181 cmechlist = NULL;
182 #endif /* _SUN_SDK_ */
183
184 return SASL_OK;
185 }
186
187 int sasl_client_add_plugin(const char *plugname,
188 sasl_client_plug_init_t *entry_point)
189 {
190 #ifdef _SUN_SDK_
191 return (_sasl_client_add_plugin(_sasl_gbl_ctx(), plugname, entry_point));
192 }
193
194 int _sasl_client_add_plugin(void *ctx,
195 const char *plugname,
196 sasl_client_plug_init_t *entry_point)
197 {
198 cmech_list_t *cmechlist;
199 #ifdef _INTEGRATED_SOLARIS_
200 _sasl_global_context_t *gctx = ctx == NULL ? _sasl_gbl_ctx() : ctx;
201 /* EXPORT DELETE START */
202 /* CRYPT DELETE START */
203 int sun_reg;
204 /* CRYPT DELETE END */
205 /* EXPORT DELETE END */
206 #endif /* _INTEGRATED_SOLARIS_ */
207 int i;
208 cmechanism_t *m;
209 #endif /* _SUN_SDK_ */
210 int plugcount;
211 sasl_client_plug_t *pluglist;
212 cmechanism_t *mech;
213 int result;
214 int version;
215 int lupe;
216
217 if(!plugname || !entry_point) return SASL_BADPARAM;
218
219 #ifdef _SUN_SDK_
220 cmechlist = gctx->cmechlist;
221
222 if (cmechlist == NULL) return SASL_BADPARAM;
223
224 /* Check to see if this plugin has already been registered */
225 m = cmechlist->mech_list;
226 for (i = 0; i < cmechlist->mech_length; i++) {
227 if (strcmp(plugname, m->plugname) == 0) {
228 return SASL_OK;
229 }
230 m = m->next;
231 }
232
233 result = LOCK_MUTEX(&client_plug_mutex);
234 if (result != SASL_OK)
235 return result;
236
237 #endif /* _SUN_SDK_ */
238
239 result = entry_point(cmechlist->utils, SASL_CLIENT_PLUG_VERSION, &version,
240 &pluglist, &plugcount);
241
242 /* EXPORT DELETE START */
243 /* CRYPT DELETE START */
244 #ifdef _INTEGRATED_SOLARIS_
245 sun_reg = _is_sun_reg(pluglist);
246 #endif /* _INTEGRATED_SOLARIS_ */
247 /* CRYPT DELETE END */
248 /* EXPORT DELETE END */
249 if (result != SASL_OK)
250 {
251 #ifdef _SUN_SDK_
252 UNLOCK_MUTEX(&client_plug_mutex);
253 __sasl_log(gctx, gctx->client_global_callbacks.callbacks, SASL_LOG_WARN,
254 "entry_point failed in sasl_client_add_plugin for %s",
255 plugname);
256 #else
257 _sasl_log(NULL, SASL_LOG_WARN,
258 "entry_point failed in sasl_client_add_plugin for %s",
259 plugname);
260 #endif /* _SUN_SDK_ */
261 return result;
262 }
263
264 if (version != SASL_CLIENT_PLUG_VERSION)
265 {
266 #ifdef _SUN_SDK_
267 UNLOCK_MUTEX(&client_plug_mutex);
268 __sasl_log(gctx, gctx->client_global_callbacks.callbacks, SASL_LOG_WARN,
292 {
293 mech = sasl_ALLOC(sizeof(cmechanism_t));
294 #ifdef _SUN_SDK_
295 if (! mech) {
296 UNLOCK_MUTEX(&client_plug_mutex);
297 return SASL_NOMEM;
298 }
299 mech->glob_context = pluglist->glob_context;
300 #else
301 if (! mech) return SASL_NOMEM;
302 #endif /* _SUN_SDK_ */
303
304 mech->plug=pluglist++;
305 if(_sasl_strdup(plugname, &mech->plugname, NULL) != SASL_OK) {
306 #ifdef _SUN_SDK_
307 UNLOCK_MUTEX(&client_plug_mutex);
308 #endif /* _SUN_SDK_ */
309 sasl_FREE(mech);
310 return SASL_NOMEM;
311 }
312 /* EXPORT DELETE START */
313 /* CRYPT DELETE START */
314 #ifdef _INTEGRATED_SOLARIS_
315 mech->sun_reg = sun_reg;
316 #endif /* _INTEGRATED_SOLARIS_ */
317 /* CRYPT DELETE END */
318 /* EXPORT DELETE END */
319 mech->version = version;
320 mech->next = cmechlist->mech_list;
321 cmechlist->mech_list = mech;
