src/login-common/client-common.h

	client-common.h revision 6303191abcb37164f435ccdc56e9dbddf1288851
a8c5a86d183db25a57bf193c06b41e092ec2e151Timo Sirainen#ifndef CLIENT_COMMON_H
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen#define CLIENT_COMMON_H
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen
07e4875d250e7a7157cd99132aafc773cf3cdf83Timo Sirainen#include "network.h"
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen#include "login-proxy.h"
e0c3d5460d1cc0c440cb7723c8c2eef8d0afe9b9Timo Sirainen#include "sasl-server.h"
0536ccb51d41e3078c3a9fa33e509fb4b2420f95Timo Sirainen
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen/* max. size of input buffer. this means:
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen   IMAP: Max. length of a single parameter
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen   POP3: Max. length of a command line (spec says 512 would be enough)
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen*/
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen#define LOGIN_MAX_INBUF_SIZE 1024
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen/* max. size of output buffer. if it gets full, the client is disconnected.
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen   SASL authentication gives the largest output. */
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen#define LOGIN_MAX_OUTBUF_SIZE 4096
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen/* Disconnect client after this many milliseconds if it hasn't managed
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen   to log in yet. */
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen#define CLIENT_LOGIN_TIMEOUT_MSECS (MASTER_LOGIN_TIMEOUT_SECS*1000)
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen#define AUTH_SERVER_WAITING_MSG \
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen    "Waiting for authentication process to respond.."
8cb72c59d5ea4e9e5f638d7ec840bb853f5a188eTimo Sirainen#define AUTH_MASTER_WAITING_MSG \
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen    "Waiting for authentication master process to respond.."
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainenenum client_cmd_reply {
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen    CLIENT_CMD_REPLY_OK,
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen    CLIENT_CMD_REPLY_AUTH_FAILED,
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen    CLIENT_CMD_REPLY_AUTHZ_FAILED,
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen    CLIENT_CMD_REPLY_AUTH_FAIL_TEMP,
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen    CLIENT_CMD_REPLY_AUTH_FAIL_REASON,
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen    CLIENT_CMD_REPLY_AUTH_FAIL_NOSSL,
cd56a23e21f1df3f79648cf07e2f4385e2fadebbTimo Sirainen    CLIENT_CMD_REPLY_BAD,
cd56a23e21f1df3f79648cf07e2f4385e2fadebbTimo Sirainen    CLIENT_CMD_REPLY_BYE,
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen    CLIENT_CMD_REPLY_STATUS,
cd56a23e21f1df3f79648cf07e2f4385e2fadebbTimo Sirainen    CLIENT_CMD_REPLY_STATUS_BAD
cd56a23e21f1df3f79648cf07e2f4385e2fadebbTimo Sirainen};
cd56a23e21f1df3f79648cf07e2f4385e2fadebbTimo Sirainen
c0435c854a0e7246373b9752d163095cc4fbe985Timo Sirainenstruct client_auth_reply {
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    const char *master_user, *reason;
252db51b6c0a605163326b3ea5d09e9936ca3b29Timo Sirainen    /* for proxying */
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    const char *host, *destuser, *password;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    unsigned int port;
d5cebe7f98e63d4e2822863ef2faa4971e8b3a5dTimo Sirainen    unsigned int proxy_timeout_msecs;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    unsigned int proxy_refresh_secs;
252db51b6c0a605163326b3ea5d09e9936ca3b29Timo Sirainen    enum login_proxy_ssl_flags ssl_flags;
e0c3d5460d1cc0c440cb7723c8c2eef8d0afe9b9Timo Sirainen
e0c3d5460d1cc0c440cb7723c8c2eef8d0afe9b9Timo Sirainen    unsigned int proxy:1;
e0c3d5460d1cc0c440cb7723c8c2eef8d0afe9b9Timo Sirainen    unsigned int temp:1;
d5cebe7f98e63d4e2822863ef2faa4971e8b3a5dTimo Sirainen    unsigned int nologin:1;
e0c3d5460d1cc0c440cb7723c8c2eef8d0afe9b9Timo Sirainen    unsigned int authz_failure:1;
252db51b6c0a605163326b3ea5d09e9936ca3b29Timo Sirainen};
d5cebe7f98e63d4e2822863ef2faa4971e8b3a5dTimo Sirainen
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainenstruct client_vfuncs {
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    struct client *(*alloc)(pool_t pool);
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    void (*create)(struct client *client, void **other_sets);
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    void (*destroy)(struct client *client);
5ac0b0bf32898c63da086ae169674ecac151a31eTimo Sirainen    void (*send_greeting)(struct client *client);
5ac0b0bf32898c63da086ae169674ecac151a31eTimo Sirainen    void (*starttls)(struct client *client);
