NeoMutt  2025-12-11-980-ge38c27
Teaching an old dog new tricks
DOXYGEN
Loading...
Searching...
No Matches
sasl.c File Reference

SASL authentication support. More...

#include "config.h"
#include <errno.h>
#include <netdb.h>
#include <sasl/sasl.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
#include "mutt/lib.h"
#include "core/lib.h"
#include "sasl.h"
#include "editor/lib.h"
#include "history/lib.h"
#include "connaccount.h"
#include "connection.h"
#include "globals.h"
#include "module_data.h"
+ Include dependency graph for sasl.c:

Go to the source code of this file.

Data Structures

struct  SaslSockData
 SASL authentication API -. More...
 

Macros

#define MUTT_SASL_MAXBUF   65536
 Maximum size for SASL protection buffer.
 
#define IP_PORT_BUFLEN   (NI_MAXHOST + NI_MAXSERV)
 Buffer size for "host;port" string (NI_MAXHOST + NI_MAXSERV)
 

Functions

bool sasl_auth_validator (const char *authenticator)
 SASL callback functions, e.g. mutt_sasl_cb_authname(), mutt_sasl_cb_pass()
 
static int getnameinfo_err (int rc)
 Convert a getaddrinfo() error code into an SASL error code.
 
static int iptostring (const struct sockaddr *addr, socklen_t addrlen, char *out, unsigned int outlen)
 Convert IP Address to string.
 
static int mutt_sasl_cb_log (void *context, int priority, const char *message)
 Callback to log SASL messages.
 
int mutt_sasl_start (void)
 Initialise SASL library.
 
static int mutt_sasl_cb_authname (void *context, int id, const char **result, unsigned int *len)
 Callback to retrieve authname or user from ConnAccount.
 
static int mutt_sasl_cb_pass (sasl_conn_t *conn, void *context, int id, sasl_secret_t **psecret)
 SASL callback function to get password.
 
static sasl_callback_t * mutt_sasl_get_callbacks (struct ConnAccount *cac)
 Get the SASL callback functions.
 
static int mutt_sasl_conn_open (struct Connection *conn)
 Empty wrapper for underlying open function - Implements Connection::open() -.
 
static int mutt_sasl_conn_close (struct Connection *conn)
 Close SASL connection - Implements Connection::close() -.
 
static int mutt_sasl_conn_read (struct Connection *conn, char *buf, size_t count)
 Read data from an SASL connection - Implements Connection::read() -.
 
static int mutt_sasl_conn_write (struct Connection *conn, const char *buf, size_t count)
 Write to an SASL connection - Implements Connection::write() -.
 
static int mutt_sasl_conn_poll (struct Connection *conn, time_t wait_secs)
 Check if any data is waiting on a socket - Implements Connection::poll() -.
 
int mutt_sasl_client_new (struct Connection *conn, sasl_conn_t **saslconn)
 Wrapper for sasl_client_new()
 
int mutt_sasl_interact (sasl_interact_t *interaction)
 Perform an SASL interaction with the user.
 
void mutt_sasl_setup_conn (struct Connection *conn, sasl_conn_t *saslconn)
 Set up an SASL connection.
 
void mutt_sasl_cleanup (void)
 Invoke when processing is complete.
 

Variables

static const char *const SaslAuthenticators []
 Authentication methods supported by Cyrus SASL.
 

Detailed Description

SASL authentication support.

Authors
  • Richard Russon
  • Ian Zimmerman
  • Alejandro Colomar

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

Definition in file sasl.c.

Macro Definition Documentation

◆ MUTT_SASL_MAXBUF

#define MUTT_SASL_MAXBUF   65536

Maximum size for SASL protection buffer.

Definition at line 117 of file sasl.c.

◆ IP_PORT_BUFLEN

#define IP_PORT_BUFLEN   (NI_MAXHOST + NI_MAXSERV)

Buffer size for "host;port" string (NI_MAXHOST + NI_MAXSERV)

Definition at line 120 of file sasl.c.

Function Documentation

◆ sasl_auth_validator()

bool sasl_auth_validator ( const char * authenticator)

SASL callback functions, e.g. mutt_sasl_cb_authname(), mutt_sasl_cb_pass()

SASL secret, to store the password Validate an auth method against Cyrus SASL methods

Parameters
authenticatorName of the authenticator to validate
Return values
trueArgument matches an accepted auth method

Definition at line 133 of file sasl.c.

