46 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
47 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
48 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
49 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
50 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
51 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
52 */
53
54 #include <config.h>
55
56 #include <stdlib.h>
57 #include <stdio.h>
58 #include <string.h>
59 #ifndef macintosh
60 #include <sys/types.h>
61 #include <sys/stat.h>
62 #endif
63 #include <fcntl.h>
64 #include <ctype.h>
65
66 /* EXPORT DELETE START */
67 /* DES support */
68 #ifdef WITH_DES
69 # ifdef WITH_SSL_DES
70 # include <openssl/des.h>
71 # else /* system DES library */
72 # include <des.h>
73 # endif
74 #endif /* WITH_DES */
75 /* EXPORT DELETE END */
76
77 #ifdef WIN32
78 # include <winsock.h>
79 #else /* Unix */
80 # include <netinet/in.h>
81 #endif /* WIN32 */
82
83 #ifdef _SUN_SDK_
84 #include <unistd.h>
85 #endif /* _SUN_SDK_ */
86
87 #include <sasl.h>
88 #include <saslplug.h>
89
90 #include "plugin_common.h"
91
92 #if defined _SUN_SDK_ && defined USE_UEF
93 #include <security/cryptoki.h>
94 static int uef_init(const sasl_utils_t *utils);
95 #endif /* _SUN_SDK_ && USE_UEF */
704 if (endpair[0] != ',') {
705 if (endpair[0]!='\0') {
706 *endpair++ = '\0';
707 }
708 }
709
710 endpair = skip_lws(endpair);
711
712 /* syntax check: MUST be '\0' or ',' */
713 if (endpair[0] == ',') {
714 endpair[0] = '\0';
715 endpair++; /* skipping <,> */
716 } else if (endpair[0] != '\0') {
717 *name = NULL;
718 return;
719 }
720
721 *in = endpair;
722 }
723
724 /* EXPORT DELETE START */
725 #ifdef WITH_DES
726 struct des_context_s {
727 des_key_schedule keysched; /* key schedule for des initialization */
728 des_cblock ivec; /* initial vector for encoding */
729 des_key_schedule keysched2; /* key schedule for 3des initialization */
730 };
731
732 typedef struct des_context_s des_context_t;
733
734 /* slide the first 7 bytes of 'inbuf' into the high seven bits of the
735 first 8 bytes of 'keybuf'. 'keybuf' better be 8 bytes long or longer. */
736 static void slidebits(unsigned char *keybuf, unsigned char *inbuf)
737 {
738 keybuf[0] = inbuf[0];
739 keybuf[1] = (inbuf[0]<<7) | (inbuf[1]>>1);
740 keybuf[2] = (inbuf[1]<<6) | (inbuf[2]>>2);
741 keybuf[3] = (inbuf[2]<<5) | (inbuf[3]>>3);
742 keybuf[4] = (inbuf[3]<<4) | (inbuf[4]>>4);
743 keybuf[5] = (inbuf[4]<<3) | (inbuf[5]>>5);
744 keybuf[6] = (inbuf[5]<<2) | (inbuf[6]>>6);
1172 unsigned *outputlen)
1173 {
1174 /* pad is zero */
1175 *outputlen = inputlen+10;
1176
1177 /* encrypt the text part */
1178 rc4_encrypt((rc4_context_t *) text->cipher_enc_context,
1179 input,
1180 output,
1181 inputlen);
1182
1183 /* encrypt the HMAC part */
1184 rc4_encrypt((rc4_context_t *) text->cipher_enc_context,
1185 (const char *) digest,
1186 (output)+inputlen, 10);
1187
1188 return SASL_OK;
1189 }
1190
1191 #endif /* WITH_RC4 */
1192 /* EXPORT DELETE END */
1193
1194 struct digest_cipher available_ciphers[] =
1195 {
1196 /* EXPORT DELETE START */
1197 #ifdef WITH_RC4