322 cmechlist->mech_length++;
323 }
324 #ifdef _SUN_SDK_
325 UNLOCK_MUTEX(&client_plug_mutex);
326 #endif /* _SUN_SDK_ */
327
328 return SASL_OK;
329 }
330
331 static int
332 client_idle(sasl_conn_t *conn)
333 {
334 cmechanism_t *m;
335 #ifdef _SUN_SDK_
336 _sasl_global_context_t *gctx = conn == NULL ? _sasl_gbl_ctx() : conn->gctx;
337 cmech_list_t *cmechlist = gctx->cmechlist;
338 #endif /* _SUN_SDK_ */
826 name[place]=0;
827
828 if (! place) continue;
829
830 /* foreach in server list */
831 for (m = cmechlist->mech_list; m != NULL; m = m->next) {
832 int myflags;
833
834 /* Is this the mechanism the server is suggesting? */
835 if (strcasecmp(m->plug->mech_name, name))
836 continue; /* no */
837
838 /* Do we have the prompts for it? */
839 if (!have_prompts(conn, m->plug))
840 break;
841
842 /* Is it strong enough? */
843 if (minssf > m->plug->max_ssf)
844 break;
845
846 /* EXPORT DELETE START */
847 /* CRYPT DELETE START */
848 #ifdef _INTEGRATED_SOLARIS_
849 /* If not SUN supplied mech, it has no strength */
850 if (minssf > 0 && !m->sun_reg)
851 break;
852 #endif /* _INTEGRATED_SOLARIS_ */
853 /* CRYPT DELETE END */
854 /* EXPORT DELETE END */
855
856 /* Does it meet our security properties? */
857 myflags = conn->props.security_flags;
858
859 /* if there's an external layer this is no longer plaintext */
860 if ((conn->props.min_ssf <= conn->external.ssf) &&
861 (conn->external.ssf > 1)) {
862 myflags &= ~SASL_SEC_NOPLAINTEXT;
863 }
864
865 if (((myflags ^ m->plug->security_flags) & myflags) != 0) {
866 break;
867 }
868
869 /* Can we meet it's features? */
870 if ((m->plug->features & SASL_FEAT_NEEDSERVERFQDN)
871 && !conn->serverFQDN) {
872 break;
873 }
874
875 /* Can it meet our features? */
876 if ((conn->flags & SASL_NEED_PROXY) &&
877 !(m->plug->features & SASL_FEAT_ALLOWS_PROXY)) {
878 break;
879 }
880
881 #ifdef PREFER_MECH
882 /* EXPORT DELETE START */
883 /* CRYPT DELETE START */
884 #ifdef _INTEGRATED_SOLARIS_
885 if (strcasecmp(m->plug->mech_name, PREFER_MECH) &&
886 bestm && (m->sun_reg && m->plug->max_ssf <= bestssf) ||
887 (m->plug->max_ssf == 0)) {
888 #else
889 /* CRYPT DELETE END */
890 /* EXPORT DELETE END */
891 if (strcasecmp(m->plug->mech_name, PREFER_MECH) &&
892 bestm && m->plug->max_ssf <= bestssf) {
893
894 /* EXPORT DELETE START */
895 /* CRYPT DELETE START */
896 #endif /* _INTEGRATED_SOLARIS_ */
897 /* CRYPT DELETE END */
898 /* EXPORT DELETE END */
899
900 /* this mechanism isn't our favorite, and it's no better
901 than what we already have! */
902 break;
903 }
904 #else
905 /* EXPORT DELETE START */
906 /* CRYPT DELETE START */
907 #ifdef _INTEGRATED_SOLARIS_
908 if (bestm && m->sun_reg && m->plug->max_ssf <= bestssf) {
909 #else
910 /* CRYPT DELETE END */
911 /* EXPORT DELETE END */
912
913 if (bestm && m->plug->max_ssf <= bestssf) {
914 /* EXPORT DELETE START */
915 /* CRYPT DELETE START */
916 #endif /* _INTEGRATED_SOLARIS_ */
917 /* CRYPT DELETE END */
918 /* EXPORT DELETE END */
919
920 /* this mechanism is no better than what we already have! */
921 break;
922 }
923 #endif
924
925 /* compare security flags, only take new mechanism if it has
926 * all the security flags of the previous one.
