xref: /onnv-gate/usr/src/lib/libsasl/include/saslplug.h (revision 0:68f95e015346)

/*
 * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */

/* saslplug.h --  API for SASL plug-ins */

#ifndef	_SASL_SASLPLUG_H
#define	_SASL_SASLPLUG_H

#pragma ident	"%Z%%M%	%I%	%E% SMI"

#ifndef	_SASL_SASL_H
#include <sasl/sasl.h>
#endif

#ifndef _MD5_H
#include <md5.h>
#endif /* _MD5_H */

#ifdef	__cplusplus
extern "C" {
#endif

/* intermediate MD5 context */
typedef struct HMAC_MD5_CTX_s {
    MD5_CTX ictx, octx;
} HMAC_MD5_CTX;

/*
 * intermediate HMAC state
 *  values stored in network byte order (Big Endian)
 */
typedef struct HMAC_MD5_STATE_s {
    uint32_t istate[4];
    uint32_t ostate[4];
} HMAC_MD5_STATE;

/*
 * callback to lookup a sasl_callback_t for a connection
 * input:
 *  conn        -- the connection to lookup a callback for
 *  callbacknum -- the number of the callback
 * output:
 *  pproc       -- pointer to the callback function (set to NULL on failure)
 *  pcontext    -- pointer to the callback context (set to NULL on failure)
 * returns:
 *  SASL_OK -- no error
 *  SASL_FAIL -- unable to find a callback of the requested type
 *  SASL_INTERACT -- caller must use interaction to get data
 */
typedef int sasl_getcallback_t(sasl_conn_t *conn,
				unsigned long callbackid,
				int (**pproc)(),
				void **pcontext);

/*
 * The sasl_utils structure will remain backwards compatible unless
 * the SASL_*_PLUG_VERSION is changed incompatibly
 * higher SASL_UTILS_VERSION numbers indicate more functions are available
 */
#define	SASL_UTILS_VERSION 4

/* utility function set for plug-ins */
typedef struct sasl_utils {
    int version;

	/* contexts */
    sasl_conn_t *conn;
    sasl_rand_t *rpool;
    void *getopt_context;

	/* option function */
    sasl_getopt_t *getopt;

	/* allocation functions: */
    sasl_malloc_t *malloc;
    sasl_calloc_t *calloc;
    sasl_realloc_t *realloc;
    sasl_free_t *free;

	/* mutex functions: */
    sasl_mutex_alloc_t *mutex_alloc;
    sasl_mutex_lock_t *mutex_lock;
    sasl_mutex_unlock_t *mutex_unlock;
    sasl_mutex_free_t *mutex_free;

	/* MD5 hash and HMAC functions */
    void (*MD5Init)(MD5_CTX *);
    void (*MD5Update)(MD5_CTX *, const unsigned char *text, unsigned int len);
    void (*MD5Final)(unsigned char [16], MD5_CTX *);
    void (*hmac_md5)(const unsigned char *text, int text_len,
			const unsigned char *key, int key_len,
			unsigned char [16]);
    void (*hmac_md5_init)(HMAC_MD5_CTX *, const unsigned char *key, int len);
	/* hmac_md5_update() is just a call to MD5Update on inner context */
    void (*hmac_md5_final)(unsigned char [16], HMAC_MD5_CTX *);
    void (*hmac_md5_precalc)(HMAC_MD5_STATE *,
				const unsigned char *key, int len);
    void (*hmac_md5_import)(HMAC_MD5_CTX *, HMAC_MD5_STATE *);

	/* mechanism utility functions (same as above): */
    int (*mkchal)(sasl_conn_t *conn, char *buf, unsigned maxlen,
		unsigned hostflag);
    int (*utf8verify)(const char *str, unsigned len);
    void (*rand)(sasl_rand_t *rpool, char *buf, unsigned len);
    void (*churn)(sasl_rand_t *rpool, const char *data, unsigned len);

