| 1 | #ifndef courierauthsasl_h |
| 2 | #define courierauthsasl_h |
| 3 | |
| 4 | /* |
| 5 | ** Copyright 1998 - 2004 Double Precision, Inc. See COPYING for |
| 6 | ** distribution information. |
| 7 | */ |
| 8 | |
| 9 | #include "courier_auth_config.h" |
| 10 | #include <sys/types.h> |
| 11 | |
| 12 | #ifdef __cplusplus |
| 13 | extern "C" { |
| 14 | #endif |
| 15 | |
| 16 | static const char courierauthsasl_h_rcsid[]="$Id: courierauthsasl.h,v 1.1 2004/10/21 00:10:49 mrsam Exp $"; |
| 17 | |
| 18 | /* |
| 19 | These family of functions are used to implement the SASL interface |
| 20 | on top of authlib. It is mainly used by the authentication user |
| 21 | process to build the authentication request data for authmod() |
| 22 | based upon the SASL challenge/response interaction. |
| 23 | */ |
| 24 | |
| 25 | /* |
| 26 | ** auth_sasl searched for the right method, and calls the appropriate |
| 27 | ** sasl function. authsasl received the following arguments: |
| 28 | ** |
| 29 | ** initresponse -- initial response for the authentication request, |
| 30 | ** if provided. If provided, the actual response MUST BE PROVIDED |
| 31 | ** in initresponse using base64 encoding!!! |
| 32 | ** |
| 33 | ** sasl_func -- the callback function which is used to carry out the |
| 34 | ** SASL conversation. The function receives a single argument, the |
| 35 | ** base64-encoded challenge. The callback function must return |
| 36 | ** a malloced pointer to the base64-encoded response, or NULL to abort |
| 37 | ** SASL. |
| 38 | ** |
| 39 | ** authsasl returns two values, provided via call by reference: |
| 40 | ** the authtype and authdata, suitable for direct arguments to |
| 41 | ** auth_generic(). |
| 42 | */ |
| 43 | |
| 44 | int auth_sasl(const char *, /* Method */ |
| 45 | const char *, /* Initial response - base64encoded */ |
| 46 | char *(*)(const char *, void *), |
| 47 | /* Callback conversation functions */ |
| 48 | void *, /* Passthrough arg */ |
| 49 | char **, /* Returned - AUTHTYPE */ |
| 50 | char **); /* Returned - AUTHDATA */ |
| 51 | |
| 52 | |
| 53 | /* INTERNAL FUNCTIONS BELOW */ |
| 54 | |
| 55 | /* |
| 56 | ** The authsasl_info is built dynamically by configure, it lists the supported |
| 57 | ** SASL methods. Each method is implemented by a function that's prototyped |
| 58 | ** like this: |
| 59 | ** |
| 60 | ** int authsasl_function(const char *method, const char *initresponse, |
| 61 | ** char *(*getresp)(const char *), |
| 62 | ** |
| 63 | ** char **authtype, |
| 64 | ** char **authdata) |
| 65 | ** |
| 66 | ** Normally, there's no need to call the appropriate function directly, as |
| 67 | ** authsasl() automatically searches this array, and finds one. |
| 68 | ** |
| 69 | */ |
| 70 | |
| 71 | struct authsasl_info { |
| 72 | const char *sasl_method; /* In uppercase */ |
| 73 | int (*sasl_func)(const char *method, const char *initresponse, |
| 74 | char *(*getresp)(const char *, void *), |
| 75 | void *, |
| 76 | char **, |
| 77 | char **); |
| 78 | } ; |
| 79 | |
| 80 | extern struct authsasl_info authsasl_list[]; |
| 81 | /* Some convenience functions */ |
| 82 | |
| 83 | char *authsasl_tobase64(const char *, int); |
| 84 | int authsasl_frombase64(char *); |
| 85 | |
| 86 | /* Return values from authsasl */ |
| 87 | |
| 88 | #define AUTHSASL_OK 0 |
| 89 | #define AUTHSASL_ERROR -1 /* |
| 90 | ** System error, usually malloc failure, |
| 91 | ** authsasl reports the error to stderr. |
| 92 | */ |
| 93 | |
| 94 | #define AUTHSASL_ABORTED -2 /* |
| 95 | ** SASL exchange aborted. authsasl does NOT |
| 96 | ** report any errors. |
| 97 | */ |
| 98 | |
| 99 | #ifdef __cplusplus |
| 100 | } |
| 101 | #endif |
| 102 | |
| 103 | #endif |