any Win32 system.
41 !ENDIF
42 TARGET_WIN_SYSTEM=0
43 !ENDIF
44
45 # prefix variable is currently only being used by install target
46 !IF "$(prefix)" == ""
47 prefix=C:\CMU
48 !IF "$(VERBOSE)" != "0"
49 !MESSAGE Default installation directory is $(prefix).
50 !ENDIF
51 !ENDIF
52
53 !IF "$(CFG)" == ""
54 CFG=Release
55 !IF "$(VERBOSE)" != "0"
56 !MESSAGE No configuration specified. Defaulting to $(CFG).
57 !ENDIF
58 !ENDIF
59
60 !IF "$(DB_LIB)" == ""
61 DB_LIB=libdb41s.lib
62 !IF "$(VERBOSE)" != "0"
63 !MESSAGE Defaulting SleepyCat library name to $(DB_LIB).
64 !ENDIF
65 !ENDIF
66
67 !IF "$(DB_INCLUDE)" == ""
68 DB_INCLUDE=c:\work\isode\db\build_win32
69 !IF "$(VERBOSE)" != "0"
70 !MESSAGE Defaulting SleepyCat include path to $(DB_INCLUDE).
71 !ENDIF
72 !ENDIF
73
74 !IF "$(DB_LIBPATH)" == ""
75 DB_LIBPATH=c:\work\isode\db\build_win32\Release_static
76 !IF "$(VERBOSE)" != "0"
77 !MESSAGE Defaulting SleepyCat library path to $(DB_LIBPATH).
78 !ENDIF
79 !ENDIF
80
81 !IF "$(OPENSSL_INCLUDE)" == ""
82 OPENSSL_INCLUDE="D:\openssl\engine-0.9.6g-md3\include"
83 !IF "$(VERBOSE)" != "0"
84 !MESSAGE Defaulting OpenSSL Include path to $(OPENSSL_INCLUDE).
85 !ENDIF
86 !ENDIF
87
88 !IF "$(OPENSSL_LIBPATH)" == ""
89 OPENSSL_LIBPATH="D:\openssl\engine-0.9.6g-md3\lib"
90 !IF "$(VERBOSE)" != "0"
91 !MESSAGE Defaulting OpenSSL library path to $(OPENSSL_LIBPATH).
92 !ENDIF
93 !ENDIF
94
95 !IF "$(GSSAPI_INCLUDE)" == ""
96 GSSAPI_INCLUDE="C:\Program Files\CyberSafe\Developer Pack\ApplicationSecuritySDK\include"
97 !IF "$(VERBOSE)" != "0"
98 !MESSAGE Defaulting GSSAPI Include path to $(GSSAPI_INCLUDE).
99 !ENDIF
100 !ENDIF
101
102 !IF "$(GSSAPI_LIBPATH)" == ""
103 GSSAPI_LIBPATH="C:\Program Files\CyberSafe\Developer Pack\ApplicationSecuritySDK\lib"
104 !IF "$(VERBOSE)" != "0"
105 !MESSAGE Defaulting GSSAPI library path to $(GSSAPI_LIBPATH).
106 !ENDIF
107 !ENDIF
108
109 !IF "$(SQLITE_INCLUDE)" == ""
110 SQLITE_INCLUDES=/I"C:\work\open_source\sqllite\sqlite\src" /I"C:\work\open_source\sqllite\sqlite\win32"
111 !IF "$(VERBOSE)" != "0"
112 !MESSAGE Defaulting SQLITE_INCLUDES includes to $(SQLITE_INCLUDES).
113 !ENDIF
114 !ENDIF
115
116 !IF "$(SQLITE_LIBPATH)" == ""
117 SQLITE_LIBPATH="C:\work\open_source\sqllite\sqlite\objs"
118 !IF "$(VERBOSE)" != "0"
119 !MESSAGE Defaulting SQLITE library path to $(SQLITE_LIBPATH).
120 !ENDIF
121 !ENDIF
122
123 !IF "$(SQLITE_INCLUDE3)" == ""
124 SQLITE_INCLUDES3=/I"c:\work\sqlite\generated"
125 !IF "$(VERBOSE)" != "0"
126 !MESSAGE Defaulting SQLITE_INCLUDES3 includes to $(SQLITE_INCLUDES3).
127 !ENDIF
128 !ENDIF
129
130 !IF "$(SQLITE_LIBPATH3)" == ""
131 SQLITE_LIBPATH3="c:\work\sqlite\objs.NT"
132 !IF "$(VERBOSE)" != "0"
133 !MESSAGE Defaulting SQLITE library path to $(SQLITE_LIBPATH3).
