virNetSASLContextPtr virNetSASLContextNewClient(void) { virNetSASLContextPtr ctxt; int err; err = sasl_client_init(NULL); if (err != SASL_OK) { virNetError(VIR_ERR_AUTH_FAILED, _("failed to initialize SASL library: %d (%s)"), err, sasl_errstring(err, NULL, NULL)); return NULL; } if (VIR_ALLOC(ctxt) < 0) { virReportOOMError(); return NULL; } if (virMutexInit(&ctxt->lock) < 0) { virNetError(VIR_ERR_INTERNAL_ERROR, "%s", _("Failed to initialized mutex")); VIR_FREE(ctxt); return NULL; } ctxt->refs = 1; return ctxt; }
void _mongoc_sasl_init (mongoc_sasl_t *sasl) { sasl_callback_t callbacks [] = { { SASL_CB_AUTHNAME, SASL_CALLBACK_FN (_mongoc_sasl_get_user), sasl }, { SASL_CB_USER, SASL_CALLBACK_FN (_mongoc_sasl_get_user), sasl }, { SASL_CB_PASS, SASL_CALLBACK_FN (_mongoc_sasl_get_pass), sasl }, { SASL_CB_LIST_END } }; BSON_ASSERT (sasl); memset (sasl, 0, sizeof *sasl); memcpy (&sasl->callbacks, callbacks, sizeof callbacks); sasl->done = FALSE; sasl->step = 0; sasl->conn = NULL; sasl->mechanism = NULL; sasl->user = NULL; sasl->pass = NULL; sasl->service_name = NULL; sasl->service_host = NULL; sasl->interact = NULL; sasl_client_init (sasl->callbacks); }
gboolean mn_sasl_init (GError **err) { /* * Bad things may happen if we call sasl_client_init() again after * having called sasl_done(), so we just keep SASL initialized for * the whole application lifetime. */ G_LOCK(init); if (! attempted) { int status; status = sasl_client_init(NULL); if (status == SASL_OK) initialized = TRUE; else init_error = g_strdup(sasl_errstring(status, NULL, NULL)); attempted = TRUE; } if (! initialized) { g_assert(init_error != NULL); g_set_error(err, 0, 0, "%s", init_error); } G_UNLOCK(init); return initialized; }
int main(int argc, char **argv) { int r; int64_t res; struct hdfs_object *exception = NULL, *dl; r = sasl_client_init(NULL); if (r != SASL_OK) { fprintf(stderr, "Error initializing sasl: %d\n", r); return -1; } if (argc > 1) { if (strcmp(argv[1], "-h") == 0) { printf("Usage: ./kerb [host [port [kerb_principal]]]\n"); exit(0); } host = argv[1]; if (argc > 2) { port = argv[2]; if (argc > 3) { user = argv[3]; } } } h = hdfs_namenode_new(host, port, user, HDFS_REQUIRE_KERB, &err); if (!h) goto out; res = hdfs_getProtocolVersion(h, HADOOFUS_CLIENT_PROTOCOL_STR, 61L, &exception); if (exception) { err = exception->ob_val._exception._msg; goto out; } if (res != 61) fprintf(stderr, "protocol version != 61: %zd\n", (intmax_t)res); else fprintf(stderr, "success\n"); dl = hdfs_getListing(h, "/", NULL, &exception); if (exception) { err = exception->ob_val._exception._msg; goto out; } hdfs_object_free(dl); fprintf(stderr, "dl: success\n"); out: if (err) fprintf(stderr, "hadoofus error: %s\n", err); if (h) hdfs_namenode_delete(h); sasl_done(); return 0; }
/* mutt_sasl_start: called before doing a SASL exchange - initialises library * (if necessary). */ int mutt_sasl_start (void) { static unsigned char sasl_init = 0; static sasl_callback_t callbacks[2]; int rc; if (sasl_init) return SASL_OK; /* set up default logging callback */ callbacks[0].id = SASL_CB_LOG; callbacks[0].proc = mutt_sasl_cb_log; callbacks[0].context = NULL; callbacks[1].id = SASL_CB_LIST_END; callbacks[1].proc = NULL; callbacks[1].context = NULL; rc = sasl_client_init (callbacks); if (rc != SASL_OK) { dprint (1, (debugfile, "mutt_sasl_start: libsasl initialisation failed.\n")); return SASL_FAIL; } sasl_init = 1; return SASL_OK; }
static int _init_sasl(void) { int rc; rc = sasl_client_init(NULL); if (rc != SASL_OK) elog(ERROR, "SASL init failed"); return true; }
EXPORTED void global_sasl_init(int client, int server, const sasl_callback_t *callbacks) { static int called_already = 0; assert(client || server); assert(!called_already); called_already = 1; /* set the SASL allocation functions */ sasl_set_alloc((sasl_malloc_t *) &xmalloc, (sasl_calloc_t *) &xcalloc, (sasl_realloc_t *) &xrealloc, (sasl_free_t *) &free); /* set the SASL mutex functions */ sasl_set_mutex((sasl_mutex_alloc_t *) &cyrus_mutex_alloc, (sasl_mutex_lock_t *) &cyrus_mutex_lock, (sasl_mutex_unlock_t *) &cyrus_mutex_unlock, (sasl_mutex_free_t *) &cyrus_mutex_free); if(client && sasl_client_init(callbacks)) { fatal("could not init sasl (client)", EC_SOFTWARE); } if(server && sasl_server_init(callbacks, "Cyrus")) { fatal("could not init sasl (server)", EC_SOFTWARE); } }