1198 { "rc4-40", 40, 5, 0x01, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
1199 { "rc4-56", 56, 7, 0x02, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
1200 { "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
1201 #endif
1202 #ifdef WITH_DES
1203 { "des", 55, 16, 0x08, &enc_des, &dec_des, &init_des, &free_des },
1204 { "3des", 112, 16, 0x10, &enc_3des, &dec_3des, &init_3des, &free_des },
1205 #endif
1206 /* EXPORT DELETE END */
1207 { NULL, 0, 0, 0, NULL, NULL, NULL, NULL }
1208 };
1209
1210
1211 #ifdef USE_UEF
1212 DEFINE_STATIC_MUTEX(uef_init_mutex);
1213 #define DES_CIPHER_INDEX 3
1214 #define DES3_CIPHER_INDEX 4
1215
1216 static int got_uef_slot = FALSE;
1217 static sasl_ssf_t uef_max_ssf = 0;
1218 static CK_SLOT_ID rc4_slot_id;
1219 static CK_SLOT_ID des_slot_id;
1220 static CK_SLOT_ID des3_slot_id;
1221
1222 struct uef_context_s {
1223 CK_SESSION_HANDLE hSession;
1224 CK_OBJECT_HANDLE hKey;
1225 };
1226
3671
3672 #ifndef _SUN_SDK_
3673 return SASL_FAIL; /* should never get here */
3674 #endif /* !_SUN_SDK_ */
3675 }
3676
3677 static void
3678 digestmd5_server_mech_dispose(void *conn_context, const sasl_utils_t *utils)
3679 {
3680 server_context_t *stext = (server_context_t *) conn_context;
3681
3682 if (!stext || !utils) return;
3683
3684 digestmd5_common_mech_dispose(conn_context, utils);
3685 }
3686
3687 static sasl_server_plug_t digestmd5_server_plugins[] =
3688 {
3689 {
3690 "DIGEST-MD5", /* mech_name */
3691 /* EXPORT DELETE START */
3692 #ifdef WITH_RC4
3693 128, /* max_ssf */
3694 #elif WITH_DES
3695 112,
3696 #else
3697 /* EXPORT DELETE END */
3698 0,
3699 /* EXPORT DELETE START */
3700 #endif
3701 /* EXPORT DELETE END */
3702 SASL_SEC_NOPLAINTEXT
3703 | SASL_SEC_NOANONYMOUS
3704 | SASL_SEC_MUTUAL_AUTH, /* security_flags */
3705 SASL_FEAT_ALLOWS_PROXY, /* features */
3706 NULL, /* glob_context */
3707 &digestmd5_server_mech_new, /* mech_new */
3708 &digestmd5_server_mech_step, /* mech_step */
3709 &digestmd5_server_mech_dispose, /* mech_dispose */
3710 &digestmd5_common_mech_free, /* mech_free */
3711 NULL, /* setpass */
3712 NULL, /* user_query */
3713 NULL, /* idle */
3714 NULL, /* mech avail */
3715 NULL /* spare */
3716 }
3717 };
3718
3719 int digestmd5_server_plug_init(sasl_utils_t *utils,
3720 int maxversion,
3721 int *out_version,
3762 if (!reauth_cache->mutex)
3763 return SASL_FAIL;
3764
3765 /* entries */
3766 reauth_cache->size = 100;
3767 reauth_cache->e = utils->malloc(reauth_cache->size *
3768 sizeof(reauth_entry_t));
3769 if (reauth_cache->e == NULL)
3770 return SASL_NOMEM;
3771 memset(reauth_cache->e, 0, reauth_cache->size * sizeof(reauth_entry_t));
3772 }
3773
3774 digestmd5_server_plugins[0].glob_context = reauth_cache;
3775
3776 #ifdef _SUN_SDK_
3777 #ifdef USE_UEF_CLIENT
3778 digestmd5_server_plugins[0].max_ssf = uef_max_ssf;
3779 #endif /* USE_UEF_CLIENT */
3780 #endif /* _SUN_SDK_ */
3781
3782 /* EXPORT DELETE START */
3783 /* CRYPT DELETE START */
3784 #ifdef _INTEGRATED_SOLARIS_
3785 /*
3786 * Let libsasl know that we are a "Sun" plugin so that privacy
3787 * and integrity will be allowed.
