Print this page
first pass


 181   cmechlist = NULL;
 182 #endif /* _SUN_SDK_ */
 183 
 184   return SASL_OK;
 185 }
 186 
 187 int sasl_client_add_plugin(const char *plugname,
 188                            sasl_client_plug_init_t *entry_point)
 189 {
 190 #ifdef _SUN_SDK_
 191     return (_sasl_client_add_plugin(_sasl_gbl_ctx(), plugname, entry_point));
 192 }
 193 
 194 int _sasl_client_add_plugin(void *ctx,
 195                             const char *plugname,
 196                             sasl_client_plug_init_t *entry_point)
 197 {
 198   cmech_list_t *cmechlist;
 199 #ifdef _INTEGRATED_SOLARIS_
 200   _sasl_global_context_t *gctx = ctx == NULL ? _sasl_gbl_ctx() : ctx;
 201   /* EXPORT DELETE START */
 202   /* CRYPT DELETE START */
 203   int sun_reg;
 204   /* CRYPT DELETE END */
 205   /* EXPORT DELETE END */
 206 #endif /* _INTEGRATED_SOLARIS_ */
 207   int i;
 208   cmechanism_t *m;
 209 #endif /* _SUN_SDK_ */
 210   int plugcount;
 211   sasl_client_plug_t *pluglist;
 212   cmechanism_t *mech;
 213   int result;
 214   int version;
 215   int lupe;
 216 
 217   if(!plugname || !entry_point) return SASL_BADPARAM;
 218   
 219 #ifdef _SUN_SDK_
 220   cmechlist = gctx->cmechlist;
 221 
 222   if (cmechlist == NULL) return SASL_BADPARAM;
 223 
 224   /* Check to see if this plugin has already been registered */
 225   m = cmechlist->mech_list;
 226   for (i = 0; i < cmechlist->mech_length; i++) {
 227     if (strcmp(plugname, m->plugname) == 0) {
 228         return SASL_OK;
 229     }
 230     m = m->next;
 231   }
 232 
 233   result = LOCK_MUTEX(&client_plug_mutex);
 234   if (result != SASL_OK)
 235         return result;
 236 
 237 #endif /* _SUN_SDK_ */
 238 
 239   result = entry_point(cmechlist->utils, SASL_CLIENT_PLUG_VERSION, &version,
 240                        &pluglist, &plugcount);
 241 
 242   /* EXPORT DELETE START */
 243   /* CRYPT DELETE START */
 244 #ifdef _INTEGRATED_SOLARIS_
 245   sun_reg = _is_sun_reg(pluglist);
 246 #endif /* _INTEGRATED_SOLARIS_ */
 247   /* CRYPT DELETE END */
 248   /* EXPORT DELETE END */
 249   if (result != SASL_OK)
 250   {
 251 #ifdef _SUN_SDK_
 252     UNLOCK_MUTEX(&client_plug_mutex);
 253     __sasl_log(gctx, gctx->client_global_callbacks.callbacks, SASL_LOG_WARN,
 254               "entry_point failed in sasl_client_add_plugin for %s",
 255               plugname);
 256 #else
 257     _sasl_log(NULL, SASL_LOG_WARN,
 258               "entry_point failed in sasl_client_add_plugin for %s",
 259               plugname);
 260 #endif /* _SUN_SDK_ */
 261     return result;
 262   }
 263 
 264   if (version != SASL_CLIENT_PLUG_VERSION)
 265   {
 266 #ifdef _SUN_SDK_
 267     UNLOCK_MUTEX(&client_plug_mutex);
 268     __sasl_log(gctx, gctx->client_global_callbacks.callbacks, SASL_LOG_WARN,


 292     {
 293       mech = sasl_ALLOC(sizeof(cmechanism_t));
 294 #ifdef _SUN_SDK_
 295       if (! mech) {
 296         UNLOCK_MUTEX(&client_plug_mutex);
 297         return SASL_NOMEM;
 298       }
 299       mech->glob_context = pluglist->glob_context;
 300 #else
 301       if (! mech) return SASL_NOMEM;
 302 #endif /* _SUN_SDK_ */
 303 
 304       mech->plug=pluglist++;
 305       if(_sasl_strdup(plugname, &mech->plugname, NULL) != SASL_OK) {
 306 #ifdef _SUN_SDK_
 307         UNLOCK_MUTEX(&client_plug_mutex);
 308 #endif /* _SUN_SDK_ */
 309         sasl_FREE(mech);
 310         return SASL_NOMEM;
 311       }
 312       /* EXPORT DELETE START */
 313       /* CRYPT DELETE START */
 314 #ifdef _INTEGRATED_SOLARIS_
 315       mech->sun_reg = sun_reg;
 316 #endif /* _INTEGRATED_SOLARIS_ */
 317      /* CRYPT DELETE END */
 318      /* EXPORT DELETE END */
 319       mech->version = version;
 320       mech->next = cmechlist->mech_list;
 321       cmechlist->mech_list = mech;
 322       cmechlist->mech_length++;
 323     }
 324 #ifdef _SUN_SDK_
 325     UNLOCK_MUTEX(&client_plug_mutex);
 326 #endif /* _SUN_SDK_ */
 327 
 328   return SASL_OK;
 329 }
 330 
 331 static int
 332 client_idle(sasl_conn_t *conn)
 333 {
 334   cmechanism_t *m;
 335 #ifdef _SUN_SDK_
 336   _sasl_global_context_t *gctx = conn == NULL ? _sasl_gbl_ctx() : conn->gctx;
 337    cmech_list_t *cmechlist = gctx->cmechlist;
 338 #endif /* _SUN_SDK_ */


 826         name[place]=0;
 827 
 828         if (! place) continue;
 829 
 830         /* foreach in server list */
 831         for (m = cmechlist->mech_list; m != NULL; m = m->next) {
 832             int myflags;
 833             
 834             /* Is this the mechanism the server is suggesting? */
 835             if (strcasecmp(m->plug->mech_name, name))
 836                 continue; /* no */
 837 
 838             /* Do we have the prompts for it? */
 839             if (!have_prompts(conn, m->plug))
 840                 break;
 841 
 842             /* Is it strong enough? */
 843             if (minssf > m->plug->max_ssf)
 844                 break;
 845 
 846             /* EXPORT DELETE START */
 847             /* CRYPT DELETE START */
 848 #ifdef _INTEGRATED_SOLARIS_
 849             /* If not SUN supplied mech, it has no strength */
 850             if (minssf > 0 && !m->sun_reg)
 851                 break;
 852 #endif /* _INTEGRATED_SOLARIS_ */
 853             /* CRYPT DELETE END */
 854             /* EXPORT DELETE END */
 855 
 856             /* Does it meet our security properties? */
 857             myflags = conn->props.security_flags;
 858             
 859             /* if there's an external layer this is no longer plaintext */
 860             if ((conn->props.min_ssf <= conn->external.ssf) && 
 861                 (conn->external.ssf > 1)) {
 862                 myflags &= ~SASL_SEC_NOPLAINTEXT;
 863             }
 864