5ac0b0bf32898c63da086ae169674ecac151a31eTimo Sirainen    void (*input)(struct client *client);
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    void (*send_line)(struct client *client, enum client_cmd_reply reply,
5ac0b0bf32898c63da086ae169674ecac151a31eTimo Sirainen              const char *text);
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    bool (*auth_handle_reply)(struct client *client,
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen                  const struct client_auth_reply *reply);
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    void (*auth_send_challenge)(struct client *client, const char *data);
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    int (*auth_parse_response)(struct client *client);
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    void (*proxy_reset)(struct client *client);
5ac0b0bf32898c63da086ae169674ecac151a31eTimo Sirainen    int (*proxy_parse_line)(struct client *client, const char *line);
5ac0b0bf32898c63da086ae169674ecac151a31eTimo Sirainen};
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainenstruct client {
c28f6aa0b70af4811c9ace9114fe827c2f503455Timo Sirainen    struct client *prev, *next;
c28f6aa0b70af4811c9ace9114fe827c2f503455Timo Sirainen    pool_t pool;
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    struct client_vfuncs v;
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen
c28f6aa0b70af4811c9ace9114fe827c2f503455Timo Sirainen    time_t created;
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    int refcount;
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen
df831edaa3b3aa22e03bc5fd416a0553c5600a69Phil Carmody    struct ip_addr local_ip;
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    struct ip_addr ip;
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    unsigned int local_port, remote_port;
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    struct ssl_proxy *ssl_proxy;
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen    const struct login_settings *set;
1a0ece3e873e3864269ed7eaed957dc10c56d25fTimo Sirainen
c28f6aa0b70af4811c9ace9114fe827c2f503455Timo Sirainen    int fd;
c28f6aa0b70af4811c9ace9114fe827c2f503455Timo Sirainen    struct istream *input;
c0435c854a0e7246373b9752d163095cc4fbe985Timo Sirainen    struct ostream *output;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    struct io *io;
252db51b6c0a605163326b3ea5d09e9936ca3b29Timo Sirainen    struct timeout *to_auth_waiting;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    struct timeout *to_disconnect;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    unsigned char *master_data_prefix;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    unsigned int master_data_prefix_len;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    struct login_proxy *login_proxy;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    char *proxy_user, *proxy_master_user, *proxy_password;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    char *auth_mech_name;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    struct auth_client_request *auth_request;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    string_t *auth_response;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    unsigned int master_tag;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    sasl_server_callback_t *sasl_callback;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    unsigned int bad_counter;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    unsigned int auth_attempts;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    pid_t mail_pid;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    char *virtual_user;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    unsigned int destroyed:1;
862ec874f9373e3e499e237d3b9f71fdf1413feeTimo Sirainen    unsigned int input_blocked:1;
c0435c854a0e7246373b9752d163095cc4fbe985Timo Sirainen    unsigned int login_success:1;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    unsigned int greeting_sent:1;
e2ce8d4a6ac5d82a906178148453e7613fab9ba0Timo Sirainen    unsigned int starttls:1;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    unsigned int tls:1;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    unsigned int secured:1;
7662010b03ffe5f2a6ecf4b4eb220d1c65efea76Timo Sirainen    unsigned int trusted:1;
7662010b03ffe5f2a6ecf4b4eb220d1c65efea76Timo Sirainen    unsigned int authenticating:1;
7662010b03ffe5f2a6ecf4b4eb220d1c65efea76Timo Sirainen    unsigned int auth_tried_disabled_plaintext:1;
7662010b03ffe5f2a6ecf4b4eb220d1c65efea76Timo Sirainen    unsigned int auth_tried_unsupported_mech:1;
7662010b03ffe5f2a6ecf4b4eb220d1c65efea76Timo Sirainen    unsigned int auth_try_aborted:1;
c0435c854a0e7246373b9752d163095cc4fbe985Timo Sirainen    unsigned int auth_initializing:1;
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen    /* ... */
252db51b6c0a605163326b3ea5d09e9936ca3b29Timo Sirainen};
