gsasl  1.10.0
About: GNU SASL is an implementation of the Simple Authentication and Security Layer (SASL). Development version.
  Fossies Dox: gsasl-1.10.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

callbacks.c
Go to the documentation of this file.
1 /* callbacks.c --- Implementation of gsasl callbacks.
2  * Copyright (C) 2002-2021 Simon Josefsson
3  *
4  * This file is part of GNU SASL.
5  *
6  * This program is free software: you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation, either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program. If not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20 
21 #include "internal.h"
22 #include "callbacks.h"
23 
24 #include "striconv.h"
25 #include "readline.h"
26 
27 #if HAVE_LANGINFO_CODESET
28 #include <langinfo.h> /* For nl_langinfo. */
29 #endif
30 
31 static char *
32 locale_to_utf8 (char *str)
33 {
34 #if HAVE_LANGINFO_CODESET
35  if (str)
36  {
37  char *from = nl_langinfo (CODESET);
38  char *q = str_iconv (str, from, "UTF-8");
39  if (!q)
40  fprintf (stderr, "warning: Could not convert string to UTF-8...\n");
41  else
42  {
43  free (str);
44  str = q;
45  }
46  }
47 #endif
48 
49  return str;
50 }
51 
52 static char *
53 readutf8line (const char *prompt)
54 {
55  char *p = readline (prompt);
56 
57  return locale_to_utf8 (p);
58 }
59 
60 char *
61 readutf8pass (const char *prompt)
62 {
63  char *p = getpass (prompt);
64 
65  return locale_to_utf8 (p);
66 }
67 
68 int
69 callback (Gsasl * ctx _GL_UNUSED, Gsasl_session * sctx, Gsasl_property prop)
70 {
71  int rc = GSASL_NO_CALLBACK;
72 
73  switch (prop)
74  {
78  readutf8line ("Enter anonymous token (e.g., email address): ");
79 
82 
83  rc = GSASL_OK;
84  break;
85 
90  readutf8line ("Enter base64 encoded tls-unique channel binding: ");
92  gsasl_property_set (sctx, prop, b64cbtlsunique);
93  rc = GSASL_OK;
94  break;
95 
96  case GSASL_PASSWORD:
98  args_info.password_arg = readutf8pass ("Enter password: ");
99 
101 
102  rc = GSASL_OK;
103  break;
104 
105  case GSASL_PASSCODE:
106  if (args_info.passcode_arg == NULL)
107  args_info.passcode_arg = readutf8pass ("Enter passcode: ");
108 
110 
111  rc = GSASL_OK;
112  break;
113 
114  case GSASL_AUTHID:
116  {
117 #if HAVE_GETPWUID
118  uid_t uid;
119  struct passwd *pw;
120 
121  uid = getuid ();
122  pw = getpwuid (uid);
123 
124  if (pw && pw->pw_name)
125  {
126  printf ("Using system username `%s' as "
127  "authentication identity.\n", pw->pw_name);
128  args_info.authentication_id_arg = xstrdup (pw->pw_name);
129  }
130  else
131 #endif
133  readutf8line ("Enter authentication ID: ");
134  }
135 
138  rc = GSASL_OK;
139  break;
140 
141  case GSASL_AUTHZID:
144  rc = GSASL_OK;
145  break;
146 
147  case GSASL_SERVICE:
148  if (args_info.service_arg == NULL)
150  readutf8line ("Enter GSSAPI service name (e.g. \"imap\"): ");
151 
153 
154  rc = GSASL_OK;
155  break;
156 
157  case GSASL_HOSTNAME:
158  if (args_info.hostname_arg == NULL)
159  args_info.hostname_arg = readutf8line ("Enter hostname of server: ");
160 
162 
163  rc = GSASL_OK;
164  break;
165 
166  case GSASL_REALM:
167  if (args_info.realm_arg == NULL)
169  readutf8line ("Enter realm of server (optional): ");
170 
173 
174  rc = GSASL_OK;
175  break;
176 
177  case GSASL_QOP:
180  ("Enter quality of protection (optional, e.g. 'qop-int'): ");
185  rc = GSASL_OK;
186  break;
187 
189  {
190  char *str;
191  printf ("Authzid: %s\nDisplay Name: %s\n",
194  str = readutf8line ("Validate GSS-API user? (y/n) ");
195  if (strcmp (str, "y") == 0 || strcmp (str, "Y") == 0)
196  rc = GSASL_OK;
197  else
199  free (str);
200  }
201  break;
202 
204  break;
205 
206  case GSASL_SCRAM_ITER:
209  rc = GSASL_OK;
210  break;
211 
212  case GSASL_SCRAM_SALT:
214  rc = GSASL_OK;
215  break;
216 
218  {
219  char *str = readutf8line ("Enter SAML authentication identifier "
220  "(e.g. \"http://example.org/\"): ");
221 
223 
224  rc = GSASL_OK;
225  }
226  break;
227 
229  {
230  const char *url =
232 
233  printf ("Proceed to this URL to authenticate using SAML 2.0:\n%s\n",
