3 * Copyright 2000-2002 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/stdlib.h>
13 #include <ac/string.h>
14 #include <ac/unistd.h>
16 #ifdef HAVE_SASL_SASL_H
17 #include <sasl/sasl.h>
23 #include "lutil_ldap.h"
26 typedef struct lutil_sasl_defaults_s {
44 lutilSASLdefaults *defaults;
46 defaults = ber_memalloc( sizeof( lutilSASLdefaults ) );
48 if( defaults == NULL ) return NULL;
50 defaults->mech = mech;
51 defaults->realm = realm;
52 defaults->authcid = authcid;
53 defaults->passwd = passwd;
54 defaults->authzid = authzid;
56 if( defaults->mech == NULL ) {
57 ldap_get_option( ld, LDAP_OPT_X_SASL_MECH, &defaults->mech );
59 if( defaults->realm == NULL ) {
60 ldap_get_option( ld, LDAP_OPT_X_SASL_REALM, &defaults->realm );
62 if( defaults->authcid == NULL ) {
63 ldap_get_option( ld, LDAP_OPT_X_SASL_AUTHCID, &defaults->authcid );
65 if( defaults->authzid == NULL ) {
66 ldap_get_option( ld, LDAP_OPT_X_SASL_AUTHZID, &defaults->authzid );
72 static int interaction(
74 sasl_interact_t *interact,
75 lutilSASLdefaults *defaults )
77 const char *dflt = interact->defresult;
83 switch( interact->id ) {
84 case SASL_CB_GETREALM:
85 if( defaults ) dflt = defaults->realm;
87 case SASL_CB_AUTHNAME:
88 if( defaults ) dflt = defaults->authcid;
91 if( defaults ) dflt = defaults->passwd;
95 if( defaults ) dflt = defaults->authzid;
97 case SASL_CB_NOECHOPROMPT:
101 case SASL_CB_ECHOPROMPT:
106 if( dflt && !*dflt ) dflt = NULL;
108 if( flags != LDAP_SASL_INTERACTIVE &&
109 ( dflt || interact->id == SASL_CB_USER ) )
114 if( flags == LDAP_SASL_QUIET ) {
120 if( interact->challenge ) {
121 fprintf( stderr, "Challenge: %s\n", interact->challenge );
126 fprintf( stderr, "Default: %s\n", dflt );
129 sprintf( input, "%s: ",
130 interact->prompt ? interact->prompt : "Interact" );
133 interact->result = (char *) getpassphrase( input );
134 interact->len = interact->result
135 ? strlen( interact->result ) : 0;
139 fputs( input, stderr );
142 interact->result = fgets( input, sizeof(input), stdin );
144 if( interact->result == NULL ) {
146 return LDAP_UNAVAILABLE;
150 interact->len = strlen(input);
152 if( interact->len > 0 && input[interact->len - 1] == '\n' ) {
153 /* input includes '\n', trim it */
155 input[interact->len] = '\0';
160 if( interact->len > 0 ) {
162 char *p = (char *)interact->result;
163 interact->result = strdup( p );
166 memset( p, '\0', interact->len );
170 /* input must be empty */
171 interact->result = strdup( (dflt && *dflt) ? dflt : "" );
172 interact->len = interact->result
173 ? strlen( interact->result ) : 0;
176 if( defaults && defaults->passwd && interact->id == SASL_CB_PASS ) {
177 /* zap password after first use */
178 memset( defaults->passwd, '\0', strlen(defaults->passwd) );
179 defaults->passwd = NULL;
185 int lutil_sasl_interact(
191 sasl_interact_t *interact = in;
193 if( flags == LDAP_SASL_INTERACTIVE ) {
194 fputs( "SASL Interaction\n", stderr );
197 while( interact->id != SASL_CB_LIST_END ) {
198 int rc = interaction( flags, interact, defaults );