src/lib-auth/auth-client.h

	auth-client.h revision bdd36cfdba3ff66d25570a9ff568d69e1eb543cf
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina#ifndef AUTH_CLIENT_H
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina#define AUTH_CLIENT_H
054900ab42a8b865a2257f94c66484e0a022a90cLukas Slebodnik
054900ab42a8b865a2257f94c66484e0a022a90cLukas Slebodnik#include "net.h"
054900ab42a8b865a2257f94c66484e0a022a90cLukas Slebodnik#include "auth-client-interface.h"
054900ab42a8b865a2257f94c66484e0a022a90cLukas Slebodnik
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinastruct auth_client;
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinastruct auth_client_request;
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinaenum auth_request_flags {
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    AUTH_REQUEST_FLAG_SECURED       = 0x01,
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    AUTH_REQUEST_FLAG_VALID_CLIENT_CERT = 0x02,
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    /* Skip penalty checks for this request */
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    AUTH_REQUEST_FLAG_NO_PENALTY        = 0x04,
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio    /* Support final SASL response */
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio    AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP    = 0x08
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio};
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinaenum auth_request_status {
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    AUTH_REQUEST_STATUS_ABORT = -3,
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    AUTH_REQUEST_STATUS_INTERNAL_FAIL = -2,
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    AUTH_REQUEST_STATUS_FAIL = -1,
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    AUTH_REQUEST_STATUS_CONTINUE,
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    AUTH_REQUEST_STATUS_OK
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina};
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinastruct auth_mech_desc {
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina    char *name;
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina        enum mech_security_flags flags;
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina};
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekstruct auth_connect_id {
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    unsigned int server_pid;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    unsigned int connect_uid;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek};
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekstruct auth_request_info {
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    const char *mech;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    const char *service;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    const char *session_id;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    const char *cert_username;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    enum auth_request_flags flags;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek
f2047f6c5b56d6759bd8e6d504f572a593476c65Pavel Březina    struct ip_addr local_ip, remote_ip;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    unsigned int local_port, remote_port;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    const char *initial_resp_base64;
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek};
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidênciotypedef void auth_request_callback_t(struct auth_client_request *request,
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio                     enum auth_request_status status,
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio                     const char *data_base64,
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio                     const char *const *args, void *context);
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidênciotypedef void auth_connect_notify_callback_t(struct auth_client *client,
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio                        bool connected, void *context);
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio/* Create new authentication client. */
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidênciostruct auth_client *
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncioauth_client_init(const char *auth_socket_path, unsigned int client_pid,
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio         bool debug);
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinavoid auth_client_deinit(struct auth_client **client);
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinavoid auth_client_connect(struct auth_client *client);
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinavoid auth_client_disconnect(struct auth_client *client, const char *reason);
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinabool auth_client_is_connected(struct auth_client *client);
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinabool auth_client_is_disconnected(struct auth_client *client);
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinavoid auth_client_set_connect_notify(struct auth_client *client,
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina                    auth_connect_notify_callback_t *callback,
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina                    void *context) ATTR_NULL(2, 3);
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekconst struct auth_mech_desc *
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekauth_client_get_available_mechs(struct auth_client *client,
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek                unsigned int *mech_count);
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekconst struct auth_mech_desc *
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekauth_client_find_mech(struct auth_client *client, const char *name);
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek/* Return current connection's identifiers. */
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekvoid auth_client_get_connect_id(struct auth_client *client,
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek                unsigned int *server_pid_r,
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek                unsigned int *connect_uid_r);
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek/* Create a new authentication request. callback is called whenever something
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek   happens for the request. */
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekstruct auth_client_request *
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekauth_client_request_new(struct auth_client *client,
f2047f6c5b56d6759bd8e6d504f572a593476c65Pavel Březina            const struct auth_request_info *request_info,
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek            auth_request_callback_t *callback, void *context)
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek    ATTR_NULL(4);
f2047f6c5b56d6759bd8e6d504f572a593476c65Pavel Březina/* Continue authentication. Call when
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozek   reply->result == AUTH_CLIENT_REQUEST_CONTINUE */
c3a225d4d735d3a01883125592dda7a030a64e00Jakub Hrozekvoid auth_client_request_continue(struct auth_client_request *request,
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio                  const char *data_base64);
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio/* Abort ongoing authentication request. */
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidênciovoid auth_client_request_abort(struct auth_client_request **request);
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio/* Return ID of this request. */
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidênciounsigned int auth_client_request_get_id(struct auth_client_request *request);
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidêncio/* Return the PID of the server that handled this request. */
851d31264c826d7e1bca38bb6d49e66b446707e7Fabiano Fidênciounsigned int
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinaauth_client_request_get_server_pid(struct auth_client_request *request);
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina/* Return cookie of the server that handled this request. */
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinaconst char *auth_client_request_get_cookie(struct auth_client_request *request);
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina/* Tell auth process to drop specified request from memory */
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březinavoid auth_client_send_cancel(struct auth_client *client, unsigned int id);
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina#endif
04e870d99e72aa3160bdb6ab05d986fb4005c3edPavel Březina