src/login-common/client-common.h

c25356d5978632df6203437e1953bcb29e0c736fTimo Sirainen#ifndef CLIENT_COMMON_H
c25356d5978632df6203437e1953bcb29e0c736fTimo Sirainen#define CLIENT_COMMON_H
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainenstruct module;
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainen
bdd36cfdba3ff66d25570a9ff568d69e1eb543cfTimo Sirainen#include "net.h"
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen#include "login-proxy.h"
c49a19168dab6fda80aee16ad799a8a56d3bc18fTimo Sirainen#include "sasl-server.h"
b55f914c0ade77252cfd798ea8eb9a84bda56315Timo Sirainen#include "master-login.h" /* for LOGIN_MAX_SESSION_ID_LEN */
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen
82fb1ead38f4e1197993adb2f9c12e26531e9c92Timo Sirainen#define LOGIN_MAX_SESSION_ID_LEN 64
decb23442f9e6cd5c4845a9cb162029b8c6d5f0fTimo Sirainen#define LOGIN_MAX_MASTER_PREFIX_LEN 128
2f7c73483ff5474a74a83a646f82e1b60f687680Aki Tuomi#define LOGIN_MAX_CLIENT_ID_LEN 256
decb23442f9e6cd5c4845a9cb162029b8c6d5f0fTimo Sirainen
cd94aeaa294f7cc507206b4b2075852f00e14d61Timo Sirainen/* max. size of input buffer. this means:
cd94aeaa294f7cc507206b4b2075852f00e14d61Timo Sirainen
decb23442f9e6cd5c4845a9cb162029b8c6d5f0fTimo Sirainen   IMAP: Max. length of command's all parameters. SASL-IR is read into
decb23442f9e6cd5c4845a9cb162029b8c6d5f0fTimo Sirainen         a separate larger buffer.
cd94aeaa294f7cc507206b4b2075852f00e14d61Timo Sirainen   POP3: Max. length of a command line (spec says 512 would be enough)
cd94aeaa294f7cc507206b4b2075852f00e14d61Timo Sirainen*/
decb23442f9e6cd5c4845a9cb162029b8c6d5f0fTimo Sirainen#define LOGIN_MAX_INBUF_SIZE \
b55f914c0ade77252cfd798ea8eb9a84bda56315Timo Sirainen    (MASTER_AUTH_MAX_DATA_SIZE - LOGIN_MAX_MASTER_PREFIX_LEN - \
b55f914c0ade77252cfd798ea8eb9a84bda56315Timo Sirainen     LOGIN_MAX_SESSION_ID_LEN)
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen/* max. size of output buffer. if it gets full, the client is disconnected.
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen   SASL authentication gives the largest output. */
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen#define LOGIN_MAX_OUTBUF_SIZE 4096
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
7fa573e6ea36024f618492e7d3649a69c1b41028Timo Sirainen/* Max. length of SASL authentication buffer. */
7fa573e6ea36024f618492e7d3649a69c1b41028Timo Sirainen#define LOGIN_MAX_AUTH_BUF_SIZE 8192
7fa573e6ea36024f618492e7d3649a69c1b41028Timo Sirainen
5a9e240ebf8d0daaf029973973b52e415148070bTimo Sirainen/* Disconnect client after this many milliseconds if it hasn't managed
5a9e240ebf8d0daaf029973973b52e415148070bTimo Sirainen   to log in yet. */
d99107ddf4d9bccb710994482daf65276a9d6321Timo Sirainen#define CLIENT_LOGIN_TIMEOUT_MSECS (MASTER_LOGIN_TIMEOUT_SECS*1000)
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen#define AUTH_SERVER_WAITING_MSG \
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    "Waiting for authentication process to respond.."
