Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/external/ibm-public/postfix Add SASL client support using th...
details: https://anonhg.NetBSD.org/src/rev/37f28334cfca
branches: trunk
changeset: 761980:37f28334cfca
user: christos <christos%NetBSD.org@localhost>
date: Sat Feb 12 19:07:08 2011 +0000
description:
Add SASL client support using the libsaslc(3) library.
>From Anon Ymous
diffstat:
external/ibm-public/postfix/Makefile.inc | 17 +-
external/ibm-public/postfix/dist/makedefs | 2 +
external/ibm-public/postfix/dist/src/xsasl/xsasl_client.c | 10 +-
external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc.h | 43 +
external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c | 317 ++++++++++
external/ibm-public/postfix/lib/xsasl/Makefile | 4 +-
6 files changed, 386 insertions(+), 7 deletions(-)
diffs (truncated from 468 to 300 lines):
diff -r 74a5d97c9f76 -r 37f28334cfca external/ibm-public/postfix/Makefile.inc
--- a/external/ibm-public/postfix/Makefile.inc Sat Feb 12 19:03:39 2011 +0000
+++ b/external/ibm-public/postfix/Makefile.inc Sat Feb 12 19:07:08 2011 +0000
@@ -1,20 +1,33 @@
-# $NetBSD: Makefile.inc,v 1.2 2009/06/25 18:21:50 tron Exp $
+# $NetBSD: Makefile.inc,v 1.3 2011/02/12 19:07:08 christos Exp $
.include <bsd.own.mk>
USE_FORT?= yes # network client and server
+HAVE_LIB_SASLC?= yes
WARNS?= 0
PFIX_DISTDIR= ${NETBSDSRCDIR}/external/ibm-public/postfix/dist
-CPPFLAGS+= -DNETBSD4 -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\"dovecot\" \
+CPPFLAGS+= -DNETBSD4 -DUSE_SASL_AUTH \
-I${DIST} \
-I${PFIX_DISTDIR}/src/dns -I${PFIX_DISTDIR}/src/global \
-I${PFIX_DISTDIR}/src/master -I${PFIX_DISTDIR}/src/util \
-I${PFIX_DISTDIR}/src/tls -I${PFIX_DISTDIR}/src/milter \
-I${PFIX_DISTDIR}/src/xsasl
+.if defined(HAVE_LIB_SASLC)
+CPPFLAGS+= -DUSE_SASL_AUTH -DUSE_SASLC_SASL
+LDADD+= -lsaslc
+.elif defined(HAVE_CYRUS_SASL)
+CPPFLAGS+= -DUSE_SASL_AUTH -DUSE_CYRUS_SASL \
+ -DDEF_SERVER_SASL_TYPE=\"cyrus\" \
+ -I/usr/pkg/include/sasl
+LDADD+= -lsasl2 -L/usr/pkg/lib -Wl,-R/usr/pkg/lib
+.else
+CPPFLAGS+= -DDEF_SERVER_SASL_TYPE=\"dovecot\"
+.endif
+
.if defined(HAVE_PCC)
# code uses gcc-specific aggregate dynamic array
CPPFLAGS+= -DCANT_USE_SEND_RECV_MSG
diff -r 74a5d97c9f76 -r 37f28334cfca external/ibm-public/postfix/dist/makedefs
--- a/external/ibm-public/postfix/dist/makedefs Sat Feb 12 19:03:39 2011 +0000
+++ b/external/ibm-public/postfix/dist/makedefs Sat Feb 12 19:07:08 2011 +0000
@@ -162,6 +162,8 @@
;;
NetBSD.4*) SYSTYPE=NETBSD4
;;
+ NetBSD.5*) SYSTYPE=NETBSD5
+ ;;
BSD/OS.2*) SYSTYPE=BSDI2
;;
BSD/OS.3*) SYSTYPE=BSDI3
diff -r 74a5d97c9f76 -r 37f28334cfca external/ibm-public/postfix/dist/src/xsasl/xsasl_client.c
--- a/external/ibm-public/postfix/dist/src/xsasl/xsasl_client.c Sat Feb 12 19:03:39 2011 +0000
+++ b/external/ibm-public/postfix/dist/src/xsasl/xsasl_client.c Sat Feb 12 19:07:08 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: xsasl_client.c,v 1.1.1.1 2009/06/23 10:09:02 tron Exp $ */
+/* $NetBSD: xsasl_client.c,v 1.2 2011/02/12 19:07:09 christos Exp $ */
/*++
/* NAME
@@ -199,6 +199,7 @@
#include <xsasl.h>
#include <xsasl_cyrus.h>
+#include <xsasl_saslc.h>
/*
* Lookup table for available SASL client implementations.