134 !ENDIF
135 !ENDIF
136
137 !IF "$(LDAP_LIB_BASE)" == ""
138 LDAP_LIB_BASE = c:\work\open_source\openldap\openldap-head\ldap\Debug
139 !IF "$(VERBOSE)" != "0"
140 !MESSAGE Defaulting LDAP library path to $(LDAP_LIB_BASE).
141 !ENDIF
142 !ENDIF
143
144 !IF "$(LDAP_INCLUDE)" == ""
145 LDAP_INCLUDE = c:\work\open_source\openldap\openldap-head\ldap\include
146 !IF "$(VERBOSE)" != "0"
147 !MESSAGE Defaulting LDAP include path to $(LDAP_INCLUDE).
148 !ENDIF
149 !ENDIF
150
151 !IF "$(OS)" == "Windows_NT"
152 NULL=
153 !ELSE
154 NULL=nul
155 !ENDIF
156
157
158 !IF "$(CFG)" == "Release"
159
160 !IF "$(CODEGEN)" == ""
161 !IF "$(STATIC)" == "yes"
162 CODEGEN=/MT
163 !ELSE
164 CODEGEN=/MD
165 !ENDIF
166 !IF "$(VERBOSE)" != "0"
167 !MESSAGE Codegeneration defaulting to $(CODEGEN).
168 !ENDIF
169 !ENDIF
170
171 !IF "$(VCVER)" != "6"
172 ENABLE_WIN64_WARNINGS=/Wp64
173 !ENDIF
174
175 CPP_PROJ= $(CODEGEN) /W3 $(EXCEPTHANDLING) /O2 $(ENABLE_WIN64_WARNINGS) /Zi /D "NDEBUG" $(CPPFLAGS) /FD /c
176
177 incremental=no
178
179 # This use to contain /machine:I386. This breaks cross compiling to Windows 64.
180 # It doesn't seem that the /machine option is needed anyway.
181 LINK32_FLAGS=/debug
182
183 !ELSEIF "$(CFG)" == "Debug"
184
185 !IF "$(CODEGEN)" == ""
186 !IF "$(STATIC)" == "yes"
187 CODEGEN=/MTd
188 !ELSE
189 CODEGEN=/MDd
190 !ENDIF
191 !IF "$(VERBOSE)" != "0"
192 !MESSAGE Codegeneration defaulting to $(CODEGEN).
193 !ENDIF
194 !ENDIF
195
196 CPP_PROJ=$(CODEGEN) /W3 /Gm $(EXCEPTHANDLING) /ZI /Od /D "_DEBUG" $(CPPFLAGS) /FD /GZ /c
197
198 incremental=yes
199
200 # This use to contain /machine:I386. This breaks cross compiling to Windows 64.
201 # It doesn't seem that the /machine option is needed anyway.
202 LINK32_FLAGS=/debug /pdbtype:sept
203
204 !ENDIF
205
206 LINK32DLL_FLAGS=/incremental:$(incremental) $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
207
208 # Assume we are only building console applications
209 LINK32EXE_FLAGS=/subsystem:console /incremental:$(incremental) $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
210
211 # Assume we are only building console applications
212 LINK32EXE_FLAGS=/subsystem:console /incremental:$(incremental) $(LINK32_FLAGS) $(SYS_LIBS) $(EXTRA_LIBS)
213
214 LINK32LIB_FLAGS=$(LINK32_FLAGS)
0 /* config.h--SASL configuration for win32
1 * Ryan Troll
2 */
3 /*
4 * Copyright (c) 1998-2004 Carnegie Mellon University. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. The name "Carnegie Mellon University" must not be used to
19 * endorse or promote products derived from this software without
20 * prior written permission. For permission or any other legal
21 * details, please contact
22 * Office of Technology Transfer
23 * Carnegie Mellon University
24 * 5000 Forbes Avenue
25 * Pittsburgh, PA 15213-3890
26 * (412) 268-4387, fax: (412) 268-7395
27 * tech-transfer@andrew.cmu.edu
28 *
29 * 4. Redistributions of any form whatsoever must retain the following
30 * acknowledgment:
31 * "This product includes software developed by Computing Services
32 * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
33 *
34 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
35 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
36 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
37 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
38 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
39 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
40 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
41 */
42
43 #ifndef CONFIG_H
44 #define CONFIG_H
45
46 #include <stddef.h>
47
48 /* winsock2 includes windows.h.