3788 */
3789 REG_PLUG("DIGEST-MD5", digestmd5_server_plugins);
3790 #endif /* _INTEGRATED_SOLARIS_ */
3791 /* CRYPT DELETE END */
3792 /* EXPORT DELETE END */
3793
3794 *out_version = SASL_SERVER_PLUG_VERSION;
3795 *pluglist = digestmd5_server_plugins;
3796 *plugcount = 1;
3797
3798 return SASL_OK;
3799 }
3800
3801 /***************************** Client Section *****************************/
3802
3803 typedef struct client_context {
3804 context_t common;
3805
3806 sasl_secret_t *password; /* user password */
3807 unsigned int free_password; /* set if we need to free password */
3808
3809 int protection;
3810 struct digest_cipher *cipher;
3811 unsigned int server_maxbuf;
3812 #ifdef _INTEGRATED_SOLARIS_
5161 static void
5162 digestmd5_client_mech_dispose(void *conn_context, const sasl_utils_t *utils)
5163 {
5164 client_context_t *ctext = (client_context_t *) conn_context;
5165
5166 if (!ctext || !utils) return;
5167
5168 #ifdef _INTEGRATED_SOLARIS_
5169 convert_prompt(utils, &ctext->h, NULL);
5170 #endif /* _INTEGRATED_SOLARIS_ */
5171
5172 if (ctext->free_password) _plug_free_secret(utils, &ctext->password);
5173
5174 digestmd5_common_mech_dispose(conn_context, utils);
5175 }
5176
5177 static sasl_client_plug_t digestmd5_client_plugins[] =
5178 {
5179 {
5180 "DIGEST-MD5",
5181 /* EXPORT DELETE START */
5182 #ifdef WITH_RC4 /* mech_name */
5183 128, /* max ssf */
5184 #elif WITH_DES
5185 112,
5186 #else
5187 /* EXPORT DELETE END */
5188 0,
5189 /* EXPORT DELETE START */
5190 #endif
5191 /* EXPORT DELETE END */
5192 SASL_SEC_NOPLAINTEXT
5193 | SASL_SEC_NOANONYMOUS
5194 | SASL_SEC_MUTUAL_AUTH, /* security_flags */
5195 SASL_FEAT_ALLOWS_PROXY, /* features */
5196 NULL, /* required_prompts */
5197 NULL, /* glob_context */
5198 &digestmd5_client_mech_new, /* mech_new */
5199 &digestmd5_client_mech_step, /* mech_step */
5200 &digestmd5_client_mech_dispose, /* mech_dispose */
5201 &digestmd5_common_mech_free, /* mech_free */
5202 NULL, /* idle */
5203 NULL, /* spare1 */
5204 NULL /* spare2 */
5205 }
5206 };
5207
5208 int digestmd5_client_plug_init(sasl_utils_t *utils,
5209 int maxversion,
5210 int *out_version,
5211 sasl_client_plug_t **pluglist,
5234 /* mutex */
5235 reauth_cache->mutex = utils->mutex_alloc();
5236 if (!reauth_cache->mutex)
5237 return SASL_FAIL;
5238
5239 /* entries */
5240 reauth_cache->size = 10;
5241 reauth_cache->e = utils->malloc(reauth_cache->size *
5242 sizeof(reauth_entry_t));
5243 if (reauth_cache->e == NULL)
5244 return SASL_NOMEM;
5245 memset(reauth_cache->e, 0, reauth_cache->size * sizeof(reauth_entry_t));
5246
5247 digestmd5_client_plugins[0].glob_context = reauth_cache;
5248 #ifdef _SUN_SDK_
5249 #ifdef USE_UEF_CLIENT
5250 digestmd5_client_plugins[0].max_ssf = uef_max_ssf;
5251 #endif /* USE_UEF_CLIENT */
5252 #endif /* _SUN_SDK_ */
5253
5254 /* EXPORT DELETE START */
5255 /* CRYPT DELETE START */
5256 #ifdef _INTEGRATED_SOLARIS_
5257 /*
5258 * Let libsasl know that we are a "Sun" plugin so that privacy
5259 * and integrity will be allowed.
