2 * Copyright (C) 2000-3 Brendan Cully <brendan@kublai.com>
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
19 /* common SASL helper routines */
23 #include "mutt_sasl.h"
24 #include "mutt_socket.h"
28 #include <sasl/sasl.h>
32 #include <sys/socket.h>
33 #include <netinet/in.h>
36 static int getnameinfo_err(int ret)
39 dprint (1, (debugfile, "getnameinfo: "));
43 dprint (1, (debugfile, "The name could not be resolved at this time. Future attempts may succeed.\n"));
47 dprint (1, (debugfile, "The flags had an invalid value.\n"));
51 dprint (1, (debugfile, "A non-recoverable error occurred.\n"));
55 dprint (1, (debugfile, "The address family was not recognized or the address length was invalid for the specified family.\n"));
59 dprint (1, (debugfile, "There was a memory allocation failure.\n"));
63 dprint (1, (debugfile, "The name does not resolve for the supplied parameters. NI_NAMEREQD is set and the host's name cannot be located, or both nodename and servname were null.\n"));
64 err=SASL_FAIL; /* no real equivalent */
67 dprint (1, (debugfile, "A system error occurred. The error code can be found in errno(%d,%s)).\n",errno,strerror(errno)));
68 err=SASL_FAIL; /* no real equivalent */
71 dprint (1, (debugfile, "Unknown error %d\n",ret));
72 err=SASL_FAIL; /* no real equivalent */
79 /* arbitrary. SASL will probably use a smaller buffer anyway. OTOH it's
80 * been a while since I've had access to an SASL server which negotiated
81 * a protection buffer. */
82 #define M_SASL_MAXBUF 65536
85 #define IP_PORT_BUFLEN 1024
88 static sasl_callback_t mutt_sasl_callbacks[5];
90 static int mutt_sasl_start (void);
93 static int mutt_sasl_cb_log (void* context, int priority, const char* message);
94 static int mutt_sasl_cb_authname (void* context, int id, const char** result,
96 static int mutt_sasl_cb_pass (sasl_conn_t* conn, void* context, int id,
97 sasl_secret_t** psecret);
99 /* socket wrappers for a SASL security layer */
100 static int mutt_sasl_conn_open (CONNECTION* conn);
101 static int mutt_sasl_conn_close (CONNECTION* conn);
102 static int mutt_sasl_conn_read (CONNECTION* conn, char* buf, size_t len);
103 static int mutt_sasl_conn_write (CONNECTION* conn, const char* buf,
107 /* utility function, stolen from sasl2 sample code */
108 static int iptostring(const struct sockaddr *addr, socklen_t addrlen,
109 char *out, unsigned outlen) {
110 char hbuf[NI_MAXHOST], pbuf[NI_MAXSERV];
113 if(!addr || !out) return SASL_BADPARAM;
115 ret=getnameinfo(addr, addrlen, hbuf, sizeof(hbuf), pbuf, sizeof(pbuf),
117 #ifdef NI_WITHSCOPEID
122 return getnameinfo_err(ret);
124 if(outlen < strlen(hbuf) + strlen(pbuf) + 2)
127 snprintf(out, outlen, "%s;%s", hbuf, pbuf);
133 /* mutt_sasl_start: called before doing a SASL exchange - initialises library
134 * (if neccessary). */
135 int mutt_sasl_start (void)
137 static unsigned char sasl_init = 0;
139 static sasl_callback_t callbacks[2];
145 /* set up default logging callback */
146 callbacks[0].id = SASL_CB_LOG;
147 callbacks[0].proc = mutt_sasl_cb_log;
148 callbacks[0].context = NULL;
150 callbacks[1].id = SASL_CB_LIST_END;
151 callbacks[1].proc = NULL;
152 callbacks[1].context = NULL;
154 rc = sasl_client_init (callbacks);
158 dprint (1, (debugfile, "mutt_sasl_start: libsasl initialisation failed.\n"));
167 /* mutt_sasl_client_new: wrapper for sasl_client_new which also sets various
168 * security properties. If this turns out to be fine for POP too we can
