search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Inform user that --password is only for testing.
[gsasl.git] / src / callbacks.c
blob5b0052ef49f00ea509cbac53c1b7bb52ce309841
1 /* callbacks.c implementation of gsasl callbacks
2 * Copyright (C) 2002 Simon Josefsson
3 *
4 * This file is part of libgsasl.
5 *
6 * Libgsasl is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * Libgsasl is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with libgsasl; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 *
20 */
21
22 #include <stdio.h>
23 #ifdef HAVE_CONFIG_H
24 #include "config.h"
25 #endif
26 #ifdef HAVE_UNISTD_H
27 #include <unistd.h>
28 #endif
29 #ifdef HAVE_NETDB_H
30 #include <netdb.h>
31 #endif
32 #ifdef HAVE_STDLIB_H
33 #include <stdlib.h>
34 #endif
35 #ifdef HAVE_LOCALE_H
36 #include <locale.h>
37 #endif
38 #if HAVE_STRING_H
39 # if !STDC_HEADERS && HAVE_MEMORY_H
40 # include <memory.h>
41 # endif
42 # include <string.h>
43 #endif
44 #if HAVE_STRINGS_H
45 # include <strings.h>
46 #endif
47 #include <argp.h>
48 #include <gsasl.h>
49
50 #include <stringprep.h>
51
52 #define MAX_LINE_LENGTH BUFSIZ
53
54 extern int silent;
55 extern int verbose;
56 extern char *anonymous_token;
57 extern char *authentication_id;
58 extern char *authorization_id;
59 extern char *password;
60 extern char *passcode;
61 extern char *mechanism;
62 extern char *service;
63 extern char *hostname;
64 extern char *servicename;
65 extern char **realms;
66 extern size_t nrealms;
67 extern int maxbuf;
68 extern int qop;
69
70 static char *
71 readline (const char *prompt)
72 {
73 static char line[MAX_LINE_LENGTH];
74
75 printf ("%s", prompt);
76
77 line[0] = '\0';
78 fgets (line, MAX_LINE_LENGTH, stdin);
79 line[strlen (line) - 1] = '\0';
80
81 return line;
82 }
83
84 static int
85 utf8cpy (char *dst, size_t * dstlen, char *src, size_t srclen)
86 {
87 int nonasciiflag = 0;
88 char *p;
89
90 if (srclen != strlen(src))
91 return !GSASL_OK;
92
93 p = stringprep_locale_to_utf8(src);
94 if (p)
95 {
96 int len = strlen(p);
97
98 if (len > *dstlen)
99 return GSASL_TOO_SMALL_BUFFER;
100 *dstlen = len;
101 if (dst)
102 strcpy(dst, p);
103 }
104 else
105 {
106 int i;
107
108 fprintf (stderr, " ** failed to convert data from %s to UTF-8\n",
109 stringprep_locale_charset());
110 fprintf (stderr, " ** check the system locale configuration\n");
111 fprintf (stderr, " ** treating input as ASCII\n");
112
113 if (dst && *dstlen < srclen)
114 return GSASL_TOO_SMALL_BUFFER;
115
116 *dstlen = srclen;
117 for (i = 0; i < srclen; i++)
118 {
119 if (src[i] & 0x80)
120 nonasciiflag = 1;
121 dst[i] = src[i] & 0x7F;
122 }
123
124 if (nonasciiflag)
125 {
126 fprintf (stderr, " ** bit 8 stripped from string\n");
127 fprintf (stderr, " ** original string: `%s'\n", src);
128 fprintf (stderr, " ** stripped string: `%s'\n", dst);
129 }
130 }
131
132 return GSASL_OK;
133 }
134
135 /* Client callbacks */
136
137 int
138 client_callback_anonymous (Gsasl_session_ctx * ctx,
139 char *out, size_t * outlen)
140 {
141 int rc;
142
143 if (anonymous_token == NULL)
144 anonymous_token =
145 strdup (readline ("Enter anonymous token (e.g., email address): "));
146
147 if (anonymous_token == NULL)
148 return GSASL_AUTHENTICATION_ERROR;
149
150 rc = utf8cpy (out, outlen, anonymous_token, strlen (anonymous_token));
151 if (rc != GSASL_OK)
152 return rc;
153
154 return GSASL_OK;
155 }
156
157 int
158 client_callback_authorization_id (Gsasl_session_ctx * ctx,
159 char *out, size_t * outlen)
160 {
161 int rc;
162
163 if (authorization_id == NULL)
164 authorization_id = strdup (readline ("Enter authorization ID: "));
165
166 if (authorization_id == NULL)
167 return GSASL_AUTHENTICATION_ERROR;
168
169 rc = utf8cpy (out, outlen, authorization_id, strlen (authorization_id));