virNetSASLContextPtr virNetSASLContextNewClient(void) { virNetSASLContextPtr ctxt; int err; if (virNetSASLContextInitialize() < 0) return NULL; err = sasl_client_init(NULL); if (err != SASL_OK) { virReportError(VIR_ERR_AUTH_FAILED, _("failed to initialize SASL library: %d (%s)"), err, sasl_errstring(err, NULL, NULL)); return NULL; } if (!(ctxt = virObjectNew(virNetSASLContextClass))) return NULL; if (virMutexInit(&ctxt->lock) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Failed to initialized mutex")); VIR_FREE(ctxt); return NULL; } return ctxt; }
void mailsasl_ref(void) { LOCK_SASL(); sasl_use_count ++; if (sasl_use_count == 1) sasl_client_init(NULL); UNLOCK_SASL(); }
int ArgusInitializeAuthentication (struct ARGUS_INPUT *input) { int retn = 1; #ifdef ARGUS_SASL struct sockaddr_in localaddr, remoteaddr; int salen, fd = input->fd; char *localhostname = NULL; if ((retn = sasl_client_init(RaCallBacks)) != SASL_OK) ArgusLog (LOG_ERR, "ArgusInitializeAuthentication() sasl_client_init %d", retn); localhostname = ArgusCalloc (1, 1024); gethostname(localhostname, 1024); if (!strchr (localhostname, '.')) { strcat (localhostname, "."); getdomainname (&localhostname[strlen(localhostname)], 1024 - strlen(localhostname)); } if ((retn = sasl_client_new("argus", localhostname, NULL, SASL_SECURITY_LAYER, &input->sasl_conn)) != SASL_OK) ArgusLog (LOG_ERR, "ArgusInitializeAuthentication() sasl_client_new %d", retn); /* set external properties here sasl_setprop(input->sasl_conn, SASL_SSF_EXTERNAL, &extprops); */ /* set required security properties here sasl_setprop(input->sasl_conn, SASL_SEC_PROPS, &secprops); */ /* set ip addresses */ salen = sizeof(localaddr); if (getsockname(fd, (struct sockaddr *)&localaddr, &salen) < 0) perror("getsockname"); salen = sizeof(remoteaddr); if (getpeername(fd, (struct sockaddr *)&remoteaddr, &salen) < 0) perror("getpeername"); if ((retn = sasl_setprop(input->sasl_conn, SASL_IP_LOCAL, &localaddr)) != SASL_OK) ArgusLog (LOG_ERR, "ArgusInitializeAuthentication() error setting localaddr %d", retn); if ((retn = sasl_setprop(input->sasl_conn, SASL_IP_REMOTE, &remoteaddr)) != SASL_OK) ArgusLog (LOG_ERR, "ArgusInitializeAuthentication() error setting remoteaddr %d", retn); retn = 1; #endif #ifdef ARGUSDEBUG ArgusDebug (2, "ArgusInitializeAuthentication () returning %d\n", retn); #endif return (retn); }
void mailsasl_ref(void) { #ifdef LIBETPAN_REENTRANT pthread_mutex_lock(&sasl_lock); #endif sasl_use_count ++; if (sasl_use_count == 1) sasl_client_init(NULL); #ifdef LIBETPAN_REENTRANT pthread_mutex_unlock(&sasl_lock); #endif }
/** * Global SASL init, called once per runtime. */ int rd_kafka_sasl_global_init (void) { int r; mtx_init(&rd_kafka_sasl_kinit_lock, mtx_plain); r = sasl_client_init(NULL); if (r != SASL_OK) { fprintf(stderr, "librdkafka: sasl_client_init() failed: %s\n", sasl_errstring(r, NULL, NULL)); return -1; } return 0; }
static void init_plugin(PurplePlugin *plugin) { PurpleAccountUserSplit *split; PurpleAccountOption *option; /* Translators: 'domain' is used here in the context of Internet domains, e.g. pidgin.im */ split = purple_account_user_split_new(_("Domain"), NULL, '@'); purple_account_user_split_set_reverse(split, FALSE); prpl_info.user_splits = g_list_append(prpl_info.user_splits, split); split = purple_account_user_split_new(_("Resource"), "Home", '/'); purple_account_user_split_set_reverse(split, FALSE); prpl_info.user_splits = g_list_append(prpl_info.user_splits, split); option = purple_account_option_bool_new(_("Force old (port 5223) SSL"), "old_ssl", FALSE); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_bool_new( _("Allow plaintext auth over unencrypted streams"), "auth_plain_in_clear", FALSE); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_int_new(_("Connect port"), "port", 5222); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_string_new(_("Connect server"), "connect_server", NULL); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); jabber_init_plugin(plugin); purple_prefs_remove("/plugins/prpl/jabber"); /* XXX - If any other plugin wants SASL this won't be good ... */ #ifdef HAVE_CYRUS_SASL sasl_client_init(NULL); #endif jabber_register_commands(); jabber_iq_init(); }