	/*
	 * This allows recursive calls to the sasl_checkpass() routine from
	 * within a SASL plug-in.  This MUST NOT be used in the PLAIN mechanism
	 * as sasl_checkpass MAY be a front-end for the PLAIN mechanism.
	 * This is intended for use by the non-standard LOGIN mechanism and
	 * potentially by a future mechanism which uses public-key technology
	 * to set up a lightweight encryption layer just for sending a
	 * password.
	 */
    int (*checkpass)(sasl_conn_t *conn,
		    const char *user, unsigned userlen,
		    const char *pass, unsigned passlen);

	/* Access to base64 encode/decode routines */
    int (*decode64)(const char *in, unsigned inlen,
		    char *out, unsigned outmax, unsigned *outlen);
    int (*encode64)(const char *in, unsigned inlen,
		    char *out, unsigned outmax, unsigned *outlen);

	/* erase a buffer */
    void (*erasebuffer)(char *buf, unsigned len);

	/* callback to sasl_getprop() and sasl_setprop() */
    int (*getprop)(sasl_conn_t *conn, int propnum, const void **pvalue);
    int (*setprop)(sasl_conn_t *conn, int propnum, const void *value);

	/* callback function */
    sasl_getcallback_t *getcallback;

	/*
	 * format a message and then pass it to the SASL_CB_LOG callback
	 *
	 * use syslog()-style formatting (printf with %m as most recent errno
	 * error).  The implementation may use a fixed size buffer not smaller
	 * than 512 octets if it securely truncates the message.
	 *
	 * level is a SASL_LOG_* level (see sasl.h)
	 */
    void (*log)(sasl_conn_t *conn, int level, const char *fmt, ...);

	/* callback to sasl_seterror() */
    void (*seterror)(sasl_conn_t *conn, unsigned flags, const char *fmt, ...);

	/* spare function pointer */
    int *(*spare_fptr)();

	/* auxiliary property utilities */
    struct propctx *(*prop_new)(unsigned estimate);
    int (*prop_dup)(struct propctx *src_ctx, struct propctx **dst_ctx);
    int (*prop_request)(struct propctx *ctx, const char **names);
    const struct propval *(*prop_get)(struct propctx *ctx);
    int (*prop_getnames)(struct propctx *ctx, const char **names,
			struct propval *vals);
    void (*prop_clear)(struct propctx *ctx, int requests);
    void (*prop_dispose)(struct propctx **ctx);
    int (*prop_format)(struct propctx *ctx, const char *sep, int seplen,
		    char *outbuf, unsigned outmax, unsigned *outlen);
    int (*prop_set)(struct propctx *ctx, const char *name,
		    const char *value, int vallen);
    int (*prop_setvals)(struct propctx *ctx, const char *name,
			const char **values);
    void (*prop_erase)(struct propctx *ctx, const char *name);

	/* for additions which don't require a version upgrade; set to 0 */
    int (*spare_fptr1)();
    int (*spare_fptr2)();
    int (*spare_fptr3)();
} sasl_utils_t;

/*
 * output parameters from SASL API
 *
 * created / destroyed by the glue code, though probably filled in
 * by a combination of the plugin, the glue code, and the canon_user callback.
 *
 */
typedef struct sasl_out_params {
    unsigned doneflag;		/* exchange complete */

    const char *user;		/* canonicalized user name */
    const char *authid;		/* canonicalized authentication id */

    unsigned ulen;		/* length of canonicalized user name */
    unsigned alen;		/* length of canonicalized authid */

	/* security layer information */
    unsigned maxoutbuf;
    sasl_ssf_t mech_ssf;    /* Should be set non-zero if negotiation of a */
			    /* security layer was *attempted*, even if */
			    /* the negotiation failed */
    void *encode_context;
    int (*encode)(void *context, const struct iovec *invec, unsigned numiov,
		const char **output, unsigned *outputlen);
    void *decode_context;
    int (*decode)(void *context, const char *input, unsigned inputlen,
		const char **output, unsigned *outputlen);