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen#define AUTH_MASTER_WAITING_MSG \
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    "Waiting for authentication master process to respond.."
cd94aeaa294f7cc507206b4b2075852f00e14d61Timo Sirainen
a05fec120ecd8c4ed6331c42100cba42adf22893Stephan Boschstruct master_service_connection;
a05fec120ecd8c4ed6331c42100cba42adf22893Stephan Bosch
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainenenum client_disconnect_reason {
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_DISCONNECT_TIMEOUT,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_DISCONNECT_SYSTEM_SHUTDOWN,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_DISCONNECT_RESOURCE_CONSTRAINT,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_DISCONNECT_INTERNAL_ERROR
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen};
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Boschenum client_auth_fail_code {
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch    CLIENT_AUTH_FAIL_CODE_NONE = 0,
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch    CLIENT_AUTH_FAIL_CODE_AUTHZFAILED,
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch    CLIENT_AUTH_FAIL_CODE_TEMPFAIL,
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch    CLIENT_AUTH_FAIL_CODE_USER_DISABLED,
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch    CLIENT_AUTH_FAIL_CODE_PASS_EXPIRED,
8ac6623677005256bf99ab33a2ed98c69c1d656cStephan Bosch    CLIENT_AUTH_FAIL_CODE_INVALID_BASE64,
f32d0295c90ed810889504cdfa5e1a25a415f65fStephan Bosch    CLIENT_AUTH_FAIL_CODE_LOGIN_DISABLED,
04eb0abcf8f8b0c014499b5c5bae89484553613fStephan Bosch    CLIENT_AUTH_FAIL_CODE_MECH_INVALID,
04eb0abcf8f8b0c014499b5c5bae89484553613fStephan Bosch    CLIENT_AUTH_FAIL_CODE_MECH_SSL_REQUIRED,
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch};
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainenenum client_auth_result {
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_AUTH_RESULT_SUCCESS,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_AUTH_RESULT_REFERRAL_SUCCESS,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_AUTH_RESULT_REFERRAL_NOLOGIN,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_AUTH_RESULT_ABORTED,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_AUTH_RESULT_AUTHFAILED,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_AUTH_RESULT_AUTHFAILED_REASON,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_AUTH_RESULT_AUTHZFAILED,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    CLIENT_AUTH_RESULT_TEMPFAIL,
529944a3554da75c2e6231a25fe489d815519b22Stephan Bosch    CLIENT_AUTH_RESULT_PASS_EXPIRED,
f32d0295c90ed810889504cdfa5e1a25a415f65fStephan Bosch    CLIENT_AUTH_RESULT_SSL_REQUIRED,
8ac6623677005256bf99ab33a2ed98c69c1d656cStephan Bosch    CLIENT_AUTH_RESULT_INVALID_BASE64,
f32d0295c90ed810889504cdfa5e1a25a415f65fStephan Bosch    CLIENT_AUTH_RESULT_LOGIN_DISABLED,
04eb0abcf8f8b0c014499b5c5bae89484553613fStephan Bosch    CLIENT_AUTH_RESULT_MECH_INVALID,
04eb0abcf8f8b0c014499b5c5bae89484553613fStephan Bosch    CLIENT_AUTH_RESULT_MECH_SSL_REQUIRED
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen};
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenstruct client_auth_reply {
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    const char *master_user, *reason;
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch    enum client_auth_fail_code fail_code;
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    /* for proxying */
d694a52bce62c52080c3f87a56dcf77030fd2712Timo Sirainen    const char *host, *hostip, *source_ip;
d694a52bce62c52080c3f87a56dcf77030fd2712Timo Sirainen    const char *destuser, *password, *proxy_mech;
009217abb57a24a4076092e8e4e165545747839eStephan Bosch    in_port_t port;
2598b2f36365b52d9754b9348a5be29569293e46Timo Sirainen    unsigned int proxy_timeout_msecs;
6303191abcb37164f435ccdc56e9dbddf1288851Timo Sirainen    unsigned int proxy_refresh_secs;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    enum login_proxy_ssl_flags ssl_flags;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