bool try_initialize_more (Ekiga::ServiceCore& core, int* /*argc*/, char** /*argv*/[]) { boost::shared_ptr<Ekiga::ContactCore> contact_core = core.get<Ekiga::ContactCore> ("contact-core"); if (contact_core) { boost::shared_ptr<OPENLDAP::Source> service (OPENLDAP::Source::create (core)); core.add (service); contact_core->add_source (service); sasl_client_init (NULL); // FIXME: shouldn't it be done by the source!? result = true; } return result; }
bool clientStart(const QStringList &_mechlist) { resetState(); if(!g->client_init) { sasl_client_init(NULL); g->client_init = true; } callbacks = new sasl_callback_t[5]; callbacks[0].id = SASL_CB_GETREALM; callbacks[0].proc = 0; callbacks[0].context = 0; callbacks[1].id = SASL_CB_USER; callbacks[1].proc = 0; callbacks[1].context = 0; callbacks[2].id = SASL_CB_AUTHNAME; callbacks[2].proc = 0; callbacks[2].context = 0; callbacks[3].id = SASL_CB_PASS; callbacks[3].proc = 0; callbacks[3].context = 0; callbacks[4].id = SASL_CB_LIST_END; callbacks[4].proc = 0; callbacks[4].context = 0; int r = sasl_client_new(service.toLatin1().data(), host.toLatin1().data(), localAddr.isEmpty() ? 0 : localAddr.toLatin1().data(), remoteAddr.isEmpty() ? 0 : remoteAddr.toLatin1().data(), callbacks, 0, &con); if(r != SASL_OK) { err = saslErrorCond(r); return false; } if(!setsecprops()) return false; mechlist = _mechlist; servermode = false; step = 0; return true; }
bool pni_init_client(pn_transport_t* transport) { pni_sasl_t *sasl = transport->sasl; int result; sasl_conn_t *cyrus_conn = NULL; do { if (sasl->config_dir) { result = sasl_set_path(SASL_PATH_TYPE_CONFIG, sasl->config_dir); if (result!=SASL_OK) break; } result = sasl_client_init(NULL); if (result!=SASL_OK) break; const sasl_callback_t *callbacks = sasl->username ? sasl->password ? pni_user_password_callbacks : pni_user_callbacks : NULL; result = sasl_client_new(amqp_service, sasl->remote_fqdn, NULL, NULL, callbacks, 0, &cyrus_conn); if (result!=SASL_OK) break; sasl->impl_context = cyrus_conn; sasl_security_properties_t secprops = {0}; secprops.security_flags = ( sasl->allow_insecure_mechs ? 0 : SASL_SEC_NOPLAINTEXT ) | ( transport->auth_required ? SASL_SEC_NOANONYMOUS : 0 ) ; secprops.min_ssf = 0; secprops.max_ssf = 2048; secprops.maxbufsize = PN_SASL_MAX_BUFFSIZE; result = sasl_setprop(cyrus_conn, SASL_SEC_PROPS, &secprops); if (result!=SASL_OK) break; sasl_ssf_t ssf = sasl->external_ssf; result = sasl_setprop(cyrus_conn, SASL_SSF_EXTERNAL, &ssf); if (result!=SASL_OK) break; const char *extid = sasl->external_auth; if (extid) { result = sasl_setprop(cyrus_conn, SASL_AUTH_EXTERNAL, extid); } } while (false); cyrus_conn = (sasl_conn_t*) sasl->impl_context; return pni_check_sasl_result(cyrus_conn, result, transport); }
static MONGOC_ONCE_FUN( _mongoc_do_init) { #ifdef MONGOC_ENABLE_SSL_OPENSSL _mongoc_openssl_init(); #endif #ifdef MONGOC_ENABLE_SSL _mongoc_scram_startup(); #endif #ifdef MONGOC_ENABLE_SASL /* The following functions should not use tracing, as they may be invoked * before mongoc_log_set_handler() can complete. */ sasl_set_mutex (mongoc_sasl_mutex_alloc, mongoc_sasl_mutex_lock, mongoc_sasl_mutex_unlock, mongoc_sasl_mutex_free); /* TODO: logging callback? */ sasl_client_init (NULL); #endif _mongoc_counters_init(); #ifdef _WIN32 { WORD wVersionRequested; WSADATA wsaData; int err; wVersionRequested = MAKEWORD (2, 2); err = WSAStartup (wVersionRequested, &wsaData); /* check the version perhaps? */ BSON_ASSERT (err == 0); } #endif MONGOC_ONCE_RETURN; }
virNetSASLContextPtr virNetSASLContextNewClient(void) { virNetSASLContextPtr ctxt; int err; if (virNetSASLContextInitialize() < 0) return NULL; err = sasl_client_init(NULL); if (err != SASL_OK) { virReportError(VIR_ERR_AUTH_FAILED, _("failed to initialize SASL library: %d (%s)"), err, sasl_errstring(err, NULL, NULL)); return NULL; } if (!(ctxt = virObjectLockableNew(virNetSASLContextClass))) return NULL; return ctxt; }
/* * cyrussasl.client_init() * * This function does not return any values. On failure, it will throw an * error. */ static int cyrussasl_sasl_client_init(lua_State *l) { int numargs = lua_gettop(l); int err; if (numargs != 0) { lua_pushstring(l, "usage: cyrussasl.client_init()"); lua_error(l); return 0; } err = sasl_client_init( NULL ); /* Global callbacks */ if (err != SASL_OK) { lua_pushstring(l, "sasl_client_init failed"); lua_error(l); return 0; } return 0; }