5260 */
5261 REG_PLUG("DIGEST-MD5", digestmd5_client_plugins);
5262 #endif /* _INTEGRATED_SOLARIS_ */
5263 /* CRYPT DELETE END */
5264 /* EXPORT DELETE END */
5265
5266 *out_version = SASL_CLIENT_PLUG_VERSION;
5267 *pluglist = digestmd5_client_plugins;
5268 *plugcount = 1;
5269
5270 return SASL_OK;
5271 }
5272
5273 #ifdef _SUN_SDK_
5274 #ifdef USE_UEF
5275 /* If we fail here - we should just not offer privacy or integrity */
5276 static int
5277 getSlotID(const sasl_utils_t *utils, CK_MECHANISM_TYPE mech_type,
5278 CK_SLOT_ID *slot_id)
5279 {
5280 CK_RV rv;
5281 CK_ULONG ulSlotCount;
5282 CK_ULONG ulMechTypeCount;
5283 CK_SLOT_ID *pSlotList = NULL;
5284 CK_SLOT_ID slotID;
|
46 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
47 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
48 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
49 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
50 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
51 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
52 */
53
54 #include <config.h>
55
56 #include <stdlib.h>
57 #include <stdio.h>
58 #include <string.h>
59 #ifndef macintosh
60 #include <sys/types.h>
61 #include <sys/stat.h>
62 #endif
63 #include <fcntl.h>
64 #include <ctype.h>
65
66 /* DES support */
67 #ifdef WITH_DES
68 # ifdef WITH_SSL_DES
69 # include <openssl/des.h>
70 # else /* system DES library */
71 # include <des.h>
72 # endif
73 #endif /* WITH_DES */
74
75 #ifdef WIN32
76 # include <winsock.h>
77 #else /* Unix */
78 # include <netinet/in.h>
79 #endif /* WIN32 */
80
81 #ifdef _SUN_SDK_
82 #include <unistd.h>
83 #endif /* _SUN_SDK_ */
84
85 #include <sasl.h>
86 #include <saslplug.h>
87
88 #include "plugin_common.h"
89
90 #if defined _SUN_SDK_ && defined USE_UEF
91 #include <security/cryptoki.h>
92 static int uef_init(const sasl_utils_t *utils);
93 #endif /* _SUN_SDK_ && USE_UEF */
702 if (endpair[0] != ',') {
703 if (endpair[0]!='\0') {
704 *endpair++ = '\0';
705 }
706 }
707
708 endpair = skip_lws(endpair);
709
710 /* syntax check: MUST be '\0' or ',' */
711 if (endpair[0] == ',') {
712 endpair[0] = '\0';
713 endpair++; /* skipping <,> */
714 } else if (endpair[0] != '\0') {
715 *name = NULL;
716 return;
717 }
718
719 *in = endpair;
720 }
721
722 #ifdef WITH_DES
723 struct des_context_s {
724 des_key_schedule keysched; /* key schedule for des initialization */
725 des_cblock ivec; /* initial vector for encoding */
726 des_key_schedule keysched2; /* key schedule for 3des initialization */
727 };
728
729 typedef struct des_context_s des_context_t;
730
731 /* slide the first 7 bytes of 'inbuf' into the high seven bits of the
732 first 8 bytes of 'keybuf'. 'keybuf' better be 8 bytes long or longer. */
733 static void slidebits(unsigned char *keybuf, unsigned char *inbuf)
734 {
735 keybuf[0] = inbuf[0];
736 keybuf[1] = (inbuf[0]<<7) | (inbuf[1]>>1);
737 keybuf[2] = (inbuf[1]<<6) | (inbuf[2]>>2);
738 keybuf[3] = (inbuf[2]<<5) | (inbuf[3]>>3);
739 keybuf[4] = (inbuf[3]<<4) | (inbuf[4]>>4);
740 keybuf[5] = (inbuf[4]<<3) | (inbuf[5]>>5);
741 keybuf[6] = (inbuf[5]<<2) | (inbuf[6]>>6);
1169 unsigned *outputlen)
1170 {
1171 /* pad is zero */
1172 *outputlen = inputlen+10;
1173
1174 /* encrypt the text part */
1175 rc4_encrypt((rc4_context_t *) text->cipher_enc_context,