927 *
928 * From the mechanisms we ship with, this yields the order:
929 *
930 * SRP
931 * GSSAPI + KERBEROS_V4
932 * DIGEST + OTP
933 * CRAM + EXTERNAL
934 * PLAIN + LOGIN + ANONYMOUS
935 *
936 * This might be improved on by comparing the numeric value of
937 * the bitwise-or'd security flags, which splits DIGEST/OTP,
938 * CRAM/EXTERNAL, and PLAIN/LOGIN from ANONYMOUS, but then we
939 * are depending on the numeric values of the flags (which may
940 * change, and their ordering could be considered dumb luck.
941 */
942
943 if (bestm &&
944 ((m->plug->security_flags ^ bestm->plug->security_flags) &
945 bestm->plug->security_flags)) {
946 break;
947 }
948
949 if (mech) {
950 *mech = m->plug->mech_name;
951 }
952 /* EXPORT DELETE START */
953 /* CRYPT DELETE START */
954 #ifdef _INTEGRATED_SOLARIS_
955 bestssf = m->sun_reg ? m->plug->max_ssf : 0;
956 #else
957 /* CRYPT DELETE END */
958 /* EXPORT DELETE END */
959 bestssf = m->plug->max_ssf;
960 /* EXPORT DELETE START */
961 /* CRYPT DELETE START */
962 #endif /* _INTEGRATED_SOLARIS_ */
963 /* CRYPT DELETE END */
964 /* EXPORT DELETE END */
965 bestm = m;
966 break;
967 }
968 }
969
970 if (bestm == NULL) {
971 #ifdef _INTEGRATED_SOLARIS_
972 sasl_seterror(conn, 0, gettext("No worthy mechs found"));
973 #else
974 sasl_seterror(conn, 0, "No worthy mechs found");
975 #endif /* _INTEGRATED_SOLARIS_ */
976 result = SASL_NOMECH;
977 goto done;
978 }
979
980 /* make (the rest of) cparams */
981 c_conn->cparams->service = conn->service;
982 c_conn->cparams->servicelen = strlen(conn->service);
983
984 c_conn->cparams->serverFQDN = conn->serverFQDN;
985 c_conn->cparams->slen = strlen(conn->serverFQDN);
986
987 c_conn->cparams->clientFQDN = c_conn->clientFQDN;
988 c_conn->cparams->clen = strlen(c_conn->clientFQDN);
989
990 c_conn->cparams->external_ssf = conn->external.ssf;
991 c_conn->cparams->props = conn->props;
992 /* EXPORT DELETE START */
993 /* CRYPT DELETE START */
994 #ifdef _INTEGRATED_SOLARIS_
995 if (!bestm->sun_reg) {
996 c_conn->cparams->props.min_ssf = 0;
997 c_conn->cparams->props.max_ssf = 0;
998 }
999 c_conn->base.sun_reg = bestm->sun_reg;
1000 #endif /* _INTEGRATED_SOLARIS_ */
1001 /* CRYPT DELETE END */
1002 /* EXPORT DELETE END */
1003 c_conn->mech = bestm;
1004
1005 /* init that plugin */
1006 #ifdef _SUN_SDK_
1007 result = c_conn->mech->plug->mech_new(c_conn->mech->glob_context,
1008 #else
1009 result = c_conn->mech->plug->mech_new(c_conn->mech->plug->glob_context,
1010 #endif /* _SUN_SDK_ */
1011 c_conn->cparams,
1012 &(conn->context));