49 Note that we can't include both winsock.h and winsock2.h as
50 they conflict */
51 #include <winsock2.h>
52
53 /* Our package */
54 #define PACKAGE "cyrus-sasl"
55
56 /* Our version */
57 #define VERSION "2.1.25"
58
59 /* Visual Studio supports prototypes */
60 #define PROTOTYPES 1
61
62 #ifndef HAVE_CADDR_T
63 #ifndef caddr_t
64 typedef unsigned char *caddr_t;
65 #define HAVE_CADDR_T 1
66 #endif
67 #endif
68
69 #ifndef _INTPTR_T_DEFINED
70
71 #ifdef _WIN64
72 typedef __int64 intptr_t;
73 #else
74 typedef int intptr_t;
75 #endif
76
77 #endif
78
79 /* Registry key that contains the locations of the plugins */
80 #define SASL_ROOT_KEY "SOFTWARE\\Carnegie Mellon\\Project Cyrus\\SASL Library"
81 #define SASL_PLUGIN_PATH_ATTR "SearchPath"
82 #define SASL_CONF_PATH_ATTR "ConfFile"
83
84 /* : This should probably be replaced with a call to a function
85 : that gets the proper value from Registry */
86 #define SASL_DB_PATH "c:\\CMU\\sasldb2"
87
88 /* what db package are we using? */
89 /* #undef SASL_GDBM */
90 /* #undef SASL_NDBM */
91 #define SASL_BERKELEYDB 1
92
93 /* which mechs can we link staticly? */
94 #define STATIC_ANONYMOUS 1
95 #define STATIC_CRAMMD5 1
96 #define STATIC_DIGESTMD5 1
97 #define STATIC_GSSAPIV2 1
98 /* #undef STATIC_KERBEROS4 */
99 #define STATIC_LOGIN 1
100 /* #undef STATIC_MYSQL */
101 #define STATIC_OTP 1
102 #define STATIC_PLAIN 1
103 #define STATIC_SASLDB 1
104 #define STATIC_SRP 1
105
106 /* ------------------------------------------------------------ */
107
108 /* Things that are fetched via autoconf under Unix
109 */
110 #define HAVE_MEMCPY 1
111
112 #define PLUGINDIR "C:\\CMU\\bin\\sasl2"
113 #define CONFIGDIR "C:\\CMU\\bin\\sasl2"
114
115 /* Windows calls these functions something else
116 */
117 #define strcasecmp stricmp
118 #define snprintf _snprintf
119 #define strncasecmp strnicmp
120
121 #define MAXHOSTNAMELEN 1024
122
123 /* ------------------------------------------------------------ */
124
125 #define WITHOUT_NANA
126 #define L_DEFAULT_GUARD (0)
127 #define I_DEFAULT_GUARD (0)
128 #define I(foo)
129 #define VL(foo) printf foo;
130 #define VLP(foo,bar)
131
132 /* we're not gcc */
133 #define __attribute__(foo)
134
135 /* : Same as in tpipv6.h */
136 #ifndef HAVE_SOCKLEN_T
137 typedef int socklen_t;
138 #endif /* HAVE_SOCKLEN_T */
139
140 /* If we expect to run on XP and later, we have IPv6 support natively */
141 #if TARGET_WIN_SYSTEM >= 51
142 #if !defined(_WIN32_WINNT)
143 /* This forces the inclusion of OS supported functions, with no fallback */
144 #define _WIN32_WINNT 0x0510
145 #endif
146 #endif
147
148 #if defined(_MSC_VER) && (_MSC_VER >= 1300)
149 /* The following two defines will prevent our own definitions below */
150 #define HAVE_GETADDRINFO
151 #define HAVE_GETNAMEINFO
152 #define HAVE_STRUCT_SOCKADDR_STORAGE
153 /* Unless _WIN32_WINNT > 0x0500, Ws2tcpip.h will try to find OS provided
154 getaddrinfo at runtime. It will fallback to Microsoft emulation,
155 if not found */
156 #include <Ws2tcpip.h>
157 #endif
158
159 #if !defined(HAVE_STRUCT_SOCKADDR_STORAGE) && !defined(_SS_MAXSIZE)
160 #define _SS_MAXSIZE 128 /* Implementation specific max size */
161 #define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr))
162
163 struct sockaddr_storage {
164 struct sockaddr ss_sa;
165 char __ss_pad2[_SS_PADSIZE];
166 };
167 # define ss_family ss_sa.sa_family
168 #endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */
169
170 #ifndef AF_INET6
171 /* Define it to something that should never appear */
172 #define AF_INET6 AF_MAX
173 #endif
174
175 #ifndef HAVE_GETADDRINFO
176 #define getaddrinfo sasl_getaddrinfo