134{
135 for (size_t i = 0; i < countof(SaslAuthenticators); i++)
136 {
137 const char *auth = SaslAuthenticators[i];
138 if (mutt_istr_equal(auth, authenticator))
139 return true;
140 }
141
142 return false;
143}
#define countof(x)
Definition memory.h:49
bool mutt_istr_equal(const char *a, const char *b)
Compare two strings, ignoring case.
Definition string.c:678
static const char *const SaslAuthenticators[]
Authentication methods supported by Cyrus SASL.
Definition sasl.c:107
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getnameinfo_err()

static int getnameinfo_err ( int rc)
static

Convert a getaddrinfo() error code into an SASL error code.

Parameters
rcgetaddrinfo() error code, e.g. EAI_AGAIN
Return values
numSASL error code, e.g. SASL_FAIL

Definition at line 150 of file sasl.c.

151{
152 int err;
153 mutt_debug(LL_DEBUG1, "getnameinfo: ");
154 switch (rc)
155 {
156 case EAI_AGAIN:
157 mutt_debug(LL_DEBUG1, "The name could not be resolved at this time. Future attempts may succeed\n");
158 err = SASL_TRYAGAIN;
159 break;
160 case EAI_BADFLAGS:
161 mutt_debug(LL_DEBUG1, "The flags had an invalid value\n");
162 err = SASL_BADPARAM;
163 break;
164 case EAI_FAIL:
165 mutt_debug(LL_DEBUG1, "A non-recoverable error occurred\n");
166 err = SASL_FAIL;
167 break;
168 case EAI_FAMILY:
169 mutt_debug(LL_DEBUG1, "The address family was not recognized or the address length was invalid for the specified family\n");
170 err = SASL_BADPROT;
171 break;
172 case EAI_MEMORY:
173 mutt_debug(LL_DEBUG1, "There was a memory allocation failure\n");
174 err = SASL_NOMEM;
175 break;
176 case EAI_NONAME:
177 mutt_debug(LL_DEBUG1, "The name does not resolve for the supplied parameters. "
178 "NI_NAMEREQD is set and the host's name can't be located, or both nodename and servname were null.\n");
179 err = SASL_FAIL; /* no real equivalent */
180 break;
181 case EAI_SYSTEM:
182 mutt_debug(LL_DEBUG1, "A system error occurred. The error code can be found in errno(%d,%s))\n",
183 errno, strerror(errno));
184 err = SASL_FAIL; /* no real equivalent */
185 break;
186 default:
187 mutt_debug(LL_DEBUG1, "Unknown error %d\n", rc);
188 err = SASL_FAIL; /* no real equivalent */
189 break;
190 }
191 return err;
192}
#define mutt_debug(LEVEL,...)
Definition logging2.h:91
@ LL_DEBUG1
Log at debug level 1.
Definition logging2.h:45
+ Here is the caller graph for this function:

◆ iptostring()

static int iptostring ( const struct sockaddr * addr,
socklen_t addrlen,
char * out,
unsigned int outlen )
static

Convert IP Address to string.

Parameters
addrIP address
addrlenSize of addr struct
outBuffer for result
outlenLength of buffer
Return values
numSASL error code, e.g. SASL_BADPARAM

utility function, copied from sasl2 sample code

Definition at line 204 of file sasl.c.

206{
207 char hbuf[NI_MAXHOST];
208 char pbuf[NI_MAXSERV];
209 int rc;
210
211 if (!addr || !out)
212 return SASL_BADPARAM;
213
214 rc = getnameinfo(addr, addrlen, hbuf, sizeof(hbuf), pbuf, sizeof(pbuf),
215 NI_NUMERICHOST |
216#ifdef NI_WITHSCOPEID
217 NI_WITHSCOPEID |
218#endif
219 NI_NUMERICSERV);
220 if (rc != 0)
221 return getnameinfo_err(rc);
222
223 if (outlen < strlen(hbuf) + strlen(pbuf) + 2)
224 return SASL_BUFOVER;
225
226 snprintf(out, outlen, "%s;%s", hbuf, pbuf);
227
228 return SASL_OK;
229}
static int getnameinfo_err(int rc)
Convert a getaddrinfo() error code into an SASL error code.
Definition sasl.c:150
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mutt_sasl_cb_log()

static int mutt_sasl_cb_log ( void * context,
int priority,
const char * message )
static

Callback to log SASL messages.