fd3d068169c6ec587c9c446f2ee45560a444334aTimo Sirainen    /* all the key=value fields returned by passdb */
fd3d068169c6ec587c9c446f2ee45560a444334aTimo Sirainen    const char *const *all_fields;
fd3d068169c6ec587c9c446f2ee45560a444334aTimo Sirainen
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool proxy:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool proxy_nopipelining:1;
6d24551e169c0808695db35d7a228f1970a84c75Timo Sirainen    bool proxy_not_trusted:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool nologin:1;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen};
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenstruct client_vfuncs {
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    struct client *(*alloc)(pool_t pool);
f059a046515f4b2b15a6c2a10a6f12f6166e39a5Timo Sirainen    void (*create)(struct client *client, void **other_sets);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    void (*destroy)(struct client *client);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    void (*notify_auth_ready)(struct client *client);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    void (*notify_disconnect)(struct client *client,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen                  enum client_disconnect_reason reason,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen                  const char *text);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    void (*notify_status)(struct client *client,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen                  bool bad, const char *text);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    void (*notify_starttls)(struct client *client,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen                bool success, const char *text);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    void (*starttls)(struct client *client);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    void (*input)(struct client *client);
46ec792dd4ccf6c34706c4774228301fafde6aa9Timo Sirainen    void (*auth_send_challenge)(struct client *client, const char *data);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    void (*auth_parse_response)(struct client *client);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    void (*auth_result)(struct client *client,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen                enum client_auth_result result,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen                const struct client_auth_reply *reply,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen                const char *text);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    void (*proxy_reset)(struct client *client);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    int (*proxy_parse_line)(struct client *client, const char *line);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen    void (*proxy_error)(struct client *client, const char *text);
2b96880f2d789d125aff6a95eaa7b51f558a6a1cTimo Sirainen    const char *(*proxy_get_state)(struct client *client);
ae797f3368ebb86e7786ca25d7c9c703f672b9f5Timo Sirainen    void (*send_raw_data)(struct client *client,
ae797f3368ebb86e7786ca25d7c9c703f672b9f5Timo Sirainen                  const void *data, size_t size);
edfdc577ffe7408fd6463eb9dba11260d380ab53Timo Sirainen    bool (*input_next_cmd)(struct client *client);
b84eff65e25ae86dfd6f798386577209b94838c6Timo Sirainen    void (*free)(struct client *client);
00fa8dcbc66f56daa737487c9dec7166c37de79eTimo Sirainen};
00fa8dcbc66f56daa737487c9dec7166c37de79eTimo Sirainen
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainenstruct client {
a7efba62b6235e5efc124cbf702ddeb547ca3665Timo Sirainen    /* If disconnected=FALSE, the client is in "clients" list.
a7efba62b6235e5efc124cbf702ddeb547ca3665Timo Sirainen       If fd_proxying=TRUE, the client is in "client_fd_proxies" list.