1176 input,
1177 output,
1178 inputlen);
1179
1180 /* encrypt the HMAC part */
1181 rc4_encrypt((rc4_context_t *) text->cipher_enc_context,
1182 (const char *) digest,
1183 (output)+inputlen, 10);
1184
1185 return SASL_OK;
1186 }
1187
1188 #endif /* WITH_RC4 */
1189
1190 struct digest_cipher available_ciphers[] =
1191 {
1192 #ifdef WITH_RC4
1193 { "rc4-40", 40, 5, 0x01, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
1194 { "rc4-56", 56, 7, 0x02, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
1195 { "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
1196 #endif
1197 #ifdef WITH_DES
1198 { "des", 55, 16, 0x08, &enc_des, &dec_des, &init_des, &free_des },
1199 { "3des", 112, 16, 0x10, &enc_3des, &dec_3des, &init_3des, &free_des },
1200 #endif
1201 { NULL, 0, 0, 0, NULL, NULL, NULL, NULL }
1202 };
1203
1204
1205 #ifdef USE_UEF
1206 DEFINE_STATIC_MUTEX(uef_init_mutex);
1207 #define DES_CIPHER_INDEX 3
1208 #define DES3_CIPHER_INDEX 4
1209
1210 static int got_uef_slot = FALSE;
1211 static sasl_ssf_t uef_max_ssf = 0;
1212 static CK_SLOT_ID rc4_slot_id;
1213 static CK_SLOT_ID des_slot_id;
1214 static CK_SLOT_ID des3_slot_id;
1215
1216 struct uef_context_s {
1217 CK_SESSION_HANDLE hSession;
1218 CK_OBJECT_HANDLE hKey;
1219 };
1220
3665
3666 #ifndef _SUN_SDK_
3667 return SASL_FAIL; /* should never get here */
3668 #endif /* !_SUN_SDK_ */
3669 }
3670
3671 static void
3672 digestmd5_server_mech_dispose(void *conn_context, const sasl_utils_t *utils)
3673 {
3674 server_context_t *stext = (server_context_t *) conn_context;
3675
3676 if (!stext || !utils) return;
3677
3678 digestmd5_common_mech_dispose(conn_context, utils);
3679 }
3680
3681 static sasl_server_plug_t digestmd5_server_plugins[] =
3682 {
3683 {
3684 "DIGEST-MD5", /* mech_name */
3685 #ifdef WITH_RC4
3686 128, /* max_ssf */
3687 #elif WITH_DES
3688 112,
3689 #else
3690 0,
3691 #endif
3692 SASL_SEC_NOPLAINTEXT
3693 | SASL_SEC_NOANONYMOUS
3694 | SASL_SEC_MUTUAL_AUTH, /* security_flags */
3695 SASL_FEAT_ALLOWS_PROXY, /* features */
3696 NULL, /* glob_context */
3697 &digestmd5_server_mech_new, /* mech_new */
3698 &digestmd5_server_mech_step, /* mech_step */
3699 &digestmd5_server_mech_dispose, /* mech_dispose */
3700 &digestmd5_common_mech_free, /* mech_free */
3701 NULL, /* setpass */
3702 NULL, /* user_query */
3703 NULL, /* idle */
3704 NULL, /* mech avail */
3705 NULL /* spare */
3706 }
3707 };
3708
3709 int digestmd5_server_plug_init(sasl_utils_t *utils,
3710 int maxversion,
3711 int *out_version,
3752 if (!reauth_cache->mutex)
3753 return SASL_FAIL;
3754
3755 /* entries */
3756 reauth_cache->size = 100;
3757 reauth_cache->e = utils->malloc(reauth_cache->size *
3758 sizeof(reauth_entry_t));
3759 if (reauth_cache->e == NULL)
3760 return SASL_NOMEM;
3761 memset(reauth_cache->e, 0, reauth_cache->size * sizeof(reauth_entry_t));
3762 }
3763
3764 digestmd5_server_plugins[0].glob_context = reauth_cache;
3765
3766 #ifdef _SUN_SDK_
3767 #ifdef USE_UEF_CLIENT
3768 digestmd5_server_plugins[0].max_ssf = uef_max_ssf;
3769 #endif /* USE_UEF_CLIENT */
3770 #endif /* _SUN_SDK_ */
3771
3772 #ifdef _INTEGRATED_SOLARIS_
3773 /*
3774 * Let libsasl know that we are a "Sun" plugin so that privacy
3775 * and integrity will be allowed.