1013 if(result != SASL_OK) goto done;
1014
1015 /* do a step -- but only if we can do a client-send-first */
1016 dostep:
1017 if(clientout) {
1018 if(c_conn->mech->plug->features & SASL_FEAT_SERVER_FIRST) {
1019 *clientout = NULL;
1020 *clientoutlen = 0;
1021 result = SASL_CONTINUE;
1022 } else {
1204 + 1;
1205 ret = _buf_alloc(&conn->mechlist_buf,
1206 &conn->mechlist_buf_len, resultlen);
1207 if(ret != SASL_OK) MEMERROR(conn);
1208
1209 if (prefix)
1210 strcpy (conn->mechlist_buf,prefix);
1211 else
1212 *(conn->mechlist_buf) = '\0';
1213
1214 flag = 0;
1215 for (m = cmechlist->mech_list; m != NULL; m = m->next) {
1216 /* do we have the prompts for it? */
1217 if (!have_prompts(conn, m->plug))
1218 continue;
1219
1220 /* is it strong enough? */
1221 if (minssf > m->plug->max_ssf)
1222 continue;
1223
1224 /* EXPORT DELETE START */
1225 /* CRYPT DELETE START */
1226 #ifdef _INTEGRATED_SOLARIS_
1227 /* If not SUN supplied mech, it has no strength */
1228 if (minssf > 0 && !m->sun_reg)
1229 continue;
1230 #endif /* _INTEGRATED_SOLARIS_ */
1231 /* CRYPT DELETE END */
1232 /* EXPORT DELETE END */
1233
1234 /* does it meet our security properties? */
1235 if (((conn->props.security_flags ^ m->plug->security_flags)
1236 & conn->props.security_flags) != 0) {
1237 continue;
1238 }
1239
1240 /* Can we meet it's features? */
1241 if ((m->plug->features & SASL_FEAT_NEEDSERVERFQDN)
1242 && !conn->serverFQDN) {
1243 continue;
1244 }
1245
1246 /* Can it meet our features? */
1247 if ((conn->flags & SASL_NEED_PROXY) &&
1248 !(m->plug->features & SASL_FEAT_ALLOWS_PROXY)) {
1249 break;
1250 }
1251
1252 /* Okay, we like it, add it to the list! */
|
181 cmechlist = NULL;
182 #endif /* _SUN_SDK_ */
183
184 return SASL_OK;
185 }
186
187 int sasl_client_add_plugin(const char *plugname,
188 sasl_client_plug_init_t *entry_point)
189 {
190 #ifdef _SUN_SDK_
191 return (_sasl_client_add_plugin(_sasl_gbl_ctx(), plugname, entry_point));
192 }
193
194 int _sasl_client_add_plugin(void *ctx,
195 const char *plugname,
196 sasl_client_plug_init_t *entry_point)
197 {
198 cmech_list_t *cmechlist;
199 #ifdef _INTEGRATED_SOLARIS_
200 _sasl_global_context_t *gctx = ctx == NULL ? _sasl_gbl_ctx() : ctx;
201 int sun_reg;
202 #endif /* _INTEGRATED_SOLARIS_ */
203 int i;
204 cmechanism_t *m;
205 #endif /* _SUN_SDK_ */
206 int plugcount;
207 sasl_client_plug_t *pluglist;
208 cmechanism_t *mech;
209 int result;
210 int version;
211 int lupe;
212
213 if(!plugname || !entry_point) return SASL_BADPARAM;
214
215 #ifdef _SUN_SDK_
216 cmechlist = gctx->cmechlist;