177 #define freeaddrinfo sasl_freeaddrinfo
178 #define gai_strerror sasl_gai_strerror
179 #endif
180
181 #ifndef HAVE_GETNAMEINFO
182 #define getnameinfo sasl_getnameinfo
183 #endif
184
185 #if !defined(HAVE_GETNAMEINFO) || !defined(HAVE_GETADDRINFO)
186 #include "gai.h"
187 #endif
188
189 #ifndef AI_NUMERICHOST /* support glibc 2.0.x */
190 #define AI_NUMERICHOST 4
191 #define NI_NUMERICHOST 2
192 #define NI_NAMEREQD 4
193 #define NI_NUMERICSERV 8
194 #endif
195
196 #include <time.h>
197
198 /* Keep in sync with SleepyCat definitions */
199 typedef int int32_t;
200 typedef __int64 int64_t;
201 #ifdef _WIN64
202 typedef int64_t ssize_t;
203 #else
204 typedef int32_t ssize_t;
205 #endif
206
207 #define HIER_DELIMITER '\\'
208
209 #ifndef sleep
210 #define sleep(seconds) plug_sleep(seconds)
211 unsigned int plug_sleep(unsigned int seconds);
212 #endif
213
214 #endif /* CONFIG_H */
5454 #define PACKAGE "cyrus-sasl"
5555
5656 /* Our version */
57 #define VERSION "2.1.23"
57 #define VERSION "2.1.24"
5858
5959 /* Visual Studio supports prototypes */
6060 #define PROTOTYPES 1
195195
196196 #include <time.h>
197197
198 typedef int ssize_t;
198 /* Keep in sync with SleepyCat definitions */
199 typedef int int32_t;
200 typedef __int64 int64_t;
201 #ifdef _WIN64
202 typedef int64_t ssize_t;
203 #else
204 typedef int32_t ssize_t;
205 #endif
199206
200207 #define HIER_DELIMITER '\\'
201208
0 /* config.h--SASL configuration for win32
1 * Ryan Troll
2 */
3 /*
4 * Copyright (c) 1998-2004 Carnegie Mellon University. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 *
18 * 3. The name "Carnegie Mellon University" must not be used to
19 * endorse or promote products derived from this software without
20 * prior written permission. For permission or any other legal
21 * details, please contact
22 * Office of Technology Transfer
23 * Carnegie Mellon University
24 * 5000 Forbes Avenue
25 * Pittsburgh, PA 15213-3890
26 * (412) 268-4387, fax: (412) 268-7395
27 * tech-transfer@andrew.cmu.edu
28 *
29 * 4. Redistributions of any form whatsoever must retain the following
30 * acknowledgment:
31 * "This product includes software developed by Computing Services
32 * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
33 *
34 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
35 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
36 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
37 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
38 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
39 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
40 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
41 */
42
43 #ifndef CONFIG_H
44 #define CONFIG_H
45
46 #include <stddef.h>
47
48 /* winsock2 includes windows.h.
49 Note that we can't include both winsock.h and winsock2.h as
50 they conflict */
51 #include <winsock2.h>
52
53 /* Our package */
54 #define PACKAGE "cyrus-sasl"
55
56 /* Our version */
57 #define VERSION "2.1.24"
58
59 /* Visual Studio supports prototypes */
60 #define PROTOTYPES 1
61
62 #ifndef HAVE_CADDR_T
63 #ifndef caddr_t
64 typedef unsigned char *caddr_t;
65 #define HAVE_CADDR_T 1
66 #endif
67 #endif
68
69 #ifndef _INTPTR_T_DEFINED
70
71 #ifdef _WIN64
72 typedef __int64 intptr_t;
73 #else
74 typedef int intptr_t;
75 #endif
76
77 #endif
78
79 /* Registry key that contains the locations of the plugins */
80 #define SASL_ROOT_KEY "SOFTWARE\\Carnegie Mellon\\Project Cyrus\\SASL Library"
81 #define SASL_PLUGIN_PATH_ATTR "SearchPath"
82 #define SASL_CONF_PATH_ATTR "ConfFile"
83
84 /* : This should probably be replaced with a call to a function
85 : that gets the proper value from Registry */