3776 */
3777 REG_PLUG("DIGEST-MD5", digestmd5_server_plugins);
3778 #endif /* _INTEGRATED_SOLARIS_ */
3779
3780 *out_version = SASL_SERVER_PLUG_VERSION;
3781 *pluglist = digestmd5_server_plugins;
3782 *plugcount = 1;
3783
3784 return SASL_OK;
3785 }
3786
3787 /***************************** Client Section *****************************/
3788
3789 typedef struct client_context {
3790 context_t common;
3791
3792 sasl_secret_t *password; /* user password */
3793 unsigned int free_password; /* set if we need to free password */
3794
3795 int protection;
3796 struct digest_cipher *cipher;
3797 unsigned int server_maxbuf;
3798 #ifdef _INTEGRATED_SOLARIS_
5147 static void
5148 digestmd5_client_mech_dispose(void *conn_context, const sasl_utils_t *utils)
5149 {
5150 client_context_t *ctext = (client_context_t *) conn_context;
5151
5152 if (!ctext || !utils) return;
5153
5154 #ifdef _INTEGRATED_SOLARIS_
5155 convert_prompt(utils, &ctext->h, NULL);
5156 #endif /* _INTEGRATED_SOLARIS_ */
5157
5158 if (ctext->free_password) _plug_free_secret(utils, &ctext->password);
5159
5160 digestmd5_common_mech_dispose(conn_context, utils);
5161 }
5162
5163 static sasl_client_plug_t digestmd5_client_plugins[] =
5164 {
5165 {
5166 "DIGEST-MD5",
5167 #ifdef WITH_RC4 /* mech_name */
5168 128, /* max ssf */
5169 #elif WITH_DES
5170 112,
5171 #else
5172 0,
5173 #endif
5174 SASL_SEC_NOPLAINTEXT
5175 | SASL_SEC_NOANONYMOUS
5176 | SASL_SEC_MUTUAL_AUTH, /* security_flags */
5177 SASL_FEAT_ALLOWS_PROXY, /* features */
5178 NULL, /* required_prompts */
5179 NULL, /* glob_context */
5180 &digestmd5_client_mech_new, /* mech_new */
5181 &digestmd5_client_mech_step, /* mech_step */
5182 &digestmd5_client_mech_dispose, /* mech_dispose */
5183 &digestmd5_common_mech_free, /* mech_free */
5184 NULL, /* idle */
5185 NULL, /* spare1 */
5186 NULL /* spare2 */
5187 }
5188 };
5189
5190 int digestmd5_client_plug_init(sasl_utils_t *utils,
5191 int maxversion,
5192 int *out_version,
5193 sasl_client_plug_t **pluglist,
5216 /* mutex */
5217 reauth_cache->mutex = utils->mutex_alloc();
5218 if (!reauth_cache->mutex)
5219 return SASL_FAIL;
5220
5221 /* entries */
5222 reauth_cache->size = 10;
5223 reauth_cache->e = utils->malloc(reauth_cache->size *
5224 sizeof(reauth_entry_t));
5225 if (reauth_cache->e == NULL)
5226 return SASL_NOMEM;
5227 memset(reauth_cache->e, 0, reauth_cache->size * sizeof(reauth_entry_t));
5228
5229 digestmd5_client_plugins[0].glob_context = reauth_cache;
5230 #ifdef _SUN_SDK_
5231 #ifdef USE_UEF_CLIENT
5232 digestmd5_client_plugins[0].max_ssf = uef_max_ssf;
5233 #endif /* USE_UEF_CLIENT */
5234 #endif /* _SUN_SDK_ */
5235
5236 #ifdef _INTEGRATED_SOLARIS_
5237 /*
5238 * Let libsasl know that we are a "Sun" plugin so that privacy
5239 * and integrity will be allowed.
5240 */
5241 REG_PLUG("DIGEST-MD5", digestmd5_client_plugins);
5242 #endif /* _INTEGRATED_SOLARIS_ */
5243
5244 *out_version = SASL_CLIENT_PLUG_VERSION;
5245 *pluglist = digestmd5_client_plugins;
5246 *plugcount = 1;
5247
5248 return SASL_OK;
5249 }
5250
5251 #ifdef _SUN_SDK_
5252 #ifdef USE_UEF
5253 /* If we fail here - we should just not offer privacy or integrity */
5254 static int
5255 getSlotID(const sasl_utils_t *utils, CK_MECHANISM_TYPE mech_type,
5256 CK_SLOT_ID *slot_id)
5257 {
5258 CK_RV rv;
5259 CK_ULONG ulSlotCount;
5260 CK_ULONG ulMechTypeCount;
5261 CK_SLOT_ID *pSlotList = NULL;
5262 CK_SLOT_ID slotID;
|