217
218 if (cmechlist == NULL) return SASL_BADPARAM;
219
220 /* Check to see if this plugin has already been registered */
221 m = cmechlist->mech_list;
222 for (i = 0; i < cmechlist->mech_length; i++) {
223 if (strcmp(plugname, m->plugname) == 0) {
224 return SASL_OK;
225 }
226 m = m->next;
227 }
228
229 result = LOCK_MUTEX(&client_plug_mutex);
230 if (result != SASL_OK)
231 return result;
232
233 #endif /* _SUN_SDK_ */
234
235 result = entry_point(cmechlist->utils, SASL_CLIENT_PLUG_VERSION, &version,
236 &pluglist, &plugcount);
237
238 #ifdef _INTEGRATED_SOLARIS_
239 sun_reg = _is_sun_reg(pluglist);
240 #endif /* _INTEGRATED_SOLARIS_ */
241 if (result != SASL_OK)
242 {
243 #ifdef _SUN_SDK_
244 UNLOCK_MUTEX(&client_plug_mutex);
245 __sasl_log(gctx, gctx->client_global_callbacks.callbacks, SASL_LOG_WARN,
246 "entry_point failed in sasl_client_add_plugin for %s",
247 plugname);
248 #else
249 _sasl_log(NULL, SASL_LOG_WARN,
250 "entry_point failed in sasl_client_add_plugin for %s",
251 plugname);
252 #endif /* _SUN_SDK_ */
253 return result;
254 }
255
256 if (version != SASL_CLIENT_PLUG_VERSION)
257 {
258 #ifdef _SUN_SDK_
259 UNLOCK_MUTEX(&client_plug_mutex);
260 __sasl_log(gctx, gctx->client_global_callbacks.callbacks, SASL_LOG_WARN,
284 {
285 mech = sasl_ALLOC(sizeof(cmechanism_t));
286 #ifdef _SUN_SDK_
287 if (! mech) {
288 UNLOCK_MUTEX(&client_plug_mutex);
289 return SASL_NOMEM;
290 }
291 mech->glob_context = pluglist->glob_context;
292 #else
293 if (! mech) return SASL_NOMEM;
294 #endif /* _SUN_SDK_ */
295
296 mech->plug=pluglist++;
297 if(_sasl_strdup(plugname, &mech->plugname, NULL) != SASL_OK) {
298 #ifdef _SUN_SDK_
299 UNLOCK_MUTEX(&client_plug_mutex);
300 #endif /* _SUN_SDK_ */
301 sasl_FREE(mech);
302 return SASL_NOMEM;
303 }
304 #ifdef _INTEGRATED_SOLARIS_
305 mech->sun_reg = sun_reg;
306 #endif /* _INTEGRATED_SOLARIS_ */
307 mech->version = version;
308 mech->next = cmechlist->mech_list;
309 cmechlist->mech_list = mech;
310 cmechlist->mech_length++;
311 }
312 #ifdef _SUN_SDK_
313 UNLOCK_MUTEX(&client_plug_mutex);
314 #endif /* _SUN_SDK_ */
315
316 return SASL_OK;
317 }
318
319 static int
320 client_idle(sasl_conn_t *conn)
321 {
322 cmechanism_t *m;
323 #ifdef _SUN_SDK_
324 _sasl_global_context_t *gctx = conn == NULL ? _sasl_gbl_ctx() : conn->gctx;
325 cmech_list_t *cmechlist = gctx->cmechlist;
326 #endif /* _SUN_SDK_ */
814 name[place]=0;
815
816 if (! place) continue;
817
818 /* foreach in server list */
819 for (m = cmechlist->mech_list; m != NULL; m = m->next) {
820 int myflags;
821