	/* for additions which don't require a version upgrade; set to 0 */
    void *spare_ptr1;
    void *spare_ptr2;
    void *spare_ptr3;
    void *spare_ptr4;
    int (*spare_fptr1)();
    int (*spare_fptr2)();
    int spare_int1;
    int spare_int2;
    int spare_int3;
    int spare_int4;

	/*
	 * set to 0 initially, this allows a plugin with extended parameters
	 * to work with an older framework by updating version as parameters
	 * are added.
	 */
    int param_version;
} sasl_out_params_t;

/*
 * Client Mechanism Functions
 */

/*
 * input parameters to client SASL plugin
 *
 * created / destroyed by the glue code
 *
 */
typedef struct sasl_client_params {
    const char *service;	/* service name */
    const char *serverFQDN;	/* server fully qualified domain name */
    const char *clientFQDN;	/* client's fully qualified domain name */
    const sasl_utils_t *utils;	/* SASL API utility routines -- */
				/* for a particular sasl_conn_t, */
				/* MUST remain valid until mech_free is */
				/* called */
    const sasl_callback_t *prompt_supp; /* client callback list */
    const char *iplocalport;	/* server IP domain literal & port */
    const char *ipremoteport;	/* client IP domain literal & port */

    unsigned servicelen;	/* length of service */
    unsigned slen;		/* length of serverFQDN */
    unsigned clen;		/* length of clientFQDN */
    unsigned iploclen;		/* length of iplocalport */
    unsigned ipremlen;		/* length of ipremoteport */

	/* application's security requirements & info */
    sasl_security_properties_t props;
    sasl_ssf_t external_ssf;	/* external SSF active */

	/* for additions which don't require a version upgrade; set to 0 */
    void *spare_ptr1;
    void *spare_ptr2;
    void *spare_ptr3;
    void *spare_ptr4;

	/*
	 * Canonicalize a user name from on-wire to internal format
	 *  added rjs3 2001-05-23
	 *  Must be called once user name aquired if canon_user is non-NULL.
	 *  conn    connection context
	 *  in	    user name from wire protocol (need not be NUL terminated)
	 *  len	    length of user name from wire protocol (0 = strlen(user))
	 *  flags   for SASL_CU_* flags
	 *  oparams the user, authid, ulen, alen, fields are
	 *	    set appropriately after canonicalization/copying and
	 *	    authorization of arguments
	 *
	 *  responsible for setting user, ulen, authid, and alen in the oparams
	 *  structure
	 *
	 *  default behavior is to strip leading and trailing whitespace, as
	 *  well as allocating space for and copying the parameters.
	 *
	 * results:
	 *  SASL_OK	  -- success
	 *  SASL_NOMEM    -- out of memory
	 *  SASL_BADPARAM -- invalid conn
	 *  SASL_BADPROT  -- invalid user/authid
	 */
    int (*canon_user)(sasl_conn_t *conn,
		    const char *in, unsigned len,
		    unsigned flags,
		    sasl_out_params_t *oparams);

    int (*spare_fptr1)();

    int spare_int1;
    int spare_int2;
    int spare_int3;

	/* flags field as passed to sasl_client_new */
    unsigned flags;

	/*
	 * set to 0 initially, this allows a plugin with extended parameters
	 * to work with an older framework by updating version as parameters
	 * are added.
	 */
    int param_version;
} sasl_client_params_t;

/* features shared between client and server */
/* These allow the glue code to handle client-first and server-last issues */

/*
 * This indicates that the mechanism prefers to do client-send-first
 * if the protocol allows it.
 */
#define	SASL_FEAT_WANT_CLIENT_FIRST 0x0002