Parameters
contextSupplied context, always NULL
priorityDebug level
messageMessage
Return values
numSASL_OK, always

Definition at line 238 of file sasl.c.

239{
240 if (priority == SASL_LOG_NONE)
241 return SASL_OK;
242
243 int mutt_priority = 0;
244 switch (priority)
245 {
246 case SASL_LOG_TRACE:
247 case SASL_LOG_PASS:
248 mutt_priority = 5;
249 break;
250 case SASL_LOG_DEBUG:
251 case SASL_LOG_NOTE:
252 mutt_priority = 3;
253 break;
254 case SASL_LOG_FAIL:
255 case SASL_LOG_WARN:
256 mutt_priority = 2;
257 break;
258 case SASL_LOG_ERR:
259 mutt_priority = 1;
260 break;
261 default:
262 mutt_debug(LL_DEBUG1, "SASL unknown log priority: %s\n", message);
263 return SASL_OK;
264 }
265 mutt_debug(mutt_priority, "SASL: %s\n", message);
266 return SASL_OK;
267}
+ Here is the caller graph for this function:

◆ mutt_sasl_start()

int mutt_sasl_start ( void )

Initialise SASL library.

Return values
numSASL error code, e.g. SASL_OK

Call before doing an SASL exchange (initialises library if necessary).

Definition at line 275 of file sasl.c.

276{
277 static bool sasl_init = false;
278
279 static sasl_callback_t callbacks[2];
280 int rc;
281
282 if (sasl_init)
283 return SASL_OK;
284
285 /* set up default logging callback */
286 callbacks[0].id = SASL_CB_LOG;
287 callbacks[0].proc = (int (*)(void))(intptr_t) mutt_sasl_cb_log;
288 callbacks[0].context = NULL;
289
290 callbacks[1].id = SASL_CB_LIST_END;
291 callbacks[1].proc = NULL;
292 callbacks[1].context = NULL;
293
294 rc = sasl_client_init(callbacks);
295
296 if (rc != SASL_OK)
297 {
298 mutt_debug(LL_DEBUG1, "libsasl initialisation failed\n");
299 return SASL_FAIL;
300 }
301
302 sasl_init = true;
303
304 return SASL_OK;
305}
static int mutt_sasl_cb_log(void *context, int priority, const char *message)
Callback to log SASL messages.
Definition sasl.c:238
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mutt_sasl_cb_authname()

static int mutt_sasl_cb_authname ( void * context,
int id,
const char ** result,
unsigned int * len )
static

Callback to retrieve authname or user from ConnAccount.

Parameters
[in]contextConnAccount
[in]idField to get. SASL_CB_USER or SASL_CB_AUTHNAME
[out]resultResulting string
[out]lenLength of result
Return values
numSASL error code, e.g. SASL_FAIL

Definition at line 315 of file sasl.c.

316{
317 if (!result)
318 return SASL_FAIL;
319
320 struct ConnAccount *cac = context;
321
322 *result = NULL;
323 if (len)
324 *len = 0;
325
326 if (!cac)
327 return SASL_BADPARAM;
328
329 mutt_debug(LL_DEBUG2, "getting %s for %s:%u\n",
330 (id == SASL_CB_AUTHNAME) ? "authname" : "user", cac->host, cac->port);
331
332 if (id == SASL_CB_AUTHNAME)
333 {
334 if (mutt_account_getlogin(cac) < 0)
335 return SASL_FAIL;
336 *result = cac->login;
337 }
338 else
339 {
340 if (mutt_account_getuser(cac) < 0)
341 return SASL_FAIL;
342 *result = cac->user;
343 }
344
345 if (len)
346 *len = strlen(*result);
347
348 return SASL_OK;
349}
int mutt_account_getuser(struct ConnAccount *cac)
Retrieve username into ConnAccount, if necessary.
Definition connaccount.c:51
int mutt_account_getlogin(struct ConnAccount *cac)
Retrieve login info into ConnAccount, if necessary.
@ LL_DEBUG2
Log at debug level 2.
Definition logging2.h:46
Login details for a remote server.
Definition connaccount.h:59
char login[128]
Login name.
Definition connaccount.h:61
char user[128]
Username.
Definition connaccount.h:62
char host[128]
Server to login to.
Definition connaccount.h:60
unsigned short port
Port to connect to.
Definition connaccount.h:64
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mutt_sasl_cb_pass()

static int mutt_sasl_cb_pass ( sasl_conn_t * conn,
void * context,
int id,
sasl_secret_t ** psecret )
static

SASL callback function to get password.