a7efba62b6235e5efc124cbf702ddeb547ca3665Timo Sirainen       Otherwise, either the client will soon be freed or it's only
a7efba62b6235e5efc124cbf702ddeb547ca3665Timo Sirainen       referenced via "login_proxies" which doesn't use these pointers. */
ad004e44be109684521494b5af2ad1da39b8bb27Timo Sirainen    struct client *prev, *next;
a7efba62b6235e5efc124cbf702ddeb547ca3665Timo Sirainen
97db4761382024093f441e4bc78ba8b6a056504dTimo Sirainen    pool_t pool;
b045b66988bfbaa2795791e42ee724fae6f0db1cAki Tuomi    /* this pool gets free'd once proxying starts */
b045b66988bfbaa2795791e42ee724fae6f0db1cAki Tuomi    pool_t preproxy_pool;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    struct client_vfuncs v;
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainen    struct client_vfuncs *vlast;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    time_t created;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    int refcount;
ad004e44be109684521494b5af2ad1da39b8bb27Timo Sirainen
64e244defe74f513ce94f33d000a048ddbe2ea23Timo Sirainen    struct ip_addr local_ip;
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen    struct ip_addr ip;
325d17cdbb7a338f7c413788f5e8e42d2e80a7f8Timo Sirainen    struct ip_addr real_remote_ip, real_local_ip;
009217abb57a24a4076092e8e4e165545747839eStephan Bosch    in_port_t local_port, remote_port;
009217abb57a24a4076092e8e4e165545747839eStephan Bosch    in_port_t real_local_port, real_remote_port;
feb8f7b9490ddef989094ee21d7d1a222ccc4cb2Timo Sirainen    struct ssl_iostream *ssl_iostream;
97db4761382024093f441e4bc78ba8b6a056504dTimo Sirainen    const struct login_settings *set;
f29756821a4c6b12b73e4a2a3e1c230117a43773Timo Sirainen    const struct master_service_ssl_settings *ssl_set;
8ce3071e80b9973230048ecadfcb073fb82cc69fTimo Sirainen    const char *session_id, *listener_name, *postlogin_socket_path;
fe791e96fdf796f7d8997ee0515b163dc5eddd72Aki Tuomi    const char *local_name;
b6fbc235f981b10333403e2fd6d333fd351c7a3cAki Tuomi    const char *client_cert_common_name;
b6fbc235f981b10333403e2fd6d333fd351c7a3cAki Tuomi
a8dac1be6a0c3adbbce5887ca395f418194c6c06Aki Tuomi    string_t *client_id;
53f97800b16ab3a8d263c5331132dec1e8fea9a0Aki Tuomi    string_t *forward_fields;
bf72c930996df0691932fb1143f360d260f27a06Timo Sirainen
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen    int fd;
cd94aeaa294f7cc507206b4b2075852f00e14d61Timo Sirainen    struct istream *input;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    struct ostream *output;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    struct io *io;
87dbf3e85526ccde5908a611eb9a798f1d0ccac3Timo Sirainen    struct iostream_proxy *iostream_fd_proxy;
660b99a7059824676b2b8d6f79b8e15d47df25a2Timo Sirainen    struct timeout *to_auth_waiting;
5a9e240ebf8d0daaf029973973b52e415148070bTimo Sirainen    struct timeout *to_disconnect;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
bbba7d0fce1b6ce5baa2d7ef946eb1b63e2ab518Timo Sirainen    unsigned char *master_data_prefix;
bbba7d0fce1b6ce5baa2d7ef946eb1b63e2ab518Timo Sirainen    unsigned int master_data_prefix_len;
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    struct login_proxy *login_proxy;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    char *proxy_user, *proxy_master_user, *proxy_password;
de754cb78f75e8b3b994cddafe41c9ed1467c33dTimo Sirainen    const struct dsasl_client_mech *proxy_mech;
de754cb78f75e8b3b994cddafe41c9ed1467c33dTimo Sirainen    struct dsasl_client *proxy_sasl_client;
ddbdc644a15f56f4b43596f1b8c0fc196c101445Timo Sirainen    unsigned int proxy_ttl;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
c49a19168dab6fda80aee16ad799a8a56d3bc18fTimo Sirainen    char *auth_mech_name;
9137c55411aa39d41c1e705ddc34d5bd26c65021Timo Sirainen    struct auth_client_request *auth_request;
a75907609d7c410c9e17beedfafbf28b4439fa8aTimo Sirainen    string_t *auth_response;
7a94f950fd1dcc81537acfc8adb030b5e703d722Timo Sirainen    time_t auth_first_started, auth_finished;
aebfda1f6e3a924c31e8f54237b81fabf4b2264cTimo Sirainen    const char *sasl_final_resp;
2dfd08e8aa16dfcc975d8a62bc8d20b2ef849d71Timo Sirainen    const char *const *auth_passdb_args;
c49a19168dab6fda80aee16ad799a8a56d3bc18fTimo Sirainen
38cb3d139aefb7c65919cf4aba5ded7b5fd50e6fTimo Sirainen    unsigned int master_auth_id;