bool initialize_sasl(memcached_st *memc, char *user, char *password) { #ifdef LIBMEMCACHED_WITH_SASL_SUPPORT if (user != NULL && password != NULL) { username= user; passwd= password; if (sasl_client_init(NULL) != SASL_OK) { fprintf(stderr, "Failed to initialize sasl library!\n"); return false; } memcached_set_sasl_callbacks(memc, sasl_callbacks); } #else (void)memc; (void)user; (void)password; #endif return true; }
/** * \ingroup nuclientAPI * \brief global initialisation function * * This function inits all library needed to initiate a connection to a nuauth server * * \param err A pointer to a ::nuclient_error_t which contains at exit the error * * \warning To be called only once. */ int nu_client_global_init(nuclient_error_t * err) { int ret; prg_cache_init(); if (nussl_init() != NUSSL_OK) { SET_ERROR(err, INTERNAL_ERROR, NUSSL_INIT_ERR); /* TODO: patch nussl to handle errors correctly in nussl_sock_init */ return 0; } /* initialize the sasl library */ ret = sasl_client_init(NULL); if (ret != SASL_OK) { SET_ERROR(err, SASL_ERROR, ret); return 0; } /* get local charset */ nu_locale_charset = nl_langinfo(CODESET); if (nu_locale_charset == NULL) { fprintf(stderr, "Can't get locale charset!\n"); return 0; } /* init capabilities string */ ret = snprintf(nu_capabilities, NU_CAPABILITIES_MAXLENGTH, "%s", NU_CAPABILITIES); if (ret <= 0) { return 0; } INIT_LLIST_HEAD(&nu_postauth_extproto_l); INIT_LLIST_HEAD(&nu_cruise_extproto_l); init_plugins(); return 1; }
int main(int argc, char **argv) { int64_t proto_ver; struct hdfs_error error; struct hdfs_namenode *nn; struct hdfs_object *exception = NULL; bool success = true; Suite *(*suites[])(void) = { t_hl_rpc_basics_suite, t_hl_rpc2_basics_suite, t_datanode_basics_suite, t_datanode2_basics_suite, t_unit, }; int rc; if (!getenv(HDFS_T_ENV)) errx(EXIT_FAILURE, "Please set %s to an HDFS host before running tests!", HDFS_T_ENV); rc = sasl_client_init(NULL); assert(rc == SASL_OK); H_ADDR = strdup(getenv(HDFS_T_ENV)); assert(H_ADDR); if (getenv(HDFS_T_USER)) { H_USER = strdup(getenv(HDFS_T_USER)); assert(H_USER); } // Test basic connectivity nn = hdfs_namenode_new_version(H_ADDR, "8020", "root", HDFS_NO_KERB, HDFS_NN_v1, &error); if (!nn) errx(EXIT_FAILURE, "Could not connect to namenode %s: %s", H_ADDR, format_error(error)); // And verify liveness at a protocol level proto_ver = hdfs_getProtocolVersion(nn, HADOOFUS_CLIENT_PROTOCOL_STR, 61L, &exception); if (exception) errx(EXIT_FAILURE, "getProtocolVersion failed: %s", hdfs_exception_get_message(exception)); if (proto_ver != 61L) errx(EXIT_FAILURE, "Got unexpected protocol version: %ld", proto_ver); hdfs_namenode_delete(nn); // Find and run all tests for (size_t i = 0; i < nelem(suites); i++) { Suite *s = suites[i](); SRunner *sr = srunner_create(s); srunner_run_all(sr, CK_NORMAL); if (srunner_ntests_failed(sr) > 0) success = false; srunner_free(sr); } if (success) return EXIT_SUCCESS; return EXIT_FAILURE; }
static void init_plugin(PurplePlugin *plugin) { #ifdef HAVE_CYRUS_SASL #ifdef _WIN32 UINT old_error_mode; gchar *sasldir; #endif int ret; #endif PurpleAccountUserSplit *split; PurpleAccountOption *option; /* Translators: 'domain' is used here in the context of Internet domains, e.g. pidgin.im */ split = purple_account_user_split_new(_("Domain"), NULL, '@'); purple_account_user_split_set_reverse(split, FALSE); prpl_info.user_splits = g_list_append(prpl_info.user_splits, split); split = purple_account_user_split_new(_("Resource"), NULL, '/'); purple_account_user_split_set_reverse(split, FALSE); prpl_info.user_splits = g_list_append(prpl_info.user_splits, split); option = purple_account_option_bool_new(_("Require SSL/TLS"), "require_tls", JABBER_DEFAULT_REQUIRE_TLS); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_bool_new(_("Force old (port 5223) SSL"), "old_ssl", FALSE); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_bool_new( _("Allow plaintext auth over unencrypted streams"), "auth_plain_in_clear", FALSE); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_int_new(_("Connect port"), "port", 5222); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_string_new(_("Connect server"), "connect_server", NULL); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_string_new(_("File