169 * probably stop exporting mutt_sasl_get_callbacks(). */
170 int mutt_sasl_client_new (CONNECTION* conn, sasl_conn_t** saslconn)
172 sasl_security_properties_t secprops;
174 struct sockaddr_storage local, remote;
176 char iplocalport[IP_PORT_BUFLEN], ipremoteport[IP_PORT_BUFLEN];
178 sasl_external_properties_t extprops;
183 if (mutt_sasl_start () != SASL_OK)
186 switch (conn->account.type)
188 case M_ACCT_TYPE_IMAP:
191 case M_ACCT_TYPE_POP:
195 dprint (1, (debugfile, "mutt_sasl_client_new: account type unset\n"));
200 size = sizeof (local);
201 if (getsockname (conn->fd, (struct sockaddr *)&local, &size)){
202 dprint (1, (debugfile, "mutt_sasl_client_new: getsockname for local failed\n"));
206 if (iptostring((struct sockaddr *)&local, size, iplocalport, IP_PORT_BUFLEN) != SASL_OK){
207 dprint (1, (debugfile, "mutt_sasl_client_new: iptostring for local failed\n"));
211 size = sizeof (remote);
212 if (getpeername (conn->fd, (struct sockaddr *)&remote, &size)){
213 dprint (1, (debugfile, "mutt_sasl_client_new: getsockname for remote failed\n"));
217 if (iptostring((struct sockaddr *)&remote, size, ipremoteport, IP_PORT_BUFLEN) != SASL_OK){
218 dprint (1, (debugfile, "mutt_sasl_client_new: iptostring for remote failed\n"));
222 dprint(1,(debugfile, "local ip: %s, remote ip:%s\n", iplocalport, ipremoteport));
224 rc = sasl_client_new (service, conn->account.host, iplocalport, ipremoteport,
225 mutt_sasl_get_callbacks (&conn->account), 0, saslconn);
228 rc = sasl_client_new (service, conn->account.host,
229 mutt_sasl_get_callbacks (&conn->account), SASL_SECURITY_LAYER, saslconn);
234 dprint (1, (debugfile,
235 "mutt_sasl_client_new: Error allocating SASL connection\n"));
239 /*** set sasl IP properties, necessary for use with krb4 ***/
240 /* Do we need to fail if this fails? I would assume having these unset
241 * would just disable KRB4. Who wrote this code? I'm not sure how this
242 * interacts with the NSS code either, since that mucks with the fd. */
243 #ifndef USE_SASL2 /* with SASLv2 this all happens in sasl_client_new */
245 struct sockaddr_in local, remote;
248 size = sizeof (local);
249 if (getsockname (conn->fd, (struct sockaddr*) &local, &size))
252 size = sizeof(remote);
253 if (getpeername(conn->fd, (struct sockaddr*) &remote, &size))
257 if (sasl_setprop(*saslconn, SASL_IP_LOCAL, &local) != SASL_OK)
259 dprint (1, (debugfile,
260 "mutt_sasl_client_new: Error setting local IP address\n"));
265 #ifdef SASL_IP_REMOTE
266 if (sasl_setprop(*saslconn, SASL_IP_REMOTE, &remote) != SASL_OK)
268 dprint (1, (debugfile,
269 "mutt_sasl_client_new: Error setting remote IP address\n"));
276 /* set security properties. We use NOPLAINTEXT globally, since we can
277 * just fall back to LOGIN in the IMAP case anyway. If that doesn't
278 * work for POP, we can make it a flag or move this code into
279 * imap/auth_sasl.c */
280 memset (&secprops, 0, sizeof (secprops));
281 /* Work around a casting bug in the SASL krb4 module */
282 secprops.max_ssf = 0x7fff;
283 secprops.maxbufsize = M_SASL_MAXBUF;
284 secprops.security_flags |= SASL_SEC_NOPLAINTEXT;
285 if (sasl_setprop (*saslconn, SASL_SEC_PROPS, &secprops) != SASL_OK)
287 dprint (1, (debugfile,
288 "mutt_sasl_client_new: Error setting security properties\n"));
292 /* we currently don't have an SSF finder for NSS (I don't know the API).
293 * If someone does it'd probably be trivial to write mutt_nss_get_ssf().