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainen    unsigned int master_tag;
c49a19168dab6fda80aee16ad799a8a56d3bc18fTimo Sirainen    sasl_server_callback_t *sasl_callback;
bf72c930996df0691932fb1143f360d260f27a06Timo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen    unsigned int bad_counter;
843640f0ca224bb9999acb290bca5f76037ab984Timo Sirainen    unsigned int auth_attempts, auth_successes;
36b072d84a9076c3c483bf710444a716e987ccc3Stephan Bosch    enum client_auth_fail_code last_auth_fail;
087939d3fa9c4056419386c9d6c81f147de534cdTimo Sirainen    pid_t mail_pid;
02ccba3d3be96444abd15b5254864c9151bbeb30Timo Sirainen
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainen    /* Module-specific contexts. */
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainen    ARRAY(union login_client_module_context *) module_contexts;
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainen
2f90189c6ee66a17f7bf838a8eb8a69868630fb8Timo Sirainen    char *virtual_user, *virtual_user_orig, *virtual_auth_user;
ce1a6c9b82117d253df9acd77e54ac84dd8a247eTimo Sirainen    /* passdb user_* fields are set here after a successful auth.
ce1a6c9b82117d253df9acd77e54ac84dd8a247eTimo Sirainen       This is a NULL-terminated array where fields are in the same order
ce1a6c9b82117d253df9acd77e54ac84dd8a247eTimo Sirainen       as in global_alt_usernames. If some field doesn't exist, it's "".
ce1a6c9b82117d253df9acd77e54ac84dd8a247eTimo Sirainen       Can also be NULL if there are no user_* fields. */
ce1a6c9b82117d253df9acd77e54ac84dd8a247eTimo Sirainen    const char **alt_usernames;
ec9429535e925610513bd6bfde6729e273082ccbTimo Sirainen    /* director_username_hash cached, if non-zero */
ec9429535e925610513bd6bfde6729e273082ccbTimo Sirainen    unsigned int director_username_hash_cache;
ec9429535e925610513bd6bfde6729e273082ccbTimo Sirainen
66ea9eaaa2d7531b3be8f633937628c94d907031Timo Sirainen    bool create_finished:1;
dfafc4ac89195b8cdd48afa619599d5b392ef479Stephan Bosch    bool disconnected:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool destroyed:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool input_blocked:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool login_success:1;
1a1159e589def1e32b7dc25397f15146672ef73eTimo Sirainen    bool no_extra_disconnect_reason:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool starttls:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool tls:1;
3609e0b9b8fcd1a183a785af690cdcad33c345aaAki Tuomi    bool proxied_ssl:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool secured:1;
9666d130b63653a5a6d5d2f38ca2df72a5f3f7a7Stephan Bosch    bool ssl_secured:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool trusted:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool ssl_servername_settings_read:1;
56af9dd10e7e6caeaca64395bad3f882b28ecdffTimo Sirainen    bool banner_sent:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool authenticating:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool auth_try_aborted:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool auth_initializing:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool auth_process_comm_fail:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool proxy_auth_failed:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool proxy_nopipelining:1;
6d24551e169c0808695db35d7a228f1970a84c75Timo Sirainen    bool proxy_not_trusted:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool auth_waiting:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool notified_auth_ready:1;
0dffa25d211be541ee3c953b23566a1a990789dfTimo Sirainen    bool notified_disconnect:1;
a7efba62b6235e5efc124cbf702ddeb547ca3665Timo Sirainen    bool fd_proxying:1;
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen    /* ... */
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen};
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainenunion login_client_module_context {
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainen    struct client_vfuncs super;
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainen    struct login_module_register *reg;
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainen};
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainen
