2 * Copyright notice from original mutt:
3 * Copyright (C) 2000-5 Brendan Cully <brendan@kublai.com>
5 * This file is part of mutt-ng, see http://www.muttng.org/.
6 * It's licensed under the GNU General Public License,
7 * please see the file GPL in the top level source directory.
10 /* common SASL helper routines */
12 #include <lib-lib/lib-lib.h>
15 #include <sasl/sasl.h>
16 #include <sys/socket.h>
17 #include <netinet/in.h>
19 #include <lib-ui/curses.h>
20 #include <lib-sys/mutt_socket.h>
24 #include "mutt_sasl.h"
26 static int getnameinfo_err (int ret)
47 err = SASL_FAIL; /* no real equivalent */
50 err = SASL_FAIL; /* no real equivalent */
53 err = SASL_FAIL; /* no real equivalent */
59 /* arbitrary. SASL will probably use a smaller buffer anyway. OTOH it's
60 * been a while since I've had access to an SASL server which negotiated
61 * a protection buffer. */
62 #define M_SASL_MAXBUF 65536
64 #define IP_PORT_BUFLEN 1024
66 static sasl_callback_t mutt_sasl_callbacks[5];
68 static int mutt_sasl_start (void);
71 static int mutt_sasl_cb_authname (void *context, int id, const char **result,
73 static int mutt_sasl_cb_pass (sasl_conn_t * conn, void *context, int id,
74 sasl_secret_t ** psecret);
76 /* socket wrappers for a SASL security layer */
77 static int mutt_sasl_conn_open (CONNECTION * conn);
78 static int mutt_sasl_conn_close (CONNECTION * conn);
79 static int mutt_sasl_conn_read (CONNECTION * conn, char *buf, ssize_t len);
80 static int mutt_sasl_conn_write (CONNECTION * conn, const char *buf,
83 /* utility function, stolen from sasl2 sample code */
84 static int iptostring (const struct sockaddr *addr, socklen_t addrlen,
85 char *out, unsigned outlen)
87 char hbuf[NI_MAXHOST], pbuf[NI_MAXSERV];
93 ret = getnameinfo (addr, addrlen, hbuf, sizeof (hbuf), pbuf, sizeof (pbuf),
100 return getnameinfo_err (ret);
102 if (outlen < m_strlen(hbuf) + m_strlen(pbuf) + 2)
105 snprintf (out, outlen, "%s;%s", hbuf, pbuf);
110 /* mutt_sasl_cb_log: callback to log SASL messages */
111 static int mutt_sasl_cb_log (void *context, int priority, const char *message)
116 /* mutt_sasl_start: called before doing a SASL exchange - initialises library
118 int mutt_sasl_start (void)
120 static unsigned char sasl_init = 0;
122 static sasl_callback_t callbacks[2];
128 /* set up default logging callback */
129 callbacks[0].id = SASL_CB_LOG;
130 callbacks[0].proc = mutt_sasl_cb_log;
131 callbacks[0].context = NULL;
133 callbacks[1].id = SASL_CB_LIST_END;
134 callbacks[1].proc = NULL;
135 callbacks[1].context = NULL;
137 rc = sasl_client_init (callbacks);
148 /* mutt_sasl_client_new: wrapper for sasl_client_new which also sets various
149 * security properties. If this turns out to be fine for POP too we can
150 * probably stop exporting mutt_sasl_get_callbacks(). */
151 int mutt_sasl_client_new (CONNECTION * conn, sasl_conn_t ** saslconn)
153 sasl_security_properties_t secprops;
155 struct sockaddr_storage local, remote;
157 char iplocalport[IP_PORT_BUFLEN], ipremoteport[IP_PORT_BUFLEN];
161 if (mutt_sasl_start () != SASL_OK)
164 switch (conn->account.type) {
165 case M_ACCT_TYPE_IMAP:
168 case M_ACCT_TYPE_POP:
175 size = sizeof (local);
176 if (getsockname (conn->fd, (struct sockaddr *) &local, &size)) {
180 if (iptostring((struct sockaddr *)&local, size, iplocalport,
181 IP_PORT_BUFLEN) != SASL_OK) {
185 size = sizeof (remote);
186 if (getpeername (conn->fd, (struct sockaddr *) &remote, &size)) {
191 ((struct sockaddr *) &remote, size, ipremoteport,
192 IP_PORT_BUFLEN) != SASL_OK) {
196 rc = sasl_client_new(service, conn->account.host, iplocalport, ipremoteport,
197 mutt_sasl_get_callbacks(&conn->account), 0, saslconn);
203 /*** set sasl IP properties, necessary for use with krb4 ***/
204 /* Do we need to fail if this fails? I would assume having these unset
205 * would just disable KRB4. Who wrote this code?