294 * I have a feeling more SSL code could be shared between those two files,
295 * but I haven't looked into it yet, since I still don't know the APIs. */
296 #if (defined(USE_SSL) || defined(USE_GNUTLS) && !defined(USE_NSS)
297 if (conn->account.flags & M_ACCT_SSL)
299 #ifdef USE_SASL2 /* I'm not sure this actually has an effect, at least with SASLv2 */
300 dprint (2, (debugfile, "External SSF: %d\n", conn->ssf));
301 if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &(conn->ssf)) != SASL_OK)
303 memset (&extprops, 0, sizeof (extprops));
304 extprops.ssf = conn->ssf;
305 dprint (2, (debugfile, "External SSF: %d\n", extprops.ssf));
306 if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &extprops) != SASL_OK)
309 dprint (1, (debugfile, "mutt_sasl_client_new: Error setting external properties\n"));
313 dprint (2, (debugfile, "External authentication name: %s\n","NULL"));
314 if (sasl_setprop (*saslconn, SASL_AUTH_EXTERNAL, NULL) != SASL_OK)
316 dprint (1, (debugfile, "mutt_sasl_client_new: Error setting external properties\n"));
326 sasl_callback_t* mutt_sasl_get_callbacks (ACCOUNT* account)
328 sasl_callback_t* callback;
330 callback = mutt_sasl_callbacks;
332 callback->id = SASL_CB_AUTHNAME;
333 callback->proc = mutt_sasl_cb_authname;
334 callback->context = account;
337 callback->id = SASL_CB_USER;
338 callback->proc = mutt_sasl_cb_authname;
339 callback->context = account;
342 callback->id = SASL_CB_PASS;
343 callback->proc = mutt_sasl_cb_pass;
344 callback->context = account;
347 callback->id = SASL_CB_GETREALM;
348 callback->proc = NULL;
349 callback->context = NULL;
352 callback->id = SASL_CB_LIST_END;
353 callback->proc = NULL;
354 callback->context = NULL;
356 return mutt_sasl_callbacks;
359 int mutt_sasl_interact (sasl_interact_t* interaction)
361 char prompt[SHORT_STRING];
362 char resp[SHORT_STRING];
364 while (interaction->id != SASL_CB_LIST_END)
366 dprint (2, (debugfile, "mutt_sasl_interact: filling in SASL interaction %ld.\n", interaction->id));
368 snprintf (prompt, sizeof (prompt), "%s: ", interaction->prompt);
370 if (mutt_get_field (prompt, resp, sizeof (resp), 0))
373 interaction->len = mutt_strlen (resp)+1;
374 interaction->result = safe_malloc (interaction->len);
375 memcpy (interaction->result, resp, interaction->len);
383 /* SASL can stack a protection layer on top of an existing connection.
384 * To handle this, we store a saslconn_t in conn->sockdata, and write
385 * wrappers which en/decode the read/write stream, then replace sockdata
386 * with an embedded copy of the old sockdata and call the underlying
387 * functions (which we've also preserved). I thought about trying to make
388 * a general stackable connection system, but it seemed like overkill -
389 * something is wrong if we have 15 filters on top of a socket. Anyway,
390 * anything else which wishes to stack can use the same method. The only
391 * disadvantage is we have to write wrappers for all the socket methods,
392 * even if we only stack over read and write. Thinking about it, the
393 * abstraction problem is that there is more in CONNECTION than there
394 * needs to be. Ideally it would have only (void*)data and methods. */
396 /* mutt_sasl_setup_conn: replace connection methods, sockdata with
397 * SASL wrappers, for protection layers. Also get ssf, as a fastpath
398 * for the read/write methods. */
399 void mutt_sasl_setup_conn (CONNECTION* conn, sasl_conn_t* saslconn)
401 SASL_DATA* sasldata = (SASL_DATA*) safe_malloc (sizeof (SASL_DATA));
403 sasldata->saslconn = saslconn;
404 /* get ssf so we know whether we have to (en|de)code read/write */
406 sasl_getprop (saslconn, SASL_SSF, (const void**) &sasldata->ssf);
408 sasl_getprop (saslconn, SASL_SSF, (void**) &sasldata->ssf);
410 dprint (3, (debugfile, "SASL protection strength: %u\n", *sasldata->ssf));
411 /* Add SASL SSF to transport SSF */
412 conn->ssf += *sasldata->ssf;
414 sasl_getprop (saslconn, SASL_MAXOUTBUF, (const void**) &sasldata->pbufsize);
416 sasl_getprop (saslconn, SASL_MAXOUTBUF, (void**) &sasldata->pbufsize);
418 dprint (3, (debugfile, "SASL protection buffer size: %u\n", *sasldata->pbufsize));
420 /* clear input buffer */
421 sasldata->buf = NULL;
425 /* preserve old functions */
426 sasldata->sockdata = conn->sockdata;
427 sasldata->open = conn->open;
428 sasldata->close = conn->close;
429 sasldata->read = conn->read;
430 sasldata->write = conn->write;
432 /* and set up new functions */
