external/ibm-public/postfix/dist/src/xsasl/xsasl_cyrus_security.c

   1 /*      $NetBSD$        */
   2
   3 /*++
   4 /* NAME
   5 /*      xsasl_cyrus_security 3
   6 /* SUMMARY
   7 /*      convert Cyrus SASL security properties to bit mask
   8 /* SYNOPSIS
   9 /*      #include <xsasl_cyrus_common.h>
  10 /*
  11 /*      int     xsasl_cyrus_security_parse_opts(properties)
  12 /*      const char *properties;
  13 /* DESCRIPTION
  14 /*      xsasl_cyrus_security_parse_opts() converts a list of security
  15 /*      properties to a bit mask. The result is zero in case of error.
  16 /*
  17 /*      Arguments:
  18 /* .IP properties
  19 /*      A comma or space separated list of zero or more of the
  20 /*      following:
  21 /* .RS
  22 /* .IP noplaintext
  23 /*      Disallow authentication methods that use plaintext passwords.
  24 /* .IP noactive
  25 /*      Disallow authentication methods that are vulnerable to
  26 /*      non-dictionary active attacks.
  27 /* .IP nodictionary
  28 /*      Disallow authentication methods that are vulnerable to
  29 /*      passive dictionary attack.
  30 /* .IP noanonymous
  31 /*      Disallow anonymous logins.
  32 /* .RE
  33 /* DIAGNOSTICS:
  34 /*      Warning: bad input.
  35 /* LICENSE
  36 /* .ad
  37 /* .fi
  38 /*      The Secure Mailer license must be distributed with this software.
  39 /* AUTHOR(S)
  40 /*      Wietse Venema
  41 /*      IBM T.J. Watson Research
  42 /*      P.O. Box 704
  43 /*      Yorktown Heights, NY 10598, USA
  44 /*--*/
  45
  46 /* System library. */
  47
  48 #include <sys_defs.h>
  49
  50 /* Utility library. */
  51
  52 #include <name_mask.h>
  53
  54 /* Application-specific. */
  55
  56 #include <xsasl_cyrus_common.h>
  57
  58 #if defined(USE_SASL_AUTH) && defined(USE_CYRUS_SASL)
  59
  60 #include <sasl.h>
  61
  62  /*
  63   * SASL Security options.
  64   */
  65 static const NAME_MASK xsasl_cyrus_sec_mask[] = {
  66     "noplaintext", SASL_SEC_NOPLAINTEXT,
  67     "noactive", SASL_SEC_NOACTIVE,
  68     "nodictionary", SASL_SEC_NODICTIONARY,
  69     "noanonymous", SASL_SEC_NOANONYMOUS,
  70 #if SASL_VERSION_MAJOR >= 2
  71     "mutual_auth", SASL_SEC_MUTUAL_AUTH,
  72 #endif
  73     0,
  74 };
  75
  76 /* xsasl_cyrus_security - parse security options */
  77
  78 int     xsasl_cyrus_security_parse_opts(const char *sasl_opts_val)
  79 {
  80     return (name_mask_opt("SASL security options", xsasl_cyrus_sec_mask,
  81                           sasl_opts_val, NAME_MASK_RETURN));
  82 }
  83
  84 #endif