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainenstruct login_client_hooks {
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainen    void (*client_allocated)(struct client *client);
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainen};
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainen
ad004e44be109684521494b5af2ad1da39b8bb27Timo Sirainenextern struct client *clients;
ad004e44be109684521494b5af2ad1da39b8bb27Timo Sirainen
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainentypedef void login_client_allocated_func_t(struct client *client);
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainen
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainenvoid login_client_hooks_add(struct module *module,
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainen                const struct login_client_hooks *hooks);
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainenvoid login_client_hooks_remove(const struct login_client_hooks *hooks);
9132f9df4e12ed5293c70957813aa3736444a13cTimo Sirainen
f059a046515f4b2b15a6c2a10a6f12f6166e39a5Timo Sirainenstruct client *
be6e55ff7c81afdc7ed9b47c6021a4f7827e4407Timo Sirainenclient_alloc(int fd, pool_t pool,
66ea9eaaa2d7531b3be8f633937628c94d907031Timo Sirainen         const struct master_service_connection *conn,
66ea9eaaa2d7531b3be8f633937628c94d907031Timo Sirainen         const struct login_settings *set,
66ea9eaaa2d7531b3be8f633937628c94d907031Timo Sirainen         const struct master_service_ssl_settings *ssl_set);
66ea9eaaa2d7531b3be8f633937628c94d907031Timo Sirainenvoid client_init(struct client *client, void **other_sets);
dfafc4ac89195b8cdd48afa619599d5b392ef479Stephan Boschvoid client_disconnect(struct client *client, const char *reason);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_destroy(struct client *client, const char *reason);
87dbf3e85526ccde5908a611eb9a798f1d0ccac3Timo Sirainen/* Destroy the client after a successful login. Either the client fd was
87dbf3e85526ccde5908a611eb9a798f1d0ccac3Timo Sirainen   sent to the post-login process, or the connection will be proxied. */
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_destroy_success(struct client *client, const char *reason);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_ref(struct client *client);
b66d803de86bfb411165b3465b0d9ef64ecfe2a1Timo Sirainenbool client_unref(struct client **client) ATTR_NOWARN_UNUSED_RESULT;
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
b1485f2691de41ed7b5f96cebda2ebcb69a5e22fTimo Sirainenint client_init_ssl(struct client *client);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_cmd_starttls(struct client *client);
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen
87dbf3e85526ccde5908a611eb9a798f1d0ccac3Timo Sirainenint client_get_plaintext_fd(struct client *client, int *fd_r, bool *close_fd_r);
87dbf3e85526ccde5908a611eb9a798f1d0ccac3Timo Sirainen
68a4946b12583b88fa802e52ebee45cd96056772Timo Sirainenunsigned int clients_get_count(void) ATTR_PURE;
0256180043b9f55b606b523b775e8b23b1b12f83Timo Sirainenunsigned int clients_get_fd_proxies_count(void);
0256180043b9f55b606b523b775e8b23b1b12f83Timo Sirainenstruct client *clients_get_first_fd_proxy(void);
ad004e44be109684521494b5af2ad1da39b8bb27Timo Sirainen
c4ec7cb598805b1387dc3aab59ec8f32d8cc24e1Timo Sirainenvoid client_add_forward_field(struct client *client, const char *key,
c4ec7cb598805b1387dc3aab59ec8f32d8cc24e1Timo Sirainen                  const char *value);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_set_title(struct client *client);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_log(struct client *client, const char *msg);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_log_err(struct client *client, const char *msg);
b9c76fe9d9ca194816606342da1ddbd9be6bc8abTimo Sirainenvoid client_log_warn(struct client *client, const char *msg);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenconst char *client_get_extra_disconnect_reason(struct client *client);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainenvoid client_auth_respond(struct client *client, const char *response);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainenvoid client_auth_abort(struct client *client);