Parameters
[in]connConnection to a server
[in]contextConnAccount
[in]idSASL_CB_PASS
[out]psecretSASL secret
Return values
numSASL error code, e.g SASL_FAIL

Definition at line 359 of file sasl.c.

360{
361 struct ConnAccount *cac = context;
362 int len;
363
364 if (!cac || !psecret)
365 return SASL_BADPARAM;
366
367 mutt_debug(LL_DEBUG2, "getting password for %s@%s:%u\n", cac->login, cac->host, cac->port);
368
369 if (mutt_account_getpass(cac) < 0)
370 return SASL_FAIL;
371
373 len = strlen(cac->pass);
374
375 sasl_secret_t *secret = mod_data->secret_ptr;
376 mutt_mem_realloc(&secret, sizeof(sasl_secret_t) + len);
377 memcpy((char *) secret->data, cac->pass, (size_t) len);
378 secret->len = len;
379 mod_data->secret_ptr = secret;
380 *psecret = secret;
381
382 return SASL_OK;
383}
int mutt_account_getpass(struct ConnAccount *cac)
Fetch password into ConnAccount, if necessary.
void mutt_mem_realloc(void *pptr, size_t size)
Resize a block of memory on the heap.
Definition memory.c:149
@ MODULE_ID_CONN
ModuleConn, Network connections
Definition module_api.h:60
void * neomutt_get_module_data(struct NeoMutt *n, enum ModuleId id)
Get the private data for a Module.
Definition neomutt.c:666
char pass[256]
Password.
Definition connaccount.h:63
Conn private Module data.
Definition module_data.h:38
Container for Accounts, Notifications.
Definition neomutt.h:41
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mutt_sasl_get_callbacks()

static sasl_callback_t * mutt_sasl_get_callbacks ( struct ConnAccount * cac)
static

Get the SASL callback functions.

Parameters
cacConnAccount to associate with callbacks
Return values
ptrArray of callback functions

Definition at line 390 of file sasl.c.

391{
393 if (!mod_data->mutt_sasl_callbacks)
394 mod_data->mutt_sasl_callbacks = mutt_mem_calloc(5, sizeof(sasl_callback_t));
395
396 sasl_callback_t *callback = mod_data->mutt_sasl_callbacks;
397
398 callback->id = SASL_CB_USER;
399 callback->proc = (int (*)(void))(intptr_t) mutt_sasl_cb_authname;
400 callback->context = cac;
401 callback++;
402
403 callback->id = SASL_CB_AUTHNAME;
404 callback->proc = (int (*)(void))(intptr_t) mutt_sasl_cb_authname;
405 callback->context = cac;
406 callback++;
407
408 callback->id = SASL_CB_PASS;
409 callback->proc = (int (*)(void))(intptr_t) mutt_sasl_cb_pass;
410 callback->context = cac;
411 callback++;
412
413 callback->id = SASL_CB_GETREALM;
414 callback->proc = NULL;
415 callback->context = NULL;
416 callback++;
417
418 callback->id = SASL_CB_LIST_END;
419 callback->proc = NULL;
420 callback->context = NULL;
421
422 return mod_data->mutt_sasl_callbacks;
423}
void * mutt_mem_calloc(size_t nmemb, size_t size)
Allocate zeroed memory on the heap.
Definition memory.c:79
static int mutt_sasl_cb_pass(sasl_conn_t *conn, void *context, int id, sasl_secret_t **psecret)
SASL callback function to get password.
Definition sasl.c:359
static int mutt_sasl_cb_authname(void *context, int id, const char **result, unsigned int *len)
Callback to retrieve authname or user from ConnAccount.
Definition sasl.c:315
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mutt_sasl_client_new()

int mutt_sasl_client_new ( struct Connection * conn,
sasl_conn_t ** saslconn )

Wrapper for sasl_client_new()

Parameters
[in]connConnection to a server
[out]saslconnSASL connection
Return values
0Success
-1Error

which also sets various security properties. If this turns out to be fine for POP too we can probably stop exporting mutt_sasl_get_callbacks().

Definition at line 612 of file sasl.c.