@@ -210,9 +211,12 @@
static const XSASL_CLIENT_IMPL_INFO client_impl_info[] = {
#ifdef XSASL_TYPE_CYRUS
- XSASL_TYPE_CYRUS, xsasl_cyrus_client_init,
+ { XSASL_TYPE_CYRUS, xsasl_cyrus_client_init },
#endif
- 0,
+#ifdef XSASL_TYPE_SASLC
+ { XSASL_TYPE_SASLC, xsasl_saslc_client_init },
+#endif
+ { NULL, NULL }
};
/* xsasl_client_init - look up client implementation by name */
diff -r 74a5d97c9f76 -r 37f28334cfca external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc.h Sat Feb 12 19:07:08 2011 +0000
@@ -0,0 +1,43 @@
+/* $NetBSD: xsasl_saslc.h,v 1.1 2011/02/12 19:07:09 christos Exp $ */
+
+#ifndef _XSASL_SASLC_H_INCLUDED_
+#define _XSASL_SASLC_H_INCLUDED_
+
+/*++
+/* NAME
+/* xsasl_saslc 3h
+/* SUMMARY
+/* Saslc SASL plug-in
+/* SYNOPSIS
+/* #include <xsasl_saslc.h>
+/* DESCRIPTION
+/* .nf
+
+ /*
+ * XSASL library.
+ */
+#include "xsasl.h"
+
+#if defined(USE_SASL_AUTH) && defined(USE_SASLC_SASL)
+
+ /*
+ * SASL protocol interface
+ */
+#define XSASL_TYPE_SASLC "saslc"
+
+extern XSASL_CLIENT_IMPL *xsasl_saslc_client_init(const char *, const char *);
+
+#endif
+
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*--*/
+
+#endif /* _XSASL_SASLC_H_INCLUDED_ */
diff -r 74a5d97c9f76 -r 37f28334cfca external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/external/ibm-public/postfix/dist/src/xsasl/xsasl_saslc_client.c Sat Feb 12 19:07:08 2011 +0000
@@ -0,0 +1,317 @@
+/* $NetBSD: xsasl_saslc_client.c,v 1.1 2011/02/12 19:07:09 christos Exp $ */
+
+/*++
+/* NAME
+/* xsasl_saslc_client 3
+/* SUMMARY
+/* saslc SASL client-side plug-in
+/* SYNOPSIS
+/* #include <xsasl_saslc_client.h>
+/*
+/* XSASL_CLIENT_IMPL *xsasl_saslc_client_init(client_type, path_info)
+/* const char *client_type;
+/* DESCRIPTION
+/* This module implements the saslc SASL client-side authentication
+/* plug-in.
+/*
+/* xsasl_saslc_client_init() initializes the saslc SASL library and
+/* returns an implementation handle that can be used to generate
+/* SASL client instances.
+/*
+/* Arguments:
+/* .IP client_type
+/* The plug-in SASL client type (saslc). This argument is
+/* ignored, but it could be used when one implementation
+/* provides multiple variants.
+/* .IP path_info
+/* Implementation-specific information to specify the location
+/* of a configuration file, rendez-vous point, etc. This
+/* information is ignored by the saslc SASL client plug-in.
+/* DIAGNOSTICS
+/* Fatal: out of memory.
+/*
+/* Panic: interface violation.
+/*
+/* Other: the routines log a warning and return an error result
+/* as specified in xsasl_client(3).
+/* SEE ALSO
+/* xsasl_client(3) Client API
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Original author:
+/* Till Franke
+/* SuSE Rhein/Main AG
+/* 65760 Eschborn, Germany
+/*
+/* Adopted by:
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*--*/
+
+#if defined(USE_SASL_AUTH) && defined(USE_SASLC_SASL)
+
+ /*
+ * System headers.