/*
 * This feature is deprecated, instead, plugins should set *serverout to
 * non-NULL and return SASL_OK intelligently to allow flexible use of
 * server-last semantics
 */
/* #define	SASL_FEAT_WANT_SERVER_LAST 0x0004 */

/*
 * This feature is deprecated, instead plugins should correctly set
 * SASL_FEAT_SERVER_FIRST as needed
 */
/* #define	SASL_FEAT_INTERNAL_CLIENT_FIRST 0x0008 */

/*
 * This indicates that the plugin is server-first only.
 * Not defining either of SASL_FEAT_SERVER_FIRST or
 * SASL_FEAT_WANT_CLIENT_FIRST indicates that the mechanism will take care
 * of the client-first situation internally.
 */
#define	SASL_FEAT_SERVER_FIRST 0x0010

/* This plugin allows proxying */
#define	SASL_FEAT_ALLOWS_PROXY 0x0020

/* client plug-in features */
#define	SASL_FEAT_NEEDSERVERFQDN 0x0001

/* a C object for a client mechanism */
typedef struct sasl_client_plug {
	/* mechanism name */
    const char *mech_name;

	/* best mech additional security layer strength factor */
    sasl_ssf_t max_ssf;

	/* best security flags, as defined in sasl_security_properties_t */
    unsigned security_flags;

	/* features of plugin */
    unsigned features;

	/* required prompt ids, NULL = user/pass only */
    const unsigned long *required_prompts;

	/* global state for mechanism */
    void *glob_context;

	/*
	 * create context for mechanism, using params supplied
	 *  glob_context   -- from above
	 *  params	   -- params from sasl_client_new
	 *  conn_context   -- context for one connection
	 * returns:
	 *  SASL_OK	   -- success
	 *  SASL_NOMEM	   -- not enough memory
	 *  SASL_WRONGMECH -- mech doesn't support security params
	 */
    int (*mech_new)(void *glob_context,
		    sasl_client_params_t *cparams,
		    void **conn_context);

	/*
	 * perform one step of exchange.  NULL is passed for serverin on
	 * first step.
	 * returns:
	 *  SASL_OK	   -- success
	 *  SASL_INTERACT  -- user interaction needed to fill in prompts
	 *  SASL_BADPROT   -- server protocol incorrect/cancelled
	 *  SASL_BADSERV   -- server failed mutual auth
	 */
    int (*mech_step)(void *conn_context,
		    sasl_client_params_t *cparams,
		    const char *serverin,
		    unsigned serverinlen,
		    sasl_interact_t **prompt_need,
		    const char **clientout,
		    unsigned *clientoutlen,
		    sasl_out_params_t *oparams);

	/* dispose of connection context from mech_new */
    void (*mech_dispose)(void *conn_context, const sasl_utils_t *utils);

	/*
	 * free all global space used by mechanism
	 *  mech_dispose must be called on all mechanisms first
	 */
    void (*mech_free)(void *glob_context, const sasl_utils_t *utils);

	/*
	 * perform precalculations during a network round-trip
	 *  or idle period.  conn_context may be NULL
	 *  returns 1 if action taken, 0 if no action taken
	 */
    int (*idle)(void *glob_context,
		void *conn_context,
		sasl_client_params_t *cparams);

	/* for additions which don't require a version upgrade; set to 0 */
    int (*spare_fptr1)();
    int (*spare_fptr2)();
} sasl_client_plug_t;

#define	SASL_CLIENT_PLUG_VERSION	4

/*
 * plug-in entry point:
 *  utils       -- utility callback functions
 *  max_version -- highest client plug version supported
 * returns:
 *  out_version -- client plug version of result
 *  pluglist    -- list of mechanism plug-ins
 *  plugcount   -- number of mechanism plug-ins
 * results:
 *  SASL_OK       -- success
 *  SASL_NOMEM    -- failure
 *  SASL_BADVERS  -- max_version too small
 *  SASL_BADPARAM -- bad config string
 *  ...
 */
typedef int sasl_client_plug_init_t(const sasl_utils_t *utils,
				    int max_version,
				    int *out_version,
				    sasl_client_plug_t **pluglist,
				    int *plugcount);