822 /* Is this the mechanism the server is suggesting? */
823 if (strcasecmp(m->plug->mech_name, name))
824 continue; /* no */
825
826 /* Do we have the prompts for it? */
827 if (!have_prompts(conn, m->plug))
828 break;
829
830 /* Is it strong enough? */
831 if (minssf > m->plug->max_ssf)
832 break;
833
834 #ifdef _INTEGRATED_SOLARIS_
835 /* If not SUN supplied mech, it has no strength */
836 if (minssf > 0 && !m->sun_reg)
837 break;
838 #endif /* _INTEGRATED_SOLARIS_ */
839
840 /* Does it meet our security properties? */
841 myflags = conn->props.security_flags;
842
843 /* if there's an external layer this is no longer plaintext */
844 if ((conn->props.min_ssf <= conn->external.ssf) &&
845 (conn->external.ssf > 1)) {
846 myflags &= ~SASL_SEC_NOPLAINTEXT;
847 }
848
849 if (((myflags ^ m->plug->security_flags) & myflags) != 0) {
850 break;
851 }
852
853 /* Can we meet it's features? */
854 if ((m->plug->features & SASL_FEAT_NEEDSERVERFQDN)
855 && !conn->serverFQDN) {
856 break;
857 }
858
859 /* Can it meet our features? */
860 if ((conn->flags & SASL_NEED_PROXY) &&
861 !(m->plug->features & SASL_FEAT_ALLOWS_PROXY)) {
862 break;
863 }
864
865 #ifdef PREFER_MECH
866 #ifdef _INTEGRATED_SOLARIS_
867 if (strcasecmp(m->plug->mech_name, PREFER_MECH) &&
868 bestm && (m->sun_reg && m->plug->max_ssf <= bestssf) ||
869 (m->plug->max_ssf == 0)) {
870 #else
871 if (strcasecmp(m->plug->mech_name, PREFER_MECH) &&
872 bestm && m->plug->max_ssf <= bestssf) {
873 #endif /* _INTEGRATED_SOLARIS_ */
874
875 /* this mechanism isn't our favorite, and it's no better
876 than what we already have! */
877 break;
878 }
879 #else
880 #ifdef _INTEGRATED_SOLARIS_
881 if (bestm && m->sun_reg && m->plug->max_ssf <= bestssf) {
882 #else
883
884 if (bestm && m->plug->max_ssf <= bestssf) {
885 #endif /* _INTEGRATED_SOLARIS_ */
886
887 /* this mechanism is no better than what we already have! */
888 break;
889 }
890 #endif
891
892 /* compare security flags, only take new mechanism if it has
893 * all the security flags of the previous one.
894 *
895 * From the mechanisms we ship with, this yields the order:
896 *
897 * SRP
898 * GSSAPI + KERBEROS_V4
899 * DIGEST + OTP
900 * CRAM + EXTERNAL
901 * PLAIN + LOGIN + ANONYMOUS
902 *
903 * This might be improved on by comparing the numeric value of
904 * the bitwise-or'd security flags, which splits DIGEST/OTP,
905 * CRAM/EXTERNAL, and PLAIN/LOGIN from ANONYMOUS, but then we
906 * are depending on the numeric values of the flags (which may
907 * change, and their ordering could be considered dumb luck.