613{
614 if (mutt_sasl_start() != SASL_OK)
615 return -1;
616
617 if (!conn->account.service)
618 {
619 mutt_error(_("Unknown SASL profile"));
620 return -1;
621 }
622
623 socklen_t size;
624
625 struct sockaddr_storage local = { 0 };
626 char iplocalport[IP_PORT_BUFLEN] = { 0 };
627 char *plp = NULL;
628 size = sizeof(local);
629 if (getsockname(conn->fd, (struct sockaddr *) &local, &size) == 0)
630 {
631 if (iptostring((struct sockaddr *) &local, size, iplocalport, IP_PORT_BUFLEN) == SASL_OK)
632 plp = iplocalport;
633 else
634 mutt_debug(LL_DEBUG2, "SASL failed to parse local IP address\n");
635 }
636 else
637 {
638 mutt_debug(LL_DEBUG2, "SASL failed to get local IP address\n");
639 }
640
641 struct sockaddr_storage remote = { 0 };
642 char ipremoteport[IP_PORT_BUFLEN] = { 0 };
643 char *prp = NULL;
644 size = sizeof(remote);
645 if (getpeername(conn->fd, (struct sockaddr *) &remote, &size) == 0)
646 {
647 if (iptostring((struct sockaddr *) &remote, size, ipremoteport, IP_PORT_BUFLEN) == SASL_OK)
648 prp = ipremoteport;
649 else
650 mutt_debug(LL_DEBUG2, "SASL failed to parse remote IP address\n");
651 }
652 else
653 {
654 mutt_debug(LL_DEBUG2, "SASL failed to get remote IP address\n");
655 }
656
657 mutt_debug(LL_DEBUG2, "SASL local ip: %s, remote ip:%s\n", NONULL(plp), NONULL(prp));
658
659 int rc = sasl_client_new(conn->account.service, conn->account.host, plp, prp,
660 mutt_sasl_get_callbacks(&conn->account), 0, saslconn);
661 if (rc != SASL_OK)
662 {
663 mutt_error(_("Error allocating SASL connection"));
664 return -1;
665 }
666
667 /* Work around a casting bug in the SASL krb4 module */
668 sasl_security_properties_t secprops = { 0 };
669 secprops.max_ssf = 0x7fff;
670 secprops.maxbufsize = MUTT_SASL_MAXBUF;
671 if (sasl_setprop(*saslconn, SASL_SEC_PROPS, &secprops) != SASL_OK)
672 {
673 mutt_error(_("Error setting SASL security properties"));
674 sasl_dispose(saslconn);
675 return -1;
676 }
677
678 if (conn->ssf != 0)
679 {
680 /* I'm not sure this actually has an effect, at least with SASLv2 */
681 mutt_debug(LL_DEBUG2, "External SSF: %d\n", conn->ssf);
682 if (sasl_setprop(*saslconn, SASL_SSF_EXTERNAL, &conn->ssf) != SASL_OK)
683 {
684 mutt_error(_("Error setting SASL external security strength"));
685 sasl_dispose(saslconn);
686 return -1;
687 }
688 }
689 if (conn->account.user[0])
690 {
691 mutt_debug(LL_DEBUG2, "External authentication name: %s\n", conn->account.user);
692 if (sasl_setprop(*saslconn, SASL_AUTH_EXTERNAL, conn->account.user) != SASL_OK)
693 {
694 mutt_error(_("Error setting SASL external user name"));
695 sasl_dispose(saslconn);
696 return -1;
697 }
698 }
699
700 return 0;
701}
#define mutt_error(...)
Definition logging2.h:94
#define _(a)
Definition message.h:28
#define MUTT_SASL_MAXBUF
Maximum size for SASL protection buffer.
Definition sasl.c:117
#define IP_PORT_BUFLEN
Buffer size for "host;port" string (NI_MAXHOST + NI_MAXSERV)
Definition sasl.c:120
int mutt_sasl_start(void)
Initialise SASL library.
Definition sasl.c:275
static sasl_callback_t * mutt_sasl_get_callbacks(struct ConnAccount *cac)
Get the SASL callback functions.
Definition sasl.c:390
static int iptostring(const struct sockaddr *addr, socklen_t addrlen, char *out, unsigned int outlen)
Convert IP Address to string.
Definition sasl.c:204
#define NONULL(x)
Definition string2.h:44
const char * service
Name of the service, e.g. "imap".
Definition connaccount.h:67
unsigned int ssf
Security strength factor, in bits (see notes)
Definition connection.h:50
struct ConnAccount account
Account details: username, password, etc.
Definition connection.h:49
int fd
Socket file descriptor.
Definition connection.h:53
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mutt_sasl_interact()

int mutt_sasl_interact ( sasl_interact_t * interaction)

Perform an SASL interaction with the user.