86 #define SASL_DB_PATH "c:\\CMU\\sasldb2"
87
88 /* what db package are we using? */
89 /* #undef SASL_GDBM */
90 /* #undef SASL_NDBM */
91 #define SASL_BERKELEYDB 1
92
93 /* which mechs can we link staticly? */
94 #define STATIC_ANONYMOUS 1
95 #define STATIC_CRAMMD5 1
96 #define STATIC_DIGESTMD5 1
97 #define STATIC_GSSAPIV2 1
98 /* #undef STATIC_KERBEROS4 */
99 #define STATIC_LOGIN 1
100 /* #undef STATIC_MYSQL */
101 #define STATIC_OTP 1
102 #define STATIC_PLAIN 1
103 #define STATIC_SASLDB 1
104 #define STATIC_SRP 1
105
106 /* ------------------------------------------------------------ */
107
108 /* Things that are fetched via autoconf under Unix
109 */
110 #define HAVE_MEMCPY 1
111
112 #define PLUGINDIR "C:\\CMU\\bin\\sasl2"
113 #define CONFIGDIR "C:\\CMU\\bin\\sasl2"
114
115 /* Windows calls these functions something else
116 */
117 #define strcasecmp stricmp
118 #define snprintf _snprintf
119 #define strncasecmp strnicmp
120
121 #define MAXHOSTNAMELEN 1024
122
123 /* ------------------------------------------------------------ */
124
125 #define WITHOUT_NANA
126 #define L_DEFAULT_GUARD (0)
127 #define I_DEFAULT_GUARD (0)
128 #define I(foo)
129 #define VL(foo) printf foo;
130 #define VLP(foo,bar)
131
132 /* we're not gcc */
133 #define __attribute__(foo)
134
135 /* : Same as in tpipv6.h */
136 #ifndef HAVE_SOCKLEN_T
137 typedef int socklen_t;
138 #endif /* HAVE_SOCKLEN_T */
139
140 /* If we expect to run on XP and later, we have IPv6 support natively */
141 #if TARGET_WIN_SYSTEM >= 51
142 #if !defined(_WIN32_WINNT)
143 /* This forces the inclusion of OS supported functions, with no fallback */
144 #define _WIN32_WINNT 0x0510
145 #endif
146 #endif
147
148 #if defined(_MSC_VER) && (_MSC_VER >= 1300)
149 /* The following two defines will prevent our own definitions below */
150 #define HAVE_GETADDRINFO
151 #define HAVE_GETNAMEINFO
152 #define HAVE_STRUCT_SOCKADDR_STORAGE
153 /* Unless _WIN32_WINNT > 0x0500, Ws2tcpip.h will try to find OS provided
154 getaddrinfo at runtime. It will fallback to Microsoft emulation,
155 if not found */
156 #include <Ws2tcpip.h>
157 #endif
158
159 #if !defined(HAVE_STRUCT_SOCKADDR_STORAGE) && !defined(_SS_MAXSIZE)
160 #define _SS_MAXSIZE 128 /* Implementation specific max size */
161 #define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr))
162
163 struct sockaddr_storage {
164 struct sockaddr ss_sa;
165 char __ss_pad2[_SS_PADSIZE];
166 };
167 # define ss_family ss_sa.sa_family
168 #endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */
169
170 #ifndef AF_INET6
171 /* Define it to something that should never appear */
172 #define AF_INET6 AF_MAX
173 #endif
174
175 #ifndef HAVE_GETADDRINFO
176 #define getaddrinfo sasl_getaddrinfo
177 #define freeaddrinfo sasl_freeaddrinfo
178 #define gai_strerror sasl_gai_strerror
179 #endif
180
181 #ifndef HAVE_GETNAMEINFO
182 #define getnameinfo sasl_getnameinfo
183 #endif
184
185 #if !defined(HAVE_GETNAMEINFO) || !defined(HAVE_GETADDRINFO)
186 #include "gai.h"
187 #endif
188
189 #ifndef AI_NUMERICHOST /* support glibc 2.0.x */
190 #define AI_NUMERICHOST 4
191 #define NI_NUMERICHOST 2
192 #define NI_NAMEREQD 4
193 #define NI_NUMERICSERV 8
194 #endif
195
196 #include <time.h>
197
198 /* Keep in sync with SleepyCat definitions */
199 typedef int int32_t;
200 typedef __int64 int64_t;
201 #ifdef _WIN64
202 typedef int64_t ssize_t;
203 #else
204 typedef int32_t ssize_t;
205 #endif
206
207 #define HIER_DELIMITER '\\'
208
209 #ifndef sleep
210 #define sleep(seconds) plug_sleep(seconds)
211 unsigned int plug_sleep(unsigned int seconds);
212 #endif
213
214 #endif /* CONFIG_H */