1 /* $NetBSD: mech_plain.c,v 1.4 2011/02/12 23:21:32 christos Exp $ */
2 
3 /* Copyright (c) 2010 The NetBSD Foundation, Inc.
4  * All rights reserved.
5  *
6  * This code is derived from software contributed to The NetBSD Foundation
7  * by Mateusz Kocielski.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  * 3. All advertising materials mentioning features or use of this software
18  *    must display the following acknowledgement:
19  *        This product includes software developed by the NetBSD
20  *        Foundation, Inc. and its contributors.
21  * 4. Neither the name of The NetBSD Foundation nor the names of its
22  *    contributors may be used to endorse or promote products derived
23  *    from this software without specific prior written permission.
24  *
25  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
26  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
27  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
28  * PURPOSE ARE DISCLAIMED.	IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
29  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35  * POSSIBILITY OF SUCH DAMAGE.
36  */
37 #include <sys/cdefs.h>
38 __RCSID("$NetBSD: mech_plain.c,v 1.4 2011/02/12 23:21:32 christos Exp $");
39 
40 #include <saslc.h>
41 #include <stdio.h>
42 #include <string.h>
43 
44 #include "error.h"
45 #include "mech.h"
46 #include "msg.h"
47 #include "saslc_private.h"
48 
49 
50 /* See RFC 2595. */
51 
52 /* properties */
53 #define SASLC_PLAIN_AUTHCID	SASLC_PROP_AUTHCID	/* username key */
54 #define SASLC_PLAIN_AUTHZID	SASLC_PROP_AUTHZID	/* authorization id */
55 #define SASLC_PLAIN_PASSWD	SASLC_PROP_PASSWD	/* password key */
56 
57 #define NUL_DELIM	'\x00'
58 #define CRED_MAX_LEN	255
59 
60 /**
61  * @brief doing one step of the sasl authentication
62  * @param sess sasl session
63  * @param in input data
64  * @param inlen input data length
65  * @param out place to store output data
66  * @param outlen output data length
67  * @return MECH_OK - success,
68  * MECH_STEP - more steps are needed,
69  * MECH_ERROR - error
70  */
71 /*ARGSUSED*/
72 static int
73 saslc__mech_plain_cont(saslc_sess_t *sess, const void *in __unused,
74     size_t inlen __unused, void **out, size_t *outlen)
75 {
76 	const char *authzid, *authcid, *passwd;
77 	char *outstr;
78 	int len;
79 
80 	authzid = saslc_sess_getprop(sess, SASLC_PLAIN_AUTHZID);
81 	if (authzid != NULL && strlen(authzid) > CRED_MAX_LEN) {
82 		saslc__error_set(ERR(sess), ERROR_MECH,
83 		    "authzid should be shorter than 256 characters");
84 		return MECH_ERROR;
85 	}
86 
87 	if ((authcid = saslc_sess_getprop(sess, SASLC_PLAIN_AUTHCID))
88 	    == NULL) {
89 		saslc__error_set(ERR(sess), ERROR_MECH,
90 			"authcid is required for an authentication");
91 		return MECH_ERROR;
92 	}
93 	if (strlen(authcid) > CRED_MAX_LEN) {
94 		saslc__error_set(ERR(sess), ERROR_MECH,
95 		    "authcid should be shorter than 256 characters");
96 		return MECH_ERROR;
97 	}
98 
99 	if ((passwd = saslc_sess_getprop(sess, SASLC_PLAIN_PASSWD))
100 	    == NULL) {
101 		saslc__error_set(ERR(sess), ERROR_MECH,
102 			"passwd is required for an authentication");
103 		return MECH_ERROR;
104 	}
105 	if (strlen(passwd) > CRED_MAX_LEN) {
106 		saslc__error_set(ERR(sess), ERROR_MECH,
107 		    "passwd should be shorter than 256 characters");
108 		return MECH_ERROR;
109 	}
110 
111 	len = asprintf(&outstr, "%s%c%s%c%s", authzid != NULL ? authzid : "",
112 	    NUL_DELIM, authcid, NUL_DELIM, passwd);
113 	if (len == -1) {
114 		saslc__error_set_errno(ERR(sess), ERROR_NOMEM);
115 		return MECH_ERROR;
116 	}
117 	*out = outstr;
118 	*outlen = len;
119 
120 	saslc__msg_dbg("saslc__mech_plain_cont: "
121 	    "authzid='%s' authcid='%s' passwd='%s'\n",
122 	    authzid != NULL ? authzid : "", authcid, passwd);
123 
124 	return MECH_OK;
125 }
126 
127 /* mechanism definition */
128 const saslc__mech_t saslc__mech_plain = {
129 	.name	 = "PLAIN",
130 	.flags	 = FLAG_PLAINTEXT,
131 	.create	 = saslc__mech_generic_create,
132 	.cont	 = saslc__mech_plain_cont,
133 	.encode	 = NULL,
134 	.decode	 = NULL,
135 	.destroy = saslc__mech_generic_destroy
136 };
137