908 */
909
910 if (bestm &&
911 ((m->plug->security_flags ^ bestm->plug->security_flags) &
912 bestm->plug->security_flags)) {
913 break;
914 }
915
916 if (mech) {
917 *mech = m->plug->mech_name;
918 }
919 #ifdef _INTEGRATED_SOLARIS_
920 bestssf = m->sun_reg ? m->plug->max_ssf : 0;
921 #else
922 bestssf = m->plug->max_ssf;
923 #endif /* _INTEGRATED_SOLARIS_ */
924 bestm = m;
925 break;
926 }
927 }
928
929 if (bestm == NULL) {
930 #ifdef _INTEGRATED_SOLARIS_
931 sasl_seterror(conn, 0, gettext("No worthy mechs found"));
932 #else
933 sasl_seterror(conn, 0, "No worthy mechs found");
934 #endif /* _INTEGRATED_SOLARIS_ */
935 result = SASL_NOMECH;
936 goto done;
937 }
938
939 /* make (the rest of) cparams */
940 c_conn->cparams->service = conn->service;
941 c_conn->cparams->servicelen = strlen(conn->service);
942
943 c_conn->cparams->serverFQDN = conn->serverFQDN;
944 c_conn->cparams->slen = strlen(conn->serverFQDN);
945
946 c_conn->cparams->clientFQDN = c_conn->clientFQDN;
947 c_conn->cparams->clen = strlen(c_conn->clientFQDN);
948
949 c_conn->cparams->external_ssf = conn->external.ssf;
950 c_conn->cparams->props = conn->props;
951 #ifdef _INTEGRATED_SOLARIS_
952 if (!bestm->sun_reg) {
953 c_conn->cparams->props.min_ssf = 0;
954 c_conn->cparams->props.max_ssf = 0;
955 }
956 c_conn->base.sun_reg = bestm->sun_reg;
957 #endif /* _INTEGRATED_SOLARIS_ */
958 c_conn->mech = bestm;
959
960 /* init that plugin */
961 #ifdef _SUN_SDK_
962 result = c_conn->mech->plug->mech_new(c_conn->mech->glob_context,
963 #else
964 result = c_conn->mech->plug->mech_new(c_conn->mech->plug->glob_context,
965 #endif /* _SUN_SDK_ */
966 c_conn->cparams,
967 &(conn->context));
968 if(result != SASL_OK) goto done;
969
970 /* do a step -- but only if we can do a client-send-first */
971 dostep:
972 if(clientout) {
973 if(c_conn->mech->plug->features & SASL_FEAT_SERVER_FIRST) {
974 *clientout = NULL;
975 *clientoutlen = 0;
976 result = SASL_CONTINUE;
977 } else {
1159 + 1;
1160 ret = _buf_alloc(&conn->mechlist_buf,
1161 &conn->mechlist_buf_len, resultlen);
1162 if(ret != SASL_OK) MEMERROR(conn);
1163
1164 if (prefix)
1165 strcpy (conn->mechlist_buf,prefix);
1166 else
1167 *(conn->mechlist_buf) = '\0';
1168
1169 flag = 0;
1170 for (m = cmechlist->mech_list; m != NULL; m = m->next) {
1171 /* do we have the prompts for it? */
1172 if (!have_prompts(conn, m->plug))
1173 continue;
1174
1175 /* is it strong enough? */
1176 if (minssf > m->plug->max_ssf)
1177 continue;
1178
1179 #ifdef _INTEGRATED_SOLARIS_
1180 /* If not SUN supplied mech, it has no strength */
1181 if (minssf > 0 && !m->sun_reg)
1182 continue;
1183 #endif /* _INTEGRATED_SOLARIS_ */
1184
1185 /* does it meet our security properties? */
1186 if (((conn->props.security_flags ^ m->plug->security_flags)
1187 & conn->props.security_flags) != 0) {
1188 continue;
1189 }
1190
1191 /* Can we meet it's features? */
1192 if ((m->plug->features & SASL_FEAT_NEEDSERVERFQDN)
1193 && !conn->serverFQDN) {
1194 continue;
1195 }
1196
1197 /* Can it meet our features? */
1198 if ((conn->flags & SASL_NEED_PROXY) &&
1199 !(m->plug->features & SASL_FEAT_ALLOWS_PROXY)) {
1200 break;
1201 }
1202
1203 /* Okay, we like it, add it to the list! */
|