2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1998-2018 The OpenLDAP Foundation.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted only as authorized by the OpenLDAP
11 * A copy of this license is available in the file LICENSE in the
12 * top-level directory of the distribution or, alternatively, at
13 * <http://www.OpenLDAP.org/license.html>.
18 #ifdef HAVE_CYRUS_SASL
21 #include <ac/stdlib.h>
22 #include <ac/string.h>
23 #include <ac/unistd.h>
25 #ifdef HAVE_SASL_SASL_H
26 #include <sasl/sasl.h>
33 #include "lutil_ldap.h"
36 typedef struct lutil_sasl_defaults_s {
51 lutilSASLdefaults *defs = defaults;
53 assert( defs != NULL );
55 if (defs->mech) ber_memfree(defs->mech);
56 if (defs->realm) ber_memfree(defs->realm);
57 if (defs->authcid) ber_memfree(defs->authcid);
58 if (defs->passwd) ber_memfree(defs->passwd);
59 if (defs->authzid) ber_memfree(defs->authzid);
60 if (defs->resps) ldap_charray_free(defs->resps);
74 lutilSASLdefaults *defaults;
76 defaults = ber_memalloc( sizeof( lutilSASLdefaults ) );
78 if( defaults == NULL ) return NULL;
80 defaults->mech = mech ? ber_strdup(mech) : NULL;
81 defaults->realm = realm ? ber_strdup(realm) : NULL;
82 defaults->authcid = authcid ? ber_strdup(authcid) : NULL;
83 defaults->passwd = passwd ? ber_strdup(passwd) : NULL;
84 defaults->authzid = authzid ? ber_strdup(authzid) : NULL;
86 if( defaults->mech == NULL ) {
87 ldap_get_option( ld, LDAP_OPT_X_SASL_MECH, &defaults->mech );
89 if( defaults->realm == NULL ) {
90 ldap_get_option( ld, LDAP_OPT_X_SASL_REALM, &defaults->realm );
92 if( defaults->authcid == NULL ) {
93 ldap_get_option( ld, LDAP_OPT_X_SASL_AUTHCID, &defaults->authcid );
95 if( defaults->authzid == NULL ) {
96 ldap_get_option( ld, LDAP_OPT_X_SASL_AUTHZID, &defaults->authzid );
98 defaults->resps = NULL;
104 static int interaction(
106 sasl_interact_t *interact,
107 lutilSASLdefaults *defaults )
109 const char *dflt = interact->defresult;
115 switch( interact->id ) {
116 case SASL_CB_GETREALM:
117 if( defaults ) dflt = defaults->realm;
119 case SASL_CB_AUTHNAME:
120 if( defaults ) dflt = defaults->authcid;
123 if( defaults ) dflt = defaults->passwd;
127 if( defaults ) dflt = defaults->authzid;
129 case SASL_CB_NOECHOPROMPT:
133 case SASL_CB_ECHOPROMPT:
138 if( dflt && !*dflt ) dflt = NULL;
140 if( flags != LDAP_SASL_INTERACTIVE &&
141 ( dflt || interact->id == SASL_CB_USER ) )
146 if( flags == LDAP_SASL_QUIET ) {
152 if( interact->challenge ) {
153 fprintf( stderr, _("Challenge: %s\n"), interact->challenge );
158 fprintf( stderr, _("Default: %s\n"), dflt );
161 snprintf( input, sizeof input, "%s: ",
162 interact->prompt ? interact->prompt : _("Interact") );
165 interact->result = (char *) getpassphrase( input );
166 interact->len = interact->result
167 ? strlen( interact->result ) : 0;
171 fputs( input, stderr );
174 interact->result = fgets( input, sizeof(input), stdin );
176 if( interact->result == NULL ) {
178 return LDAP_UNAVAILABLE;
182 interact->len = strlen(input);
184 if( interact->len > 0 && input[interact->len - 1] == '\n' ) {
185 /* input includes '\n', trim it */
187 input[interact->len] = '\0';
192 if( interact->len > 0 ) {
194 char *p = (char *)interact->result;
195 ldap_charray_add(&defaults->resps, interact->result);
196 interact->result = defaults->resps[defaults->nresps++];
199 memset( p, '\0', interact->len );
203 /* input must be empty */
204 interact->result = (dflt && *dflt) ? dflt : "";
205 interact->len = strlen( interact->result );
211 int lutil_sasl_interact(
217 sasl_interact_t *interact = in;
219 if( ld == NULL ) return LDAP_PARAM_ERROR;
221 if( flags == LDAP_SASL_INTERACTIVE ) {
222 fputs( _("SASL Interaction\n"), stderr );
225 while( interact->id != SASL_CB_LIST_END ) {
226 int rc = interaction( flags, interact, defaults );