/* add a client plug-in */
LIBSASL_API int sasl_client_add_plugin(const char *plugname,
				sasl_client_plug_init_t *cplugfunc);

/*
 * Server Functions
 */

/*
 * input parameters to server SASL plugin
 *
 * created / destroyed by the glue code
 *
 */
typedef struct sasl_server_params {
    const char *service;	/* NULL = default service for user_exists */
				/* and setpass */
    const char *appname;	/* name of calling application */
    const char *serverFQDN;	/* server default fully qualified domain name */
				/* (e.g., gethostname) */
    const char *user_realm;	/* realm for user (NULL = client supplied) */
    const char *iplocalport;	/* server IP domain literal & port */
    const char *ipremoteport;	/* client IP domain literal & port */

    unsigned servicelen;	/* length of service */
    unsigned applen;		/* length of appname */
    unsigned slen;		/* length of serverFQDN */
    unsigned urlen;		/* length of user_realm */
    unsigned iploclen;		/* length of iplocalport */
    unsigned ipremlen;		/* length of ipremoteport */

	/*
	 * This indicates the level of logging desired.  See SASL_LOG_*
	 * in sasl.h
	 *
	 * Plug-ins can ignore this and just pass their desired level to
	 * the log callback.  This is primarily used to eliminate logging which
	 * might be a performance problem (e.g., full protocol trace) and
	 * to select between SASL_LOG_TRACE and SASL_LOG_PASS alternatives
	 */
    int log_level;

    const sasl_utils_t *utils;	/* SASL API utility routines -- */
				/* for a particular sasl_conn_t, */
				/* MUST remain valid until mech_free is */
				/* called */

    const sasl_callback_t *callbacks;	/* Callbacks from application */

	/* application's security requirements */
    sasl_security_properties_t props;
    sasl_ssf_t external_ssf;	/* external SSF active */

	/*
	 * server plug-in calls this when it first has access to the plaintext
	 *  passphrase.  This is used to transition users via setpass calls.
	 *  If passlen is 0, it defaults to strlen(pass).
	 *  returns 0 if no entry added, 1 if entry added
	 */
    int (*transition)(sasl_conn_t *conn, const char *pass, unsigned passlen);

	/*
	 * Canonicalize a user name from on-wire to internal format
	 *  added cjn 1999-09-21
	 *  Must be called once user name aquired if canon_user is non-NULL.
	 *  conn    connection context
	 *  user    user name from wire protocol (need not be NUL terminated)
	 *  ulen    length of user name from wire protocol (0 = strlen(user))
	 *  flags   for SASL_CU_* flags
	 *  oparams the user, authid, ulen, alen, fields are
	 *	    set appropriately after canonicalization/copying and
	 *	    authorization of arguments
	 *
	 *  responsible for setting user, ulen, authid, and alen in the oparams
	 *  structure
	 *
	 *  default behavior is to strip leading and trailing whitespace, as
	 *  well as allocating space for and copying the parameters.
	 *
	 * results:
	 *  SASL_OK	  -- success
	 *  SASL_NOMEM    -- out of memory
	 *  SASL_BADPARAM -- invalid conn
	 *  SASL_BADPROT  -- invalid user/authid
	 */
    int (*canon_user)(sasl_conn_t *conn,
		    const char *user, unsigned ulen,
		    unsigned flags,
		    sasl_out_params_t *oparams);

	/*
	 * auxiliary property context (see definitions in prop.h)
	 *  added cjn 2000-01-30
	 *
	 * NOTE: these properties are the ones associated with the
	 * canonicalized "user" (user to login as / authorization id), not
	 * the "authid" (user whose credentials are used / authentication id)
	 * Prefix the property name with a "*" if a property associated with
	 * the "authid" is interesting.
	 */
    struct propctx *propctx;