Parameters
interactionDetails of interaction
Return values
numSASL error code: SASL_OK or SASL_FAIL

An example interaction might be asking the user for a password.

Definition at line 710 of file sasl.c.

711{
712 int rc = SASL_OK;
713 char prompt[128] = { 0 };
714 struct Buffer *resp = buf_pool_get();
715
716 while (interaction->id != SASL_CB_LIST_END)
717 {
718 mutt_debug(LL_DEBUG2, "filling in SASL interaction %ld\n", interaction->id);
719
720 snprintf(prompt, sizeof(prompt), "%s: ", interaction->prompt);
721 buf_reset(resp);
722
723 if (!OptGui || (mw_get_field(prompt, resp, MUTT_COMP_NONE, HC_OTHER, NULL, NULL) != 0))
724 {
725 rc = SASL_FAIL;
726 break;
727 }
728
729 interaction->len = buf_len(resp) + 1;
730 interaction->result = buf_strdup(resp);
731 interaction++;
732 }
733
734 buf_pool_release(&resp);
735 return rc;
736}
size_t buf_len(const struct Buffer *buf)
Calculate the length of a Buffer.
Definition buffer.c:497
void buf_reset(struct Buffer *buf)
Reset an existing Buffer.
Definition buffer.c:89
char * buf_strdup(const struct Buffer *buf)
Copy a Buffer's string.
Definition buffer.c:577
@ MUTT_COMP_NONE
No flags are set.
Definition wdata.h:46
bool OptGui
(pseudo) when the gui (and curses) are started
Definition globals.c:48
int mw_get_field(const char *prompt, struct Buffer *buf, CompletionFlags complete, enum HistoryClass hclass, const struct CompleteOps *comp_api, void *cdata)
Ask the user for a string -.
Definition window.c:502
@ HC_OTHER
Miscellaneous strings.
Definition lib.h:61
struct Buffer * buf_pool_get(void)
Get a Buffer from the pool.
Definition pool.c:91
void buf_pool_release(struct Buffer **ptr)
Return a Buffer to the pool.
Definition pool.c:111
String manipulation buffer.
Definition buffer.h:36
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mutt_sasl_setup_conn()

void mutt_sasl_setup_conn ( struct Connection * conn,
sasl_conn_t * saslconn )

Set up an SASL connection.

Parameters
connConnection to a server
saslconnSASL connection

Replace connection methods, sockdata with SASL wrappers, for protection layers. Also get ssf, as a fastpath for the read/write methods.

Definition at line 746 of file sasl.c.