transfer proxies"), "ft_proxies", /* TODO: Is this an acceptable default? * Also, keep this in sync as they add more servers */ "proxy.eu.jabber.org"); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_string_new(_("BOSH URL"), "bosh_url", NULL); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); /* this should probably be part of global smiley theme settings later on, shared with MSN */ option = purple_account_option_bool_new(_("Show Custom Smileys"), "custom_smileys", TRUE); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); my_protocol = plugin; jabber_init_plugin(plugin); purple_prefs_remove("/plugins/prpl/jabber"); /* XXX - If any other plugin wants SASL this won't be good ... */ #ifdef HAVE_CYRUS_SASL #ifdef _WIN32 sasldir = g_build_filename(wpurple_install_dir(), "sasl2", NULL); sasl_set_path(SASL_PATH_TYPE_PLUGIN, sasldir); g_free(sasldir); /* Suppress error popups for failing to load sasl plugins */ old_error_mode = SetErrorMode(SEM_FAILCRITICALERRORS); #endif if ((ret = sasl_client_init(NULL)) != SASL_OK) { purple_debug_error("xmpp", "Error (%d) initializing SASL.\n", ret); } #ifdef _WIN32 /* Restore the original error mode */ SetErrorMode(old_error_mode); #endif #endif jabber_register_commands(); /* reverse order of unload_plugin */ jabber_iq_init(); jabber_caps_init(); /* PEP things should be init via jabber_pep_init, not here */ jabber_pep_init(); jabber_data_init(); jabber_bosh_init(); /* BEGIN SPICEBIRD CHANGES */ #if 0 #warning implement adding and retrieving own features via IPC API #endif /* END SPICEBIRD CHANGES */ jabber_ibb_init(); jabber_si_init(); purple_signal_connect(purple_get_core(), "uri-handler", plugin, PURPLE_CALLBACK(xmpp_uri_handler), NULL); }
XSASL_CLIENT_IMPL *xsasl_cyrus_client_init(const char *unused_client_type, const char *unused_path_info) { XSASL_CLIENT_IMPL *xp; int sasl_status; /* * Global callbacks. These have no per-session context. */ static sasl_callback_t callbacks[] = { {SASL_CB_LOG, (XSASL_CYRUS_CB) &xsasl_cyrus_log, 0}, {SASL_CB_LIST_END, 0, 0} }; #if SASL_VERSION_MAJOR >= 2 && (SASL_VERSION_MINOR >= 2 \ || (SASL_VERSION_MINOR == 1 && SASL_VERSION_STEP >= 19)) int sasl_major; int sasl_minor; int sasl_step; /* * DLL hell guard. */ sasl_version_info((const char **) 0, (const char **) 0, &sasl_major, &sasl_minor, &sasl_step, (int *) 0); if (sasl_major != SASL_VERSION_MAJOR #if 0 || sasl_minor != SASL_VERSION_MINOR || sasl_step != SASL_VERSION_STEP #endif ) { msg_warn("incorrect SASL library version. " "Postfix was built with include files from version %d.%d.%d, " "but the run-time library version is %d.%d.%d", SASL_VERSION_MAJOR, SASL_VERSION_MINOR, SASL_VERSION_STEP, sasl_major, sasl_minor, sasl_step); return (0); } #endif if (*var_cyrus_conf_path) { #ifdef SASL_PATH_TYPE_CONFIG /* Cyrus SASL 2.1.22 */ if (sasl_set_path(SASL_PATH_TYPE_CONFIG, var_cyrus_conf_path) != SASL_OK) msg_warn("failed to set Cyrus SASL configuration path: \"%s\"", var_cyrus_conf_path); #else msg_warn("%s is not empty, but setting the Cyrus SASL configuration " "path is not supported with SASL library version %d.%d.%d", VAR_CYRUS_CONF_PATH, SASL_VERSION_MAJOR, SASL_VERSION_MINOR, SASL_VERSION_STEP); #endif } /* * Initialize the SASL library. */ if ((sasl_status = sasl_client_init(callbacks)) != SASL_OK) { msg_warn("SASL library initialization error: %s", xsasl_cyrus_strerror(sasl_status)); return (0); } /* * Return a generic XSASL_CLIENT_IMPL object. We don't need to extend it * with our own methods or data. */ xp = (XSASL_CLIENT_IMPL *) mymalloc(sizeof(*xp)); xp->create = xsasl_cyrus_client_create; xp->done = xsasl_cyrus_client_done; return (xp); }