6a9e034441607c0c5a61858ff559af4615ac31caTimo Sirainenbool client_is_tls_enabled(struct client *client);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainenvoid client_auth_fail(struct client *client, const char *text);
b55f914c0ade77252cfd798ea8eb9a84bda56315Timo Sirainenconst char *client_get_session_id(struct client *client);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenbool client_read(struct client *client);
a1852ab4cf0a942a3fcf4ca5636a7932ebcc7970Stephan Bosch
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_input(struct client *client);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
a1852ab4cf0a942a3fcf4ca5636a7932ebcc7970Stephan Boschstatic inline bool
a1852ab4cf0a942a3fcf4ca5636a7932ebcc7970Stephan Boschclient_does_custom_io(struct client *client)
a1852ab4cf0a942a3fcf4ca5636a7932ebcc7970Stephan Bosch{
a1852ab4cf0a942a3fcf4ca5636a7932ebcc7970Stephan Bosch    return (client->v.input == NULL);
a1852ab4cf0a942a3fcf4ca5636a7932ebcc7970Stephan Bosch}
a1852ab4cf0a942a3fcf4ca5636a7932ebcc7970Stephan Bosch
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainenvoid client_notify_auth_ready(struct client *client);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainenvoid client_notify_status(struct client *client, bool bad, const char *text);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainenvoid client_notify_disconnect(struct client *client,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen                  enum client_disconnect_reason reason,
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen                  const char *text);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_send_raw_data(struct client *client, const void *data, size_t size);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_send_raw(struct client *client, const char *data);
ae797f3368ebb86e7786ca25d7c9c703f672b9f5Timo Sirainenvoid client_common_send_raw_data(struct client *client,
ae797f3368ebb86e7786ca25d7c9c703f672b9f5Timo Sirainen                 const void *data, size_t size);
b84eff65e25ae86dfd6f798386577209b94838c6Timo Sirainenvoid client_common_default_free(struct client *client);
00fa8dcbc66f56daa737487c9dec7166c37de79eTimo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_set_auth_waiting(struct client *client);
46ec792dd4ccf6c34706c4774228301fafde6aa9Timo Sirainenvoid client_auth_send_challenge(struct client *client, const char *data);
9f627b360ed38fdc54cb02ec5e67246c3f0d5b0fTimo Sirainenvoid client_auth_parse_response(struct client *client);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenint client_auth_begin(struct client *client, const char *mech_name,
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen              const char *init_resp);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenbool client_check_plaintext_auth(struct client *client, bool pass_sent);
decb23442f9e6cd5c4845a9cb162029b8c6d5f0fTimo Sirainenint client_auth_read_line(struct client *client);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainen
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_proxy_finish_destroy_client(struct client *client);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_proxy_log_failure(struct client *client, const char *line);
e248fe370c4047cee921a91b48edc37944ab0526Timo Sirainenvoid client_proxy_failed(struct client *client, bool send_line);
2b96880f2d789d125aff6a95eaa7b51f558a6a1cTimo Sirainenconst char *client_proxy_get_state(struct client *client);
c49a19168dab6fda80aee16ad799a8a56d3bc18fTimo Sirainen
2a90d8a14b0e7cc1508814bc87d3dfa598ef46a8Timo Sirainenvoid clients_notify_auth_connected(void);
71f1783adc89b4fe3588c72b23e059b320da8fadTimo Sirainenvoid client_destroy_oldest(void);
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainenvoid clients_destroy_all(void);
717bb0dbaf4bd3f745669570647845e6d493bfe0Timo Sirainenvoid clients_destroy_all_reason(const char *reason);
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen
a7efba62b6235e5efc124cbf702ddeb547ca3665Timo Sirainenvoid client_destroy_fd_proxies(void);
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainenvoid client_common_init(void);
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainenvoid client_common_deinit(void);
c5e62353a11087958ea4e619660e084a613e1a37Timo Sirainen
c0a708fa3f7b8f4fbca32052da5faf7a0125189dTimo Sirainen#endif