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainenextern struct client *clients;
0a49b316fc729e5d57268ffa63c7122ac73f994cTimo Sirainenextern struct client_vfuncs client_vfuncs;
0a49b316fc729e5d57268ffa63c7122ac73f994cTimo Sirainen
0a49b316fc729e5d57268ffa63c7122ac73f994cTimo Sirainenstruct client *
0a49b316fc729e5d57268ffa63c7122ac73f994cTimo Sirainenclient_create(int fd, bool ssl, pool_t pool,
0a49b316fc729e5d57268ffa63c7122ac73f994cTimo Sirainen          const struct login_settings *set, void **other_sets,
51e1a1c280ccb461a15827f7987d09cb9708b6e3Timo Sirainen          const struct ip_addr *local_ip, const struct ip_addr *remote_ip);
51e1a1c280ccb461a15827f7987d09cb9708b6e3Timo Sirainenvoid client_destroy(struct client *client, const char *reason);
51e1a1c280ccb461a15827f7987d09cb9708b6e3Timo Sirainenvoid client_destroy_success(struct client *client, const char *reason);
51e1a1c280ccb461a15827f7987d09cb9708b6e3Timo Sirainenvoid client_destroy_internal_failure(struct client *client);
51e1a1c280ccb461a15827f7987d09cb9708b6e3Timo Sirainen
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenvoid client_ref(struct client *client);
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenbool client_unref(struct client **client);
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainen
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenvoid client_cmd_starttls(struct client *client);
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainen
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenunsigned int clients_get_count(void) ATTR_PURE;
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainen
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenvoid client_set_title(struct client *client);
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenvoid client_log(struct client *client, const char *msg);
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenvoid client_log_err(struct client *client, const char *msg);
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenconst char *client_get_extra_disconnect_reason(struct client *client);
c0435c854a0e7246373b9752d163095cc4fbe985Timo Sirainenbool client_is_trusted(struct client *client);
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainenvoid client_auth_failed(struct client *client);
252db51b6c0a605163326b3ea5d09e9936ca3b29Timo Sirainen
0892446b45c195461bb7be6599f02d97e1e2c9b2Timo Sirainenbool client_read(struct client *client);
c09f9f95db314e7482c95e502e1c56ed6c555797Timo Sirainenvoid client_input(struct client *client);
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen
a2738cdb6d2733fb3e186331d68009421a19ea00Timo Sirainenvoid client_send_line(struct client *client, enum client_cmd_reply reply,
d66ef20c30fee728899ee168c75fcc5ff8fbdac1Timo Sirainen              const char *text);
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainenvoid client_send_raw_data(struct client *client, const void *data, size_t size);
d66ef20c30fee728899ee168c75fcc5ff8fbdac1Timo Sirainenvoid client_send_raw(struct client *client, const char *data);
ecc81625167ed96c04c02aa190a1ea5baa65b474Timo Sirainen
9e095dd6a77097356aca8216356d4d71ef1bea45Timo Sirainenvoid client_set_auth_waiting(struct client *client);
c09f9f95db314e7482c95e502e1c56ed6c555797Timo Sirainenvoid client_auth_send_challenge(struct client *client, const char *data);
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenint client_auth_parse_response(struct client *client);
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainenint client_auth_begin(struct client *client, const char *mech_name,
4334b9b032298defd4d3906f5357698ff016ead0Timo Sirainen              const char *init_resp);
0892446b45c195461bb7be6599f02d97e1e2c9b2Timo Sirainenbool client_check_plaintext_auth(struct client *client, bool pass_sent);
c09f9f95db314e7482c95e502e1c56ed6c555797Timo Sirainen
7af4788b402346c94496095dd819f95ce03fe431Timo Sirainenvoid client_proxy_finish_destroy_client(struct client *client);
0a0cd45a633112a2ae6aad801c1e6afe53ab95deTimo Sirainenvoid client_proxy_log_failure(struct client *client, const char *line);
0a0cd45a633112a2ae6aad801c1e6afe53ab95deTimo Sirainenvoid client_proxy_failed(struct client *client, bool send_line);
0a0cd45a633112a2ae6aad801c1e6afe53ab95deTimo Sirainen
0a0cd45a633112a2ae6aad801c1e6afe53ab95deTimo Sirainenvoid clients_notify_auth_connected(void);
0a0cd45a633112a2ae6aad801c1e6afe53ab95deTimo Sirainenvoid client_destroy_oldest(void);
c09f9f95db314e7482c95e502e1c56ed6c555797Timo Sirainenvoid clients_destroy_all(void);
c09f9f95db314e7482c95e502e1c56ed6c555797Timo Sirainen
c09f9f95db314e7482c95e502e1c56ed6c555797Timo Sirainenvoid clients_init(void);
c09f9f95db314e7482c95e502e1c56ed6c555797Timo Sirainenvoid clients_deinit(void);
d66ef20c30fee728899ee168c75fcc5ff8fbdac1Timo Sirainen
c09f9f95db314e7482c95e502e1c56ed6c555797Timo Sirainen#endif
c09f9f95db314e7482c95e502e1c56ed6c555797Timo Sirainen