170 if (rc != GSASL_OK)
171 return rc;
172
173 return GSASL_OK;
174 }
175
176 int
177 client_callback_authentication_id (Gsasl_session_ctx * ctx,
178 char *out, size_t * outlen)
179 {
180 int rc;
181
182 if (authentication_id == NULL)
183 authentication_id = strdup (readline ("Enter authentication ID: "));
184
185 if (authentication_id == NULL)
186 return GSASL_AUTHENTICATION_ERROR;
187
188 rc = utf8cpy (out, outlen, authentication_id, strlen (authentication_id));
189 if (rc != GSASL_OK)
190 return rc;
191
192 return GSASL_OK;
193 }
194
195 int
196 client_callback_password (Gsasl_session_ctx * ctx, char *out, size_t * outlen)
197 {
198 int rc;
199
200 if (password == NULL)
201 password = strdup (readline ("Enter password: "));
202
203 if (password == NULL)
204 return GSASL_AUTHENTICATION_ERROR;
205
206 rc = utf8cpy (out, outlen, password, strlen (password));
207 if (rc != GSASL_OK)
208 return rc;
209
210 return GSASL_OK;
211 }
212
213 int
214 client_callback_service (Gsasl_session_ctx * ctx,
215 char *srv,
216 size_t * srvlen,
217 char *host,
218 size_t * hostlen, char *srvname, size_t * srvnamelen)
219 {
220 int rc;
221
222 if (service == NULL)
223 service =
224 strdup (readline ("Enter GSSAPI service name (e.g. \"imap\"): "));
225
226 if (hostname == NULL)
227 hostname = strdup (readline ("Enter hostname of server: "));
228
229 if (srvnamelen && servicename == NULL)
230 servicename =
231 strdup (readline ("Enter generic server name (optional): "));
232
233 if (service == NULL)
234 return GSASL_AUTHENTICATION_ERROR;
235
236 if (hostname == NULL)
237 return GSASL_AUTHENTICATION_ERROR;
238
239 if (srvnamelen && servicename == NULL)
240 return GSASL_AUTHENTICATION_ERROR;
241
242 rc = utf8cpy (srv, srvlen, service, strlen (service));
243 if (rc != GSASL_OK)
244 return rc;
245
246 rc = utf8cpy (host, hostlen, hostname, strlen (hostname));
247 if (rc != GSASL_OK)
248 return rc;
249
250 if (srvnamelen)
251 {
252 rc = utf8cpy (srvname, srvnamelen, servicename, strlen (servicename));
253 if (rc != GSASL_OK)
254 return rc;
255 }
256
257 return GSASL_OK;
258 }
259
260 int
261 client_callback_passcode (Gsasl_session_ctx * ctx, char *out, size_t * outlen)
262 {
263 int rc;
264
265 if (passcode == NULL)
266 passcode = strdup (readline ("Enter passcode: "));
267
268 if (passcode == NULL)
269 return GSASL_AUTHENTICATION_ERROR;
270
271 rc = utf8cpy (out, outlen, passcode, strlen (passcode));
272 if (rc != GSASL_OK)
273 return rc;
274
275 return GSASL_OK;
276 }
277
278 Gsasl_qop
279 client_callback_qop (Gsasl_session_ctx * ctx, Gsasl_qop serverqops)
280 {
281 if (serverqops & qop == 0)
282 fprintf (stderr,
283 "Warning: Server QOPs %d does not include client QOP %d.\n",
284 serverqops, qop);
285 return qop;
286 }
287
288 int
289 client_callback_maxbuf (Gsasl_session_ctx * ctx, int servermaxbuf)
290 {
291 return maxbuf;
292 }
293
294 /* Server callbacks */
295
296 int
297 server_callback_cram_md5 (Gsasl_session_ctx * ctx,
298 char *username, char *challenge, char *response)
299 {
300 char *data;
301
302 printf ("User: `%s'\nChallenge: `%s'\nResponse: `%s'\n",
303 username, challenge, response);
304
305 data = readline ("Admit user? (y/n) ");
306
307 if (*data == 'y' || *data == 'Y')
308 return GSASL_OK;
309 else
310 return GSASL_AUTHENTICATION_ERROR;
311 }
312
313 int
314 server_callback_anonymous (Gsasl_session_ctx * ctx, const char *message)
315 {
316 char *data;
317
318 printf ("Anonymous user: `%s'\n", message);
319
320 data = readline ("Admit user? (y/n) ");
321
322 if (*data == 'y' || *data == 'Y')
323 return GSASL_OK;
324 else
325 return GSASL_AUTHENTICATION_ERROR;
326 }
327
328 Gsasl_qop
329 server_callback_qop (Gsasl_session_ctx * ctx)
330 {