+ */
+#include <errno.h>
+#include <saslc.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "sys_defs.h"
+
+ /*
+ * Utility library
+ */
+#include "msg.h"
+#include "mymalloc.h"
+#include "stringops.h"
+
+ /*
+ * Global library
+ */
+#include "mail_params.h"
+
+ /*
+ * Application-specific
+ */
+#include "xsasl.h"
+#include "xsasl_saslc.h"
+
+
+#define XSASL_SASLC_APPNAME "postfix" /* The config files are in
+ /etc/saslc.d/<appname>/ */
+typedef struct {
+ XSASL_CLIENT_IMPL xsasl; /* generic members, must be first */
+ saslc_t *saslc; /* saslc context */
+} XSASL_SASLC_CLIENT_IMPL;
+
+typedef struct {
+ XSASL_CLIENT xsasl; /* generic members, must be first */
+ saslc_t *saslc; /* saslc context */
+ saslc_sess_t *sess; /* session context */
+ const char *service; /* service (smtp) */
+ const char *hostname; /* server host name */
+ const char *sec_opts; /* security options */
+} XSASL_SASLC_CLIENT;
+
+static XSASL_CLIENT *xsasl_saslc_client_create(XSASL_CLIENT_IMPL *,
+ XSASL_CLIENT_CREATE_ARGS *);
+static int xsasl_saslc_client_first(XSASL_CLIENT *, const char *,
+ const char *, const char *, const char **, VSTRING *);
+static int xsasl_saslc_client_next(XSASL_CLIENT *, const char *,
+ VSTRING *);
+static void xsasl_saslc_client_done(XSASL_CLIENT_IMPL *);
+static void xsasl_saslc_client_free(XSASL_CLIENT *);
+
+static void
+setprop(saslc_sess_t *sess, int overwrite, const char *key, const char *value)
+{
+
+ if (overwrite != 0 ||
+ saslc_sess_getprop(sess, key) == NULL)
+ saslc_sess_setprop(sess, key, value);
+}
+
+/*
+ * Run authentication protocol: first step.
+ */
+static int
+xsasl_saslc_client_first(
+ XSASL_CLIENT *xp,
+ const char *mechanism_list,
+ const char *username,
+ const char *password,
+ const char **mechanism,
+ VSTRING *init_resp)
+{
+ XSASL_SASLC_CLIENT *client = (XSASL_SASLC_CLIENT *)xp;
+ const char *mech;
+ void *out;
+ size_t outlen;
+ int rv;
+
+ if (msg_verbose) {
+ msg_info("%s: mechanism_list='%s'", __func__, mechanism_list);
+ msg_info("%s: username='%s'", __func__, username);
+/* msg_info("%s: password='%s'", __func__, password); */
+ }
+ client->sess = saslc_sess_init(client->saslc, mechanism_list,
+ client->sec_opts);
+ if (client->sess == NULL) {
+ msg_info("%s: saslc_sess_init failed", __func__);
+ return XSASL_AUTH_FAIL;
+ }
+ mech = saslc_sess_getmech(client->sess);
+ if (mechanism)
+ *mechanism = mech;
+ if (msg_verbose)
+ msg_info("%s: mechanism='%s'", __func__, mech);
+
+ setprop(client->sess, 0, SASLC_PROP_AUTHCID, username);
+ setprop(client->sess, 1, SASLC_PROP_PASSWD, password);
+ setprop(client->sess, 1, SASLC_PROP_SERVICE, client->service);
+ setprop(client->sess, 1, SASLC_PROP_HOSTNAME, client->hostname);
+ setprop(client->sess, 1, SASLC_PROP_BASE64IO, "true");
+ setprop(client->sess, 0, SASLC_PROP_QOPMASK, "auth");
+
+ if ((rv = saslc_sess_cont(client->sess, NULL, 0, &out, &outlen))
+ == -1) {
+ msg_info("%s: saslc_sess_encode='%s'", __func__,
+ saslc_sess_strerror(client->sess));
Home |
Main Index |
Thread Index |
Old Index