208 struct sockaddr_in local, remote;
211 size = sizeof (local);
212 if (getsockname (conn->fd, (struct sockaddr *) &local, &size))
215 size = sizeof (remote);
216 if (getpeername (conn->fd, (struct sockaddr *) &remote, &size))
220 if (sasl_setprop (*saslconn, SASL_IP_LOCAL, &local) != SASL_OK) {
225 #ifdef SASL_IP_REMOTE
226 if (sasl_setprop (*saslconn, SASL_IP_REMOTE, &remote) != SASL_OK) {
232 /* set security properties. We use NOPLAINTEXT globally, since we can
233 * just fall back to LOGIN in the IMAP case anyway. If that doesn't
234 * work for POP, we can make it a flag or move this code into
235 * imap/auth_sasl.c */
236 p_clear(&secprops, 1);
237 /* Work around a casting bug in the SASL krb4 module */
238 secprops.max_ssf = 0x7fff;
239 secprops.maxbufsize = M_SASL_MAXBUF;
240 secprops.security_flags |= SASL_SEC_NOPLAINTEXT;
241 if (sasl_setprop (*saslconn, SASL_SEC_PROPS, &secprops) != SASL_OK) {
246 if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &(conn->ssf)) != SASL_OK)
250 if (sasl_setprop (*saslconn, SASL_AUTH_EXTERNAL, conn->account.user) !=
259 sasl_callback_t *mutt_sasl_get_callbacks (ACCOUNT * account)
261 sasl_callback_t *callback;
263 callback = mutt_sasl_callbacks;
265 callback->id = SASL_CB_USER;
266 callback->proc = mutt_sasl_cb_authname;
267 callback->context = account;
270 callback->id = SASL_CB_AUTHNAME;
271 callback->proc = mutt_sasl_cb_authname;
272 callback->context = account;
275 callback->id = SASL_CB_PASS;
276 callback->proc = mutt_sasl_cb_pass;
277 callback->context = account;
280 callback->id = SASL_CB_GETREALM;
281 callback->proc = NULL;
282 callback->context = NULL;
285 callback->id = SASL_CB_LIST_END;
286 callback->proc = NULL;
287 callback->context = NULL;
289 return mutt_sasl_callbacks;
292 int mutt_sasl_interact (sasl_interact_t * interaction)
294 char prompt[SHORT_STRING];
295 char resp[SHORT_STRING];
297 while (interaction->id != SASL_CB_LIST_END) {
298 snprintf (prompt, sizeof (prompt), "%s: ", interaction->prompt);
300 if (mutt_get_field (prompt, resp, sizeof (resp), 0))
303 interaction->len = m_strlen(resp) + 1;
304 interaction->result = p_dupstr(resp, interaction->len - 1);
311 /* SASL can stack a protection layer on top of an existing connection.
312 * To handle this, we store a saslconn_t in conn->sockdata, and write
313 * wrappers which en/decode the read/write stream, then replace sockdata
314 * with an embedded copy of the old sockdata and call the underlying
315 * functions (which we've also preserved). I thought about trying to make
316 * a general stackable connection system, but it seemed like overkill -
317 * something is wrong if we have 15 filters on top of a socket. Anyway,
318 * anything else which wishes to stack can use the same method. The only
319 * disadvantage is we have to write wrappers for all the socket methods,
320 * even if we only stack over read and write. Thinking about it, the
321 * abstraction problem is that there is more in CONNECTION than there
322 * needs to be. Ideally it would have only (void*)data and methods. */
324 /* mutt_sasl_setup_conn: replace connection methods, sockdata with
325 * SASL wrappers, for protection layers. Also get ssf, as a fastpath
326 * for the read/write methods. */
327 void mutt_sasl_setup_conn (CONNECTION * conn, sasl_conn_t * saslconn)
329 SASL_DATA *sasldata = p_new(SASL_DATA, 1);
331 sasldata->saslconn = saslconn;
332 /* get ssf so we know whether we have to (en|de)code read/write */
333 sasl_getprop (saslconn, SASL_SSF, (const void **)(void *)&sasldata->ssf);
335 /* Add SASL SSF to transport SSF */
336 conn->ssf += *sasldata->ssf;
337 sasl_getprop (saslconn, SASL_MAXOUTBUF,
338 (const void **)(void *)&sasldata->pbufsize);
340 /* clear input buffer */
341 sasldata->buf = NULL;
345 /* preserve old functions */
346 sasldata->sockdata = conn->sockdata;
347 sasldata->msasl_open = conn->conn_open;
348 sasldata->msasl_close = conn->conn_close;
349 sasldata->msasl_read = conn->conn_read;
350 sasldata->msasl_write = conn->conn_write;