331 return GSASL_QOP_AUTH | GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF;
332 }
333
334 int
335 server_callback_maxbuf (Gsasl_session_ctx * ctx)
336 {
337 return maxbuf;
338 }
339
340 int
341 server_callback_realm (Gsasl_session_ctx * ctx,
342 char *out, size_t * outlen, size_t nth)
343 {
344 int rc;
345
346 if (nrealms == 0)
347 {
348 struct hostent *he;
349 char hostname[BUFSIZ];
350
351 rc = gethostname (hostname, BUFSIZ);
352 hostname[BUFSIZ - 1] = '\0';
353 if (rc != 0)
354 return GSASL_NO_MORE_REALMS;
355
356 he = gethostbyname (hostname);
357 if (he && strlen (he->h_name) < BUFSIZ)
358 strcpy (hostname, he->h_name);
359
360 realms = malloc (sizeof (*realms));
361 if (realms == NULL)
362 return GSASL_MALLOC_ERROR;
363 realms[nrealms++] = strdup (hostname);
364 }
365
366 if (nth >= nrealms)
367 return GSASL_NO_MORE_REALMS;
368
369 rc = utf8cpy (out, outlen, realms[nth], strlen (realms[nth]));
370 if (rc != GSASL_OK)
371 return rc;
372
373 return GSASL_OK;
374 }
375
376 int
377 server_callback_external (Gsasl_session_ctx * ctx)
378 {
379 char *data;
380
381 printf ("Validation information provided out of band (e.g., TLS)\n");
382
383 data = readline ("Admit user? (y/n) ");
384
385 if (*data == 'y' || *data == 'Y')
386 return GSASL_OK;
387 else
388 return GSASL_AUTHENTICATION_ERROR;
389 }
390
391 int
392 server_callback_validate (Gsasl_session_ctx * ctx,
393 char *authorization_id,
394 char *authentication_id, char *password)
395 {
396 char *data;
397
398 if (authorization_id && strlen (authorization_id) > 0)
399 printf ("Authorization ID: %s\n", authorization_id);
400 else
401 printf ("No authorization ID\n");
402
403 if (authentication_id && strlen (authentication_id) > 0)
404 printf ("Authentication ID: %s\n", authentication_id);
405 else
406 printf ("No authentication ID\n");
407
408 if (password && strlen (password) > 0)
409 printf ("Password: %s\n", password);
410 else
411 printf ("No password\n");
412
413 data = readline ("Admit user? (y/n) ");
414
415 if (*data == 'y' || *data == 'Y')
416 return GSASL_OK;
417 else
418 return GSASL_AUTHENTICATION_ERROR;
419 }
420
421 int
422 server_callback_retrieve (Gsasl_session_ctx * ctx,
423 char *authentication_id,
424 char *authorization_id,
425 char *realm, char *key, size_t * keylen)
426 {
427 int rc;
428
429 if (password == NULL)
430 password = strdup (readline ("Enter password: "));
431
432 if (password == NULL)
433 return GSASL_AUTHENTICATION_ERROR;
434
435 rc = utf8cpy (key, keylen, password, strlen (password));
436 if (rc != GSASL_OK)
437 return rc;
438
439 return GSASL_OK;
440 }
441
442 int
443 server_callback_service (Gsasl_session_ctx * ctx,
444 char *srv,
445 size_t * srvlen, char *host, size_t * hostlen)
446 {
447 int rc;
448
449 if (service == NULL)
450 service =
451 strdup (readline ("Enter GSSAPI service name (e.g. \"imap\"): "));
452
453 if (hostname == NULL)
454 hostname = strdup (readline ("Enter hostname of server: "));
455
456 if (service == NULL)
457 return GSASL_AUTHENTICATION_ERROR;
458
459 if (hostname == NULL)
460 return GSASL_AUTHENTICATION_ERROR;
461
462 rc = utf8cpy (srv, srvlen, service, strlen (service));
463 if (rc != GSASL_OK)
464 return rc;
465
466 rc = utf8cpy (host, hostlen, hostname, strlen (hostname));
467 if (rc != GSASL_OK)
468 return rc;
469
470 return GSASL_OK;
471 }
472
473 int
474 server_callback_gssapi (Gsasl_session_ctx * ctx,
475 char *client_name, char *authentication_id)
476 {
477 char *data;
478
479 if (client_name)
480 printf ("GSSAPI user: %s\n", client_name);
481
482 if (authentication_id)
483 printf ("Authentication ID: %s\n", authentication_id);
484
485 data = readline ("Admit user? (y/n) ");
486
487 if (*data == 'y' || *data == 'Y')
488 return GSASL_OK;
489 else
490 return GSASL_AUTHENTICATION_ERROR;
491 }
SASL library