	/* for additions which don't require a version upgrade; set to 0 */
    void *spare_ptr1;
    void *spare_ptr2;
    void *spare_ptr3;
    void *spare_ptr4;
    int (*spare_fptr1)();
    int (*spare_fptr2)();
    int spare_int1;
    int spare_int2;
    int spare_int3;

	/* flags field as passed to sasl_server_new */
    unsigned flags;

	/*
	 * set to 0 initially, this allows a plugin with extended parameters
	 * to work with an older framework by updating version as parameters
	 * are added.
	 */
    int param_version;
} sasl_server_params_t;

/* features for server plug-in */
#define	SASL_FEAT_SERVICE    0x0200 /* service-specific passwords supported */
#define	SASL_FEAT_GETSECRET  0x0400 /* sasl_server_{get,put}secret_t */
				    /* callbacks required by plug-in */

/* a C object for a server mechanism */
typedef struct sasl_server_plug {
	/* mechanism name */
    const char *mech_name;

	/* best mech additional security layer strength factor */
    sasl_ssf_t max_ssf;

	/* best security flags, as defined in sasl_security_properties_t */
    unsigned security_flags;

	/* features of plugin */
    unsigned features;

	/* global state for mechanism */
    void *glob_context;

	/*
	 * create a new mechanism handler
	 *  glob_context  -- global context
	 *  sparams	  -- server config params
	 *  challenge	  -- server challenge from previous instance or NULL
	 *  challen	  -- length of challenge from previous instance or 0
	 * out:
	 *  conn_context  -- connection context
	 *  errinfo	  -- error information
	 *
	 * returns:
	 *  SASL_OK	  -- successfully created mech instance
	 *  SASL_*	  -- any other server error code
	 */
    int (*mech_new)(void *glob_context,
		    sasl_server_params_t *sparams,
		    const char *challenge,
		    unsigned challen,
		    void **conn_context);

	/*
	 * perform one step in exchange
	 *
	 * returns:
	 *  SASL_OK	  -- success, all done
	 *  SASL_CONTINUE -- success, one more round trip
	 *  SASL_*	  -- any other server error code
	 */
    int (*mech_step)(void *conn_context,
			sasl_server_params_t *sparams,
			const char *clientin,
			unsigned clientinlen,
			const char **serverout,
			unsigned *serveroutlen,
			sasl_out_params_t *oparams);

	/* dispose of a connection state */
    void (*mech_dispose)(void *conn_context, const sasl_utils_t *utils);

	/*
	 * free global state for mechanism
	 *  mech_dispose must be called on all mechanisms first
	 */
    void (*mech_free)(void *glob_context, const sasl_utils_t *utils);

	/*
	 * set a password (optional)
	 *  glob_context  -- global context
	 *  sparams	  -- service, middleware utilities, etc. props ignored
	 *  user	  -- user name
	 *  pass	  -- password/passphrase (NULL = disable/remove/delete)
	 *  passlen	  -- length of password/passphrase
	 *  oldpass	  -- old password/passphrase (NULL = transition)
	 *  oldpasslen    -- length of password/passphrase
	 *  flags	  -- see above
	 *
	 * returns:
	 *  SASL_NOCHANGE -- no change was needed
	 *  SASL_NOUSER   -- no entry for user
	 *  SASL_NOVERIFY -- no mechanism compatible entry for user
	 *  SASL_PWLOCK   -- password locked
	 *  SASL_DIABLED  -- account disabled
	 *  etc.
	 */
    int (*setpass)(void *glob_context,
		    sasl_server_params_t *sparams,
		    const char *user,
		    const char *pass, unsigned passlen,
		    const char *oldpass, unsigned oldpasslen,
		    unsigned flags);