747{
748 struct SaslSockData *sasldata = MUTT_MEM_MALLOC(1, struct SaslSockData);
749 /* work around sasl_getprop aliasing issues */
750 const void *tmp = NULL;
751
752 sasldata->saslconn = saslconn;
753 /* get ssf so we know whether we have to (en|de)code read/write */
754 sasl_getprop(saslconn, SASL_SSF, &tmp);
755 sasldata->ssf = tmp;
756 mutt_debug(LL_DEBUG3, "SASL protection strength: %u\n", *sasldata->ssf);
757 /* Add SASL SSF to transport SSF */
758 conn->ssf += *sasldata->ssf;
759 sasl_getprop(saslconn, SASL_MAXOUTBUF, &tmp);
760 sasldata->pbufsize = tmp;
761 mutt_debug(LL_DEBUG3, "SASL protection buffer size: %u\n", *sasldata->pbufsize);
762
763 /* clear input buffer */
764 sasldata->buf = NULL;
765 sasldata->bpos = 0;
766 sasldata->blen = 0;
767
768 /* preserve old functions */
769 sasldata->sockdata = conn->sockdata;
770 sasldata->open = conn->open;
771 sasldata->read = conn->read;
772 sasldata->write = conn->write;
773 sasldata->poll = conn->poll;
774 sasldata->close = conn->close;
775
776 /* and set up new functions */
777 conn->sockdata = sasldata;
783}
static int mutt_sasl_conn_close(struct Connection *conn)
Close SASL connection - Implements Connection::close() -.
Definition sasl.c:448
int(* close)(struct Connection *conn)
Close a socket Connection - Implements Connection::close() -.
Definition sasl.c:101
int(* open)(struct Connection *conn)
Open a socket Connection - Implements Connection::open() -.
Definition sasl.c:81
static int mutt_sasl_conn_open(struct Connection *conn)
Empty wrapper for underlying open function - Implements Connection::open() -.
Definition sasl.c:432
int(* poll)(struct Connection *conn, time_t wait_secs)
Check if any data is waiting on a socket - Implements Connection::poll() -.
Definition sasl.c:96
static int mutt_sasl_conn_poll(struct Connection *conn, time_t wait_secs)
Check if any data is waiting on a socket - Implements Connection::poll() -.
Definition sasl.c:590
static int mutt_sasl_conn_read(struct Connection *conn, char *buf, size_t count)
Read data from an SASL connection - Implements Connection::read() -.
Definition sasl.c:473
int(* read)(struct Connection *conn, char *buf, size_t count)
Read from a socket Connection - Implements Connection::read() -.
Definition sasl.c:86
static int mutt_sasl_conn_write(struct Connection *conn, const char *buf, size_t count)
Write to an SASL connection - Implements Connection::write() -.
Definition sasl.c:539
int(* write)(struct Connection *conn, const char *buf, size_t count)
Write to a socket Connection - Implements Connection::write() -.
Definition sasl.c:91
@ LL_DEBUG3
Log at debug level 3.
Definition logging2.h:47
#define MUTT_MEM_MALLOC(n, type)
Definition memory.h:53
void * sockdata
Backend-specific socket data.
Definition connection.h:55
int(* poll)(struct Connection *conn, time_t wait_secs)
Definition connection.h:105
int(* write)(struct Connection *conn, const char *buf, size_t count)
Definition connection.h:92
int(* close)(struct Connection *conn)
Definition connection.h:116
int(* open)(struct Connection *conn)
Definition connection.h:66
int(* read)(struct Connection *conn, char *buf, size_t count)
Definition connection.h:79
SASL authentication API -.
Definition sasl.c:66
void * sockdata
Underlying socket data.
Definition sasl.c:76
unsigned int blen
Size of the read buffer.
Definition sasl.c:73
unsigned int bpos
Current read position.
Definition sasl.c:74
const sasl_ssf_t * ssf
Security strength factor, in bits.
Definition sasl.c:68
const unsigned int * pbufsize
Buffer size.
Definition sasl.c:69
const char * buf
Buffer for data read from the connection.
Definition sasl.c:72
sasl_conn_t * saslconn
Raw SASL connection.
Definition sasl.c:67
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mutt_sasl_cleanup()

void mutt_sasl_cleanup ( void )

Invoke when processing is complete.

This is a cleanup function, used to free all memory used by the library. Invoke when processing is complete.

Definition at line 791 of file sasl.c.

792{
793 /* As we never use the server-side, the silently ignore the return value */
794 sasl_client_done();
795}
+ Here is the caller graph for this function:

Variable Documentation

◆ SaslAuthenticators

const char* const SaslAuthenticators[]
static
Initial value:
= {
"ANONYMOUS", "CRAM-MD5", "DIGEST-MD5", "EXTERNAL",
"GS2-IAKERB", "GS2-KRB5", "GSS-SPNEGO", "GSSAPI",
"LOGIN", "NTLM", "OTP-MD4", "OTP-MD5",
"OTP-SHA1", "PASSDSS-3DES-1", "PLAIN", "SCRAM-SHA-1",
"SCRAM-SHA-224", "SCRAM-SHA-256", "SCRAM-SHA-384", "SCRAM-SHA-512",
"SRP",
}

Authentication methods supported by Cyrus SASL.

Definition at line 107 of file sasl.c.

107 {
108 "ANONYMOUS", "CRAM-MD5", "DIGEST-MD5", "EXTERNAL",
109 "GS2-IAKERB", "GS2-KRB5", "GSS-SPNEGO", "GSSAPI",
110 "LOGIN", "NTLM", "OTP-MD4", "OTP-MD5",
111 "OTP-SHA1", "PASSDSS-3DES-1", "PLAIN", "SCRAM-SHA-1",
112 "SCRAM-SHA-224", "SCRAM-SHA-256", "SCRAM-SHA-384", "SCRAM-SHA-512",
113 "SRP",
114};