POP3_SASL_STATE_E Pop3SaslWrapper::SaslInit(const Pop3SaslInfo_t& sasl_data) { if(sasl_data.user_name == "") { return POP3_SASL_ERROR; } this->sasl_data = sasl_data; //Initialize the callbacks /*sasl_callback[0].id = SASL_CB_GETREALM; sasl_callback[0].proc = (int (*)())getrealm_func; sasl_callback[0].context = this;*/ sasl_callback[0].id = SASL_CB_USER; sasl_callback[0].proc = (int (*)())getauthname_func; sasl_callback[0].context = this; sasl_callback[1].id = SASL_CB_AUTHNAME; sasl_callback[1].proc = (int (*)())getauthname_func; sasl_callback[1].context = this; sasl_callback[2].id = SASL_CB_PASS; sasl_callback[2].proc = (int (*)())getsecret_func; sasl_callback[2].context = this; sasl_callback[3].id = SASL_CB_CANON_USER; sasl_callback[3].proc = (int (*)())getcannonical_user_func; sasl_callback[3].context = this; sasl_callback[4].id = SASL_CB_LIST_END; sasl_callback[4].proc = 0; sasl_callback[4].context = this; //Initialize the secret //If the allocated memory does not include length of password, the program results in memory corruption secret = (sasl_secret_t*) malloc(sizeof(sasl_secret_t)+sasl_data.user_pass.length()); if(secret == 0) { //Error POP3_SASL_DEBUG("SASL-Error: Memory allocation failed\n"); return POP3_SASL_ERROR; } secret->len = sasl_data.user_pass.length(); memcpy(secret->data, sasl_data.user_pass.c_str(), secret->len); int sasl_result = sasl_client_init(0); if(sasl_result != SASL_OK) { //Error POP3_SASL_DEBUG("SASL-Error 2\n"); return POP3_SASL_ERROR; } sasl_result = sasl_client_new(sasl_data.service.c_str(), sasl_data.hostname.c_str(), NULL, NULL, sasl_callback, 0, &conn); if(sasl_result != SASL_OK) { //Error POP3_SASL_DEBUG("SASL-Error 3\n"); return POP3_SASL_ERROR; } memset(&secprops, 0, sizeof(secprops)); secprops.maxbufsize = 8192; //TODO: Needs change secprops.max_ssf = UINT_MAX; sasl_result = sasl_setprop(conn, SASL_SEC_PROPS, &secprops); if(sasl_result != SASL_OK) { POP3_SASL_DEBUG("sasl_setprop failed\n"); return POP3_SASL_ERROR; } return POP3_SASL_OK; }
/* * Initialize SASL and set necessary options */ int init_sasl(isieve_t *obj, int ssf, sasl_callback_t *callbacks) { static int sasl_started = 0; int saslresult = SASL_OK; sasl_security_properties_t *secprops=NULL; socklen_t addrsize=sizeof(struct sockaddr_storage); struct sockaddr_storage saddr_l, saddr_r; char localip[60], remoteip[60]; /* attempt to start sasl */ if(!sasl_started) { saslresult=sasl_client_init(NULL); obj->conn = NULL; sasl_started = 1; } /* Save the callbacks array */ obj->callbacks = callbacks; if (saslresult!=SASL_OK) return -1; addrsize=sizeof(struct sockaddr_storage); if (getpeername(obj->sock,(struct sockaddr *)&saddr_r,&addrsize)!=0) return -1; addrsize=sizeof(struct sockaddr_storage); if (getsockname(obj->sock,(struct sockaddr *)&saddr_l,&addrsize)!=0) return -1; #if 0 /* XXX The following line causes problems with KERBEROS_V4 decoding. * We're not sure why its an issue, but this code isn't used in any of * our other client code (imtest.c, backend.c), so we're removing it. */ /* set the port manually since getsockname is stupid and doesn't */ ((struct sockaddr_in *)&saddr_l)->sin_port = htons(obj->port); #endif if (iptostring((struct sockaddr *)&saddr_r, addrsize, remoteip, 60)) return -1; if (iptostring((struct sockaddr *)&saddr_l, addrsize, localip, 60)) return -1; if(obj->conn) sasl_dispose(&obj->conn); /* client new connection */ saslresult=sasl_client_new(SIEVE_SERVICE_NAME, obj->serverFQDN, localip, remoteip, callbacks, SASL_SUCCESS_DATA, &obj->conn); if (saslresult!=SASL_OK) return -1; /* create a security structure and give it to sasl */ secprops = make_secprops(0, ssf); if (secprops != NULL) { sasl_setprop(obj->conn, SASL_SEC_PROPS, secprops); free(secprops); } return 0; }
* initialize the library before calling mongo::runGlobalInitializersOrDie(). */ MONGO_INITIALIZER_WITH_PREREQUISITES(CyrusSaslClientContext, ("NativeSaslClientContext", "CyrusSaslAllocatorsAndMutexes")) (InitializerContext* context) { static sasl_callback_t saslClientGlobalCallbacks[] = { { SASL_CB_LOG, SaslCallbackFn(saslClientLogSwallow), NULL /* context */ }, { SASL_CB_LIST_END } }; // If the client application has previously called sasl_client_init(), the callbacks passed // in here are ignored. // // TODO: Call sasl_client_done() at shutdown when we have a story for orderly shutdown. int result = sasl_client_init(saslClientGlobalCallbacks); if (result != SASL_OK) { return Status(ErrorCodes::UnknownError, mongoutils::str::stream() << "Could not initialize sasl client components (" << sasl_errstring(result, NULL, NULL) << ")"); } SaslClientSession::create = createCyrusSaslClientSession; return Status::OK(); } /** * Callback registered on the sasl_conn_t underlying a CyrusSaslClientSession to allow the Cyrus SASL * library to query for the authentication id and other simple string configuration parameters.