	/*
	 * query which mechanisms are available for user
	 *  glob_context  -- context
	 *  sparams	  -- service, middleware utilities, etc. props ignored
	 *  user	  -- NUL terminated user name
	 *  maxmech	  -- max number of strings in mechlist (0 = no output)
	 * output:
	 *  mechlist	  -- an array of C string pointers, filled in with
	 *		  mechanism names available to the user
	 *
	 * returns:
	 *  SASL_OK	  -- success
	 *  SASL_NOMEM    -- not enough memory
	 *  SASL_FAIL	  -- lower level failure
	 *  SASL_DISABLED -- account disabled
	 *  SASL_NOUSER   -- user not found
	 *  SASL_BUFOVER  -- maxmech is too small
	 *  SASL_NOVERIFY -- user found, but no mechanisms available
	 */
    int (*user_query)(void *glob_context,
		    sasl_server_params_t *sparams,
		    const char *user,
		    int maxmech,
		    const char **mechlist);

	/*
	 * perform precalculations during a network round-trip
	 *  or idle period.  conn_context may be NULL (optional)
	 *  returns 1 if action taken, 0 if no action taken
	 */
    int (*idle)(void *glob_context,
		void *conn_context,
		sasl_server_params_t *sparams);

	/*
	 * check if mechanism is available
	 * TODO - Is this correct?
	 *  optional--if NULL, mechanism is available based on ENABLE=
	 * in config
	 *
	 *  If this routine sets conn_context to a non-NULL value, then the call
	 *  to mech_new will be skipped.  This should not be done unless
	 *  there's a significant performance benefit, since it can cause
	 *  additional memory allocation in SASL core code to keep track of
	 *  contexts potentially for multiple mechanisms.
	 *
	 *  This is called by the first call to sasl_listmech() for a
	 *  given connection context, thus for a given protocol it may
	 *  never be called.  Note that if mech_avail returns SASL_NOMECH,
	 *  then that mechanism is considered disabled for the remainder
	 *  of the session.
	 *
	 *  returns SASL_OK on success,
	 *	    SASL_NOMECH if mech disabled
	 */
    int (*mech_avail)(void *glob_context,
		    sasl_server_params_t *sparams,
		    void **conn_context);

	/* for additions which don't require a version upgrade; set to 0 */
    int (*spare_fptr2)();
} sasl_server_plug_t;

#define	SASL_SERVER_PLUG_VERSION 4

/*
 * plug-in entry point:
 *  utils         -- utility callback functions
 *  plugname      -- name of plug-in (may be NULL)
 *  max_version   -- highest server plug version supported
 * returns:
 *  out_version   -- server plug-in version of result
 *  pluglist      -- list of mechanism plug-ins
 *  plugcount     -- number of mechanism plug-ins
 * results:
 *  SASL_OK       -- success
 *  SASL_NOMEM    -- failure
 *  SASL_BADVERS  -- max_version too small
 *  SASL_BADPARAM -- bad config string
 *  ...
 */
typedef int sasl_server_plug_init_t(const sasl_utils_t *utils,
				    int max_version,
				    int *out_version,
				    sasl_server_plug_t **pluglist,
				    int *plugcount);

/*
 * add a server plug-in
 */
LIBSASL_API int sasl_server_add_plugin(const char *plugname,
				sasl_server_plug_init_t *splugfunc);

/*
 * user canonicalization plug-in -- added cjn 1999-09-29
 */

typedef struct sasl_canonuser {
	/* optional features of plugin (set to 0) */
    int features;

	/* spare integer (set to 0) */
    int spare_int1;

	/* global state for plugin */
    void *glob_context;

	/* name of plugin */
    char *name;

	/* free global state for plugin */
    void (*canon_user_free)(void *glob_context, const sasl_utils_t *utils);

