xref: /netbsd-src/crypto/external/bsd/libsaslc/dist/src/mech_plain.c (revision c2f76ff004a2cb67efe5b12d97bd3ef7fe89e18d) 
1 /* $Id: mech_plain.c,v 1.1.1.1 2010/11/27 21:23:59 agc Exp $ */
2 
3 /* Copyright (c) 2010 The NetBSD Foundation, Inc.
4  * All rights reserved.
5  *
6  * This code is derived from software contributed to The NetBSD Foundation
7  * by Mateusz Kocielski.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. All advertising materials mentioning features or use of this software
18  *    must display the following acknowledgement:
19  *        This product includes software developed by the NetBSD
20  *        Foundation, Inc. and its contributors.
21  * 4. Neither the name of The NetBSD Foundation nor the names of its
22  *    contributors may be used to endorse or promote products derived
23  *    from this software without specific prior written permission.
24  *
25  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
26  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
27  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
28  * PURPOSE ARE DISCLAIMED.	IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
29  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35  * POSSIBILITY OF SUCH DAMAGE.
36  */
37 
38 #include <saslc.h>
39 #include <stdio.h>
40 #include <string.h>
41 #include "saslc_private.h"
42 #include "mech.h"
43 #include "error.h"
44 
45 /* local headers */
46 
47 /* properties */
48 #define SASLC_PLAIN_AUTHZID	"AUTHZID"
49 #define SASLC_PLAIN_AUTHCID	"AUTHCID"
50 #define SASLC_PLAIN_PASSWORD	"PASSWD"
51 
52 #define NUL_DELIM	'\x00'
53 #define CRED_MAX_LEN	255
54 
55 static int saslc__mech_plain_cont(saslc_sess_t *, const void *, size_t,
56     void **, size_t *);
57 
58 /**
59  * @brief doing one step of the sasl authentication
60  * @param sess sasl session
61  * @param in input data
62  * @param inlen input data length
63  * @param out place to store output data
64  * @param outlen output data length
65  * @return MECH_OK - success,
66  * MECH_STEP - more steps are needed,
67  * MECH_ERROR - error
68  */
69 
70 /*ARGSUSED*/
71 static int
72 saslc__mech_plain_cont(saslc_sess_t *sess, const void *in, size_t inlen,
73     void **out, size_t *outlen)
74 {
75 	const char *authzid, *authcid, *passwd;
76 	char *outstr;
77 	int len;
78 
79 	authzid = saslc_sess_getprop(sess, SASLC_PLAIN_AUTHZID);
80 	if (authzid != NULL && strlen(authzid) > CRED_MAX_LEN) {
81 		saslc__error_set(ERR(sess), ERROR_MECH,
82 		    "authzid should be shorter than 256 characters");
83 		return MECH_ERROR;
84 	}
85 
86 	if ((authcid = saslc_sess_getprop(sess, SASLC_PLAIN_AUTHCID))
87 	    == NULL) {
88 		saslc__error_set(ERR(sess), ERROR_MECH,
89 			"authcid is required for an authentication");
90 		return MECH_ERROR;
91 	}
92 	if (strlen(authcid) > CRED_MAX_LEN) {
93 		saslc__error_set(ERR(sess), ERROR_MECH,
94 		    "authcid should be shorter than 256 characters");
95 		return MECH_ERROR;
96 	}
97 
98 	if ((passwd = saslc_sess_getprop(sess, SASLC_PLAIN_PASSWORD))
99 	    == NULL) {
100 		saslc__error_set(ERR(sess), ERROR_MECH,
101 			"passwd is required for an authentication");
102 		return MECH_ERROR;
103 	}
104 	if (strlen(passwd) > CRED_MAX_LEN) {
105 		saslc__error_set(ERR(sess), ERROR_MECH,
106 		    "passwd should be shorter than 256 characters");
107 		return MECH_ERROR;
108 	}
109 
110 	len = asprintf(&outstr, "%s%c%s%c%s", authzid != NULL ?
111 	    authzid : "", NUL_DELIM, authcid, NUL_DELIM, passwd);
112 	if (len == -1)
113 		return MECH_ERROR;
114 	*out = outstr;
115 	*outlen = len + 1;
116 
117 	return MECH_OK;
118 }
119 
120 
121 /* mechanism definition */
122 const saslc__mech_t saslc__mech_plain = {
123 	"PLAIN", /* name */
124 	FLAG_PLAINTEXT, /* flags */
125 	saslc__mech_generic_create, /* create */
126 	saslc__mech_plain_cont, /* step */
127 	NULL, /* encode */
128 	NULL, /* decode */
129 	saslc__mech_generic_destroy /* destroy */
130 };
131