void _PG_init(void) { MemoryContext old_ctxt; globals.pg_ctxt = AllocSetContextCreate(TopMemoryContext, "pgmemcache global context", ALLOCSET_SMALL_MINSIZE, ALLOCSET_SMALL_INITSIZE, ALLOCSET_SMALL_MAXSIZE); old_ctxt = MemoryContextSwitchTo(globals.pg_ctxt); globals.mc = memcached_create(NULL); if (memcached_set_memory_allocators(globals.mc, (memcached_malloc_fn) pgmemcache_malloc, (memcached_free_fn) pgmemcache_free, (memcached_realloc_fn) pgmemcache_realloc, (memcached_calloc_fn) pgmemcache_calloc, NULL) != MEMCACHED_SUCCESS) { elog(ERROR, "pgmemcache: unable to set memory allocators"); } MemoryContextSwitchTo(old_ctxt); DefineCustomStringVariable("pgmemcache.default_servers", "Comma-separated list of memcached servers to connect to.", "Specified as a comma-separated list of host:port (port is optional).", &memcache_default_servers, NULL, PGC_USERSET, GUC_LIST_INPUT, #if defined(PG_VERSION_NUM) && (PG_VERSION_NUM >= 90100) (GucStringCheckHook) check_default_guc, #endif (GucStringAssignHook) assign_default_servers_guc, (GucShowHook) show_default_servers_guc); DefineCustomStringVariable ("pgmemcache.default_behavior", "Comma-separated list of memcached behavior (optional).", "Specified as a comma-separated list of behavior_flag:behavior_data.", &memcache_default_behavior, NULL, PGC_USERSET, GUC_LIST_INPUT, #if defined(PG_VERSION_NUM) && (PG_VERSION_NUM >= 90100) (GucStringCheckHook) check_default_guc, #endif (GucStringAssignHook) assign_default_behavior_guc, (GucShowHook) show_default_behavior_guc); DefineCustomStringVariable ("pgmemcache.sasl_authentication_username", "pgmemcache SASL user authentication username", "Simple string pgmemcache.sasl_authentication_username = '******'", &memcache_sasl_authentication_username, NULL, PGC_USERSET, GUC_LIST_INPUT, #if defined(PG_VERSION_NUM) && (PG_VERSION_NUM >= 90100) (GucStringCheckHook) check_default_guc, #endif NULL, (GucShowHook) show_memcache_sasl_authentication_username_guc); DefineCustomStringVariable ("pgmemcache.sasl_authentication_password", "pgmemcache SASL user authentication username", "Simple string pgmemcache.sasl_authentication_password = '******'", &memcache_sasl_authentication_password, NULL, PGC_USERSET, GUC_LIST_INPUT, #if defined(PG_VERSION_NUM) && (PG_VERSION_NUM >= 90100) (GucStringCheckHook) check_default_guc, #endif NULL, (GucShowHook) show_memcache_sasl_authentication_password_guc); #if 0 if ((memcache_sasl_authentication_username != "" && memcache_sasl_authentication_password != "") || (memcache_sasl_authentication_username != NULL && memcache_sasl_authentication_password != NULL)) { if (sasl_client_init(NULL) != SASL_OK) elog(ERROR, "Failed to initialize SASL library!"); memcached_set_sasl_callbacks(globals.mc, sasl_callbacks); } #endif }
void nsldapi_initialize_defaults(void) { #ifdef _WINDOWS pthread_mutex_init(&nsldapi_init_mutex, NULL); #endif /* _WINDOWS */ #if defined(USE_PTHREADS) || defined(_WINDOWS) pthread_mutex_lock(&nsldapi_init_mutex); if (nsldapi_initialized) { pthread_mutex_unlock(&nsldapi_init_mutex); return; } #else if (nsldapi_initialized) { return; } #endif /* use_pthreads || _windows */ #ifdef USE_PTHREADS if (pthread_key_create(&nsldapi_key, free) != 0) { perror("pthread_key_create"); } #elif defined(USE_WINDOWS_TLS) dwTlsIndex = TlsAlloc(); #endif /* USE_WINDOWS_TLS */ memset(&nsldapi_memalloc_fns, 0, sizeof(nsldapi_memalloc_fns)); memset(&nsldapi_ld_defaults, 0, sizeof(nsldapi_ld_defaults)); nsldapi_ld_defaults.ld_options = LDAP_BITOPT_REFERRALS; nsldapi_ld_defaults.ld_version = LDAP_VERSION3; nsldapi_ld_defaults.ld_lberoptions = LBER_OPT_USE_DER; nsldapi_ld_defaults.ld_refhoplimit = LDAP_DEFAULT_REFHOPLIMIT; #ifdef LDAP_SASLIO_HOOKS /* SASL default option settings */ nsldapi_ld_defaults.ld_def_sasl_mech = NULL; nsldapi_ld_defaults.ld_def_sasl_realm = NULL; nsldapi_ld_defaults.ld_def_sasl_authcid = NULL; nsldapi_ld_defaults.ld_def_sasl_authzid = NULL; /* SASL Security properties */ nsldapi_ld_defaults.ld_sasl_secprops.max_ssf = UINT_MAX; nsldapi_ld_defaults.ld_sasl_secprops.maxbufsize = SASL_MAX_BUFF_SIZE; nsldapi_ld_defaults.ld_sasl_secprops.security_flags = SASL_SEC_NOPLAINTEXT | SASL_SEC_NOANONYMOUS; /* SASL mutex function callbacks */ sasl_set_mutex( (sasl_mutex_alloc_t *)nsldapi_default_thread_fns.ltf_mutex_alloc, (sasl_mutex_lock_t *)nsldapi_default_thread_fns.ltf_mutex_lock, (sasl_mutex_unlock_t *)nsldapi_default_thread_fns.ltf_mutex_unlock, (sasl_mutex_free_t *)nsldapi_default_thread_fns.ltf_mutex_free); /* SASL memory allocation function callbacks */ sasl_set_alloc((sasl_malloc_t *)ldap_x_malloc, (sasl_calloc_t *)ldap_x_calloc, (sasl_realloc_t *)ldap_x_realloc, (sasl_free_t *)ldap_x_free); /* SASL library initialization */ if (sasl_client_init(client_callbacks) != SASL_OK) { nsldapi_initialized = 0; pthread_mutex_unlock(&nsldapi_init_mutex); return; } #endif #if defined(STR_TRANSLATION) && defined(LDAP_DEFAULT_CHARSET) nsldapi_ld_defaults.ld_lberoptions |= LBER_OPT_TRANSLATE_STRINGS; # if LDAP_CHARSET_8859 == LDAP_DEFAULT_CHARSET ldap_set_string_translators(&nsldapi_ld_defaults, ldap_8859_to_t61, ldap_t61_to_8859); # endif /* LDAP_CHARSET_8859 == LDAP_DEFAULT_CHARSET */ #endif /* STR_TRANSLATION && LDAP_DEFAULT_CHARSET */ /* set default connect timeout (in milliseconds) */ /* this was picked as it is the standard tcp timeout as well */ nsldapi_ld_defaults.ld_connect_timeout = LDAP_X_IO_TIMEOUT_NO_TIMEOUT; #if defined(USE_PTHREADS) || defined(_WINDOWS) /* load up default platform specific locking routines */ if (ldap_set_option(&nsldapi_ld_defaults, LDAP_OPT_THREAD_FN_PTRS, (void *)&nsldapi_default_thread_fns) != LDAP_SUCCESS) { nsldapi_initialized = 0; pthread_mutex_unlock(&nsldapi_init_mutex); return; } # ifndef _WINDOWS /* load up default threadid function */ if (ldap_set_option(&nsldapi_ld_defaults, LDAP_OPT_EXTRA_THREAD_FN_PTRS, (void *)&nsldapi_default_extra_thread_fns) != LDAP_SUCCESS) { nsldapi_initialized = 0; pthread_mutex_unlock(&nsldapi_init_mutex); return; } # endif /* _WINDOWS */ nsldapi_initialized = 1; pthread_mutex_unlock(&nsldapi_init_mutex); #else nsldapi_initialized = 1; #endif /* use_pthreads || _windows */ }
static void init_plugin(PurplePlugin *plugin) { #ifdef HAVE_CYRUS_SASL #ifdef _WIN32 UINT old_error_mode; gchar *sasldir; #endif int ret; #endif PurpleAccountUserSplit *split; PurpleAccountOption *option; /* Translators: 'domain' is used here in the context of Internet domains, e.g. pidgin.im */ split = purple_account_user_split_new(_("Domain"), NULL, '@'); purple_account_user_split_set_reverse(split, FALSE); prpl_info.user_splits = g_list_append(prpl_info.user_splits, split); split = purple_account_user_split_new(_("Resource"), NULL, '/'); purple_account_user_split_set_reverse(split, FALSE); prpl_info.user_splits = g_list_append(prpl_info.user_splits, split); option = purple_account_option_bool_new(_("Require SSL/TLS"), "require_tls", FALSE); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_bool_new(_("Force old (port 5223) SSL"), "old_ssl", FALSE); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_bool_new( _("Allow plaintext auth over unencrypted streams"), "auth_plain_in_clear", FALSE); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_int_new(_("Connect port"), "port", 5222); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_string_new(_("Connect server"), "connect_server", NULL); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); option = purple_account_option_string_new(_("File transfer proxies"), "ft_proxies", /* TODO: Is this an acceptable default? */ "proxy.jabber.org"); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); /* this should probably be part of global smiley theme settings later on, shared with MSN */ option = purple_account_option_bool_new(_("Show Custom Smileys"), "custom_smileys", TRUE); prpl_info.protocol_options = g_list_append(prpl_info.protocol_options, option); jabber_init_plugin(plugin); purple_prefs_remove("/plugins/prpl/jabber"); /* XXX - If any other plugin wants SASL this won't be good ... */ #ifdef HAVE_CYRUS_SASL #ifdef _WIN32 sasldir = g_build_filename(wpurple_install_dir(), "sasl2", NULL); sasl_set_path(SASL_PATH_TYPE_PLUGIN, sasldir); g_free(sasldir); /* Suppress error popups for failing to load sasl plugins */ old_error_mode = SetErrorMode(SEM_FAILCRITICALERRORS); #endif if ((ret = sasl_client_init(NULL)) != SASL_OK) { purple_debug_error("xmpp", "Error (%d) initializing SASL.\n", ret); } #ifdef _WIN32 /* Restore the original error mode */ SetErrorMode(old_error_mode); #endif #endif jabber_register_commands(); jabber_iq_init(); jabber_pep_init(); jabber_tune_init(); jabber_caps_init(); jabber_data_init(); jabber_add_feature("avatarmeta", AVATARNAMESPACEMETA, jabber_pep_namespace_only_when_pep_enabled_cb); jabber_add_feature("avatardata", AVATARNAMESPACEDATA, jabber_pep_namespace_only_when_pep_enabled_cb); jabber_add_feature("buzz", "http://www.xmpp.org/extensions/xep-0224.html#ns", jabber_buzz_isenabled); jabber_add_feature("bob", XEP_0231_NAMESPACE, jabber_custom_smileys_isenabled); jabber_pep_register_handler("avatar", AVATARNAMESPACEMETA, jabber_buddy_avatar_update_metadata); }