433 conn->sockdata = sasldata;
434 conn->open = mutt_sasl_conn_open;
435 conn->close = mutt_sasl_conn_close;
436 conn->read = mutt_sasl_conn_read;
437 conn->write = mutt_sasl_conn_write;
440 /* mutt_sasl_cb_log: callback to log SASL messages */
441 static int mutt_sasl_cb_log (void* context, int priority, const char* message)
443 dprint (priority, (debugfile, "SASL: %s\n", message));
448 /* mutt_sasl_cb_authname: callback to retrieve authname or user (mutt
449 * doesn't distinguish, even if some SASL plugins do) from ACCOUNT */
450 static int mutt_sasl_cb_authname (void* context, int id, const char** result,
453 ACCOUNT* account = (ACCOUNT*) context;
460 return SASL_BADPARAM;
462 dprint (2, (debugfile, "mutt_sasl_cb_authname: getting %s for %s:%u\n",
463 id == SASL_CB_AUTHNAME ? "authname" : "user",
464 account->host, account->port));
466 if (mutt_account_getuser (account))
469 *result = account->user;
472 *len = strlen (*result);
477 static int mutt_sasl_cb_pass (sasl_conn_t* conn, void* context, int id,
478 sasl_secret_t** psecret)
480 ACCOUNT* account = (ACCOUNT*) context;
483 if (!account || !psecret)
484 return SASL_BADPARAM;
486 dprint (2, (debugfile,
487 "mutt_sasl_cb_pass: getting password for %s@%s:%u\n", account->user,
488 account->host, account->port));
490 if (mutt_account_getpass (account))
493 len = strlen (account->pass);
495 *psecret = (sasl_secret_t*) safe_malloc (sizeof (sasl_secret_t) + len);
496 (*psecret)->len = len;
497 strcpy ((*psecret)->data, account->pass); /* __STRCPY_CHECKED__ */
502 /* mutt_sasl_conn_open: empty wrapper for underlying open function. We
503 * don't know in advance that a connection will use SASL, so we
504 * replace conn's methods with sasl methods when authentication
505 * is successful, using mutt_sasl_setup_conn */
506 static int mutt_sasl_conn_open (CONNECTION* conn)
511 sasldata = (SASL_DATA*) conn->sockdata;
512 conn->sockdata = sasldata->sockdata;
513 rc = (sasldata->open) (conn);
514 conn->sockdata = sasldata;
519 /* mutt_sasl_conn_close: calls underlying close function and disposes of
520 * the sasl_conn_t object, then restores connection to pre-sasl state */
521 static int mutt_sasl_conn_close (CONNECTION* conn)
526 sasldata = (SASL_DATA*) conn->sockdata;
528 /* restore connection's underlying methods */
529 conn->sockdata = sasldata->sockdata;
530 conn->open = sasldata->open;
531 conn->close = sasldata->close;
532 conn->read = sasldata->read;
533 conn->write = sasldata->write;
535 /* release sasl resources */
536 sasl_dispose (&sasldata->saslconn);
538 FREE (&sasldata->buf);
542 /* call underlying close */
543 rc = (conn->close) (conn);
548 static int mutt_sasl_conn_read (CONNECTION* conn, char* buf, size_t len)
555 sasldata = (SASL_DATA*) conn->sockdata;
557 /* if we still have data in our read buffer, copy it into buf */
558 if (sasldata->blen > sasldata->bpos)
560 olen = (sasldata->blen - sasldata->bpos > len) ? len :
561 sasldata->blen - sasldata->bpos;
563 memcpy (buf, sasldata->buf+sasldata->bpos, olen);
564 sasldata->bpos += olen;
569 conn->sockdata = sasldata->sockdata;
572 FREE (&sasldata->buf);
577 /* and decode the result, if necessary */
582 /* call the underlying read function to fill the buffer */
583 rc = (sasldata->read) (conn, buf, len);
587 rc = sasl_decode (sasldata->saslconn, buf, rc, &sasldata->buf,
591 dprint (1, (debugfile, "SASL decode failed: %s\n",
592 sasl_errstring (rc, NULL, NULL)));
596 while (!sasldata->blen);
598 olen = (sasldata->blen - sasldata->bpos > len) ? len :
599 sasldata->blen - sasldata->bpos;
601 memcpy (buf, sasldata->buf, olen);
602 sasldata->bpos += olen;
607 rc = (sasldata->read) (conn, buf, len);
610 conn->sockdata = sasldata;
615 static int mutt_sasl_conn_write (CONNECTION* conn, const char* buf,
626 unsigned int olen, plen;
628 sasldata = (SASL_DATA*) conn->sockdata;
629 conn->sockdata = sasldata->sockdata;
631 /* encode data, if necessary */
634 /* handle data larger than MAXOUTBUF */
637 olen = (len > *sasldata->pbufsize) ? *sasldata->pbufsize : len;
639 rc = sasl_encode (sasldata->saslconn, buf, olen, &pbuf, &plen);
642 dprint (1, (debugfile, "SASL encoding failed: %s\n",
643 sasl_errstring (rc, NULL, NULL)));
647 rc = (sasldata->write) (conn, pbuf, plen);
657 while (len > *sasldata->pbufsize);
660 /* just write using the underlying socket function */
661 rc = (sasldata->write) (conn, buf, len);
663 conn->sockdata = sasldata;
668 conn->sockdata = sasldata;