	/*
	 * canonicalize a username
	 *  glob_context    -- global context from this structure
	 *  sparams	    -- server params, note user_realm&propctx elements
	 *  user	    -- user to login as (may not be NUL terminated)
	 *  len		    -- length of user name (0 = strlen(user))
	 *  flags	    -- for SASL_CU_* flags
	 *  out		    -- buffer to copy user name
	 *  out_max	    -- max length of user name
	 *  out_len	    -- set to length of user name
	 *
	 *  note that the output buffers MAY be the same as the input buffers.
	 *
	 * returns
	 *  SASL_OK	    on success
	 *  SASL_BADPROT    username contains invalid character
	 */
    int (*canon_user_server)(void *glob_context,
			    sasl_server_params_t *sparams,
			    const char *user, unsigned len,
			    unsigned flags,
			    char *out,
			    unsigned out_umax, unsigned *out_ulen);

    int (*canon_user_client)(void *glob_context,
			    sasl_client_params_t *cparams,
			    const char *user, unsigned len,
			    unsigned flags,
			    char *out,
			    unsigned out_max, unsigned *out_len);

	/* for additions which don't require a version upgrade; set to 0 */
    int (*spare_fptr1)();
    int (*spare_fptr2)();
    int (*spare_fptr3)();
} sasl_canonuser_plug_t;

#define	SASL_CANONUSER_PLUG_VERSION 5

/*
 * default name for canonuser plug-in entry point is "sasl_canonuser_init"
 *  similar to sasl_server_plug_init model, except only returns one
 *  sasl_canonuser_plug_t structure;
 */
typedef int sasl_canonuser_init_t(const sasl_utils_t *utils,
				int max_version,
				int *out_version,
				sasl_canonuser_plug_t **plug,
				const char *plugname);

/* add a canonuser plugin */
LIBSASL_API int sasl_canonuser_add_plugin(const char *plugname,
				sasl_canonuser_init_t *canonuserfunc);

/*
 * auxiliary property plug-in -- added cjn 1999-09-29
 */

typedef struct sasl_auxprop_plug {
	/* optional features of plugin (none defined yet, set to 0) */
    int features;

	/* spare integer, must be set to 0 */
    int spare_int1;

	/* global state for plugin */
    void *glob_context;

	/* free global state for plugin (OPTIONAL) */
    void (*auxprop_free)(void *glob_context, const sasl_utils_t *utils);

	/*
	 * fill in fields of an auxiliary property context
	 *  last element in array has id of SASL_AUX_END
	 *  elements with non-0 len should be ignored.
	 */
    void (*auxprop_lookup)(void *glob_context,
			    sasl_server_params_t *sparams,
			    unsigned flags,
			    const char *user, unsigned ulen);

	/* name of the auxprop plugin */
    char *name;

	/* for additions which don't require a version upgrade; set to 0 */
    void (*spare_fptr1)();
} sasl_auxprop_plug_t;

/* auxprop lookup flags */
#define	SASL_AUXPROP_OVERRIDE 0x01  /* if clear, ignore auxiliary properties */
				    /* with non-zero len field.  If set, */
				    /* override value of those properties */
#define	SASL_AUXPROP_AUTHZID  0x02  /* if clear, we are looking up the */
				    /* authid flags (prefixed with *), */
				    /* otherwise we are looking up the */
				    /* authzid flags (no prefix) */

#define	SASL_AUXPROP_PLUG_VERSION 4

/*
 * default name for auxprop plug-in entry point is "sasl_auxprop_init"
 *  similar to sasl_server_plug_init model, except only returns one
 *  sasl_auxprop_plug_t structure;
 */
typedef int sasl_auxprop_init_t(const sasl_utils_t *utils,
				int max_version,
				int *out_version,
				sasl_auxprop_plug_t **plug,
				const char *plugname);

/* add an auxiliary property plug-in */
LIBSASL_API int sasl_auxprop_add_plugin(const char *plugname,
					sasl_auxprop_init_t *auxpropfunc);

#ifdef	__cplusplus
}
#endif

#endif /* _SASL_SASLPLUG_H */