234  url);
235 
236  rc = GSASL_OK;
237  }
238  break;
239 
241  {
242  const char *url = gsasl_property_get (sctx,
244 
245  printf ("Proceed to this URL to authenticate using OpenID 2.0:\n%s\n",
246  url);
247 
248  rc = GSASL_OK;
249  }
250  break;
251 
252  default:
253  fprintf (stderr,
254  "warning: mechanism requested unsupported property `%u'\n",
255  prop);
256  break;
257  }
258 
259  return rc;
260 }
static char * locale_to_utf8(char *str)
Definition: callbacks.c:32
static char * readutf8line(const char *prompt)
Definition: callbacks.c:53
char * readutf8pass(const char *prompt)
Definition: callbacks.c:61
int callback(Gsasl *ctx _GL_UNUSED, Gsasl_session *sctx, Gsasl_property prop)
Definition: callbacks.c:69
char * getpass(const char *prompt)
Definition: getpass.c:87
#define NULL
Definition: stddef.in.h:72
char * b64cbtlsunique
Definition: gsasl.c:35
struct gengetopt_args_info args_info
Definition: gsasl.c:37
const char * gsasl_property_get(Gsasl_session *sctx, Gsasl_property prop)
Definition: property.c:263
void gsasl_property_set(Gsasl_session *sctx, Gsasl_property prop, const char *data)
Definition: property.c:158
@ GSASL_NO_CALLBACK
Definition: gsasl.h:184
@ GSASL_OK
Definition: gsasl.h:171
@ GSASL_AUTHENTICATION_ERROR
Definition: gsasl.h:180
const char * gsasl_property_fast(Gsasl_session *sctx, Gsasl_property prop)
Definition: property.c:226
Gsasl_property
Definition: gsasl.h:333
@ GSASL_SAML20_AUTHENTICATE_IN_BROWSER
Definition: gsasl.h:360
@ GSASL_HOSTNAME
Definition: gsasl.h:340
@ GSASL_AUTHZID
Definition: gsasl.h:336
@ GSASL_VALIDATE_GSSAPI
Definition: gsasl.h:366
@ GSASL_OPENID20_AUTHENTICATE_IN_BROWSER
Definition: gsasl.h:361
@ GSASL_SCRAM_SALT
Definition: gsasl.h:350
@ GSASL_QOP
Definition: gsasl.h:348
@ GSASL_CB_TLS_UNIQUE
Definition: gsasl.h:354
@ GSASL_SERVICE
Definition: gsasl.h:339
@ GSASL_GSSAPI_DISPLAY_NAME
Definition: gsasl.h:341
@ GSASL_SAML20_IDP_IDENTIFIER
Definition: gsasl.h:355
@ GSASL_SCRAM_SALTED_PASSWORD
Definition: gsasl.h:351
@ GSASL_PASSWORD
Definition: gsasl.h:337
@ GSASL_REALM
Definition: gsasl.h:345
@ GSASL_SCRAM_ITER
Definition: gsasl.h:349
@ GSASL_PASSCODE
Definition: gsasl.h:342
@ GSASL_AUTHID
Definition: gsasl.h:335
@ GSASL_SAML20_REDIRECT_URL
Definition: gsasl.h:356
@ GSASL_ANONYMOUS_TOKEN
Definition: gsasl.h:338
@ GSASL_OPENID20_REDIRECT_URL
Definition: gsasl.h:357
#define CODESET
Definition: langinfo.in.h:49
int rc
Definition: error.c:42
const char * p
Definition: mbrtowc-impl.h:42
char * readline(const char *prompt)
Definition: readline.c:36
char * str_iconv(const char *src, const char *from_codeset, const char *to_codeset)
Definition: striconv.c:401
Definition: internal.h:41
char * salt_arg
Indicate PBKDF2 salt as base64-encoded string (SCRAM only)..
Definition: gsasl_cmd.h:107
char * anonymous_token_arg
Token for anonymous authentication, usually mail address (ANONYMOUS only)..
Definition: gsasl_cmd.h:70
char * service_arg
Set the requested service name (should be a registered GSSAPI host based service name)....
Definition: gsasl_cmd.h:88
char * password_arg
Password for authentication (insecure for non-testing purposes)..
Definition: gsasl_cmd.h:79
char * authorization_id_arg
Identity to request service for..
Definition: gsasl_cmd.h:76
char * realm_arg
Realm. Defaults to hostname..
Definition: gsasl_cmd.h:82
char * passcode_arg
Passcode for authentication (SECURID only)..
Definition: gsasl_cmd.h:85
char * hostname_arg
Set the name of the server with the requested service..
Definition: gsasl_cmd.h:91
int no_cb_flag
Don't use channel bindings from TLS. (default=off).
Definition: gsasl_cmd.h:114
char * quality_of_protection_arg
How application payload will be protected. 'qop-auth' means no protection, 'qop-int' means integrity ...
Definition: gsasl_cmd.h:101
char * authentication_id_arg
Identity of credential owner..
Definition: gsasl_cmd.h:73
char * iteration_count_orig
Indicate PBKDF2 hash iteration count (SCRAM only). original value given at command line.
Definition: gsasl_cmd.h:105
char * xstrdup(char const *string)
Definition: xmalloc.c:130