352 /* and set up new functions */
353 conn->sockdata = sasldata;
354 conn->conn_open = mutt_sasl_conn_open;
355 conn->conn_close = mutt_sasl_conn_close;
356 conn->conn_read = mutt_sasl_conn_read;
357 conn->conn_write = mutt_sasl_conn_write;
360 void mutt_sasl_done (void) {
364 /* mutt_sasl_cb_authname: callback to retrieve authname or user from ACCOUNT */
365 static int mutt_sasl_cb_authname (void *context, int id, const char **result,
368 ACCOUNT *account = (ACCOUNT *) context;
375 return SASL_BADPARAM;
377 if (id == SASL_CB_AUTHNAME) {
378 if (mutt_account_getlogin (account))
380 *result = account->login;
382 if (mutt_account_getuser (account))
384 *result = account->user;
388 *len = m_strlen(*result);
393 static int mutt_sasl_cb_pass (sasl_conn_t * conn, void *context, int id,
394 sasl_secret_t ** psecret)
396 ACCOUNT *account = (ACCOUNT *) context;
399 if (!account || !psecret)
400 return SASL_BADPARAM;
402 if (mutt_account_getpass (account))
405 len = m_strlen(account->pass);
407 *psecret = xmalloc(sizeof(sasl_secret_t) + len);
408 (*psecret)->len = len;
409 strcpy ((char*) (*psecret)->data, account->pass); /* __STRCPY_CHECKED__ */
414 /* mutt_sasl_conn_open: empty wrapper for underlying open function. We
415 * don't know in advance that a connection will use SASL, so we
416 * replace conn's methods with sasl methods when authentication
417 * is successful, using mutt_sasl_setup_conn */
418 static int mutt_sasl_conn_open (CONNECTION * conn)
423 sasldata = (SASL_DATA *) conn->sockdata;
424 conn->sockdata = sasldata->sockdata;
425 rc = (sasldata->msasl_open) (conn);
426 conn->sockdata = sasldata;
431 /* mutt_sasl_conn_close: calls underlying close function and disposes of
432 * the sasl_conn_t object, then restores connection to pre-sasl state */
433 static int mutt_sasl_conn_close (CONNECTION * conn)
438 sasldata = (SASL_DATA *) conn->sockdata;
440 /* restore connection's underlying methods */
441 conn->sockdata = sasldata->sockdata;
442 conn->conn_open = sasldata->msasl_open;
443 conn->conn_close = sasldata->msasl_close;
444 conn->conn_read = sasldata->msasl_read;
445 conn->conn_write = sasldata->msasl_write;
447 /* release sasl resources */
448 sasl_dispose (&sasldata->saslconn);
449 p_delete(&sasldata->buf);
452 /* call underlying close */
453 rc = (conn->conn_close) (conn);
458 static int mutt_sasl_conn_read (CONNECTION * conn, char *buf, ssize_t len)
465 sasldata = (SASL_DATA *) conn->sockdata;
467 /* if we still have data in our read buffer, copy it into buf */
468 if (sasldata->blen > sasldata->bpos) {
469 olen = (sasldata->blen - sasldata->bpos > len) ? len :
470 sasldata->blen - sasldata->bpos;
472 memcpy (buf, sasldata->buf + sasldata->bpos, olen);
473 sasldata->bpos += olen;
478 conn->sockdata = sasldata->sockdata;
480 p_delete(&sasldata->buf);
484 /* and decode the result, if necessary */
485 if (*sasldata->ssf) {
487 /* call the underlying read function to fill the buffer */
488 rc = (sasldata->msasl_read) (conn, buf, len);
492 rc = sasl_decode (sasldata->saslconn, buf, rc, &sasldata->buf,
498 while (!sasldata->blen);
500 olen = (sasldata->blen - sasldata->bpos > len) ? len :
501 sasldata->blen - sasldata->bpos;
503 memcpy (buf, sasldata->buf, olen);
504 sasldata->bpos += olen;
509 rc = (sasldata->msasl_read) (conn, buf, len);
512 conn->sockdata = sasldata;
517 static int mutt_sasl_conn_write (CONNECTION * conn, const char *buf,
524 unsigned int olen, plen;
526 sasldata = (SASL_DATA *) conn->sockdata;
527 conn->sockdata = sasldata->sockdata;
529 /* encode data, if necessary */
530 if (*sasldata->ssf) {
531 /* handle data larger than MAXOUTBUF */
533 olen = (len > *sasldata->pbufsize) ? *sasldata->pbufsize : len;
535 rc = sasl_encode (sasldata->saslconn, buf, olen, &pbuf, &plen);
540 rc = (sasldata->msasl_write) (conn, pbuf, plen);
548 while (len > *sasldata->pbufsize);
551 /* just write using the underlying socket function */
552 rc = (sasldata->msasl_write) (conn, buf, len);
554 conn->sockdata = sasldata;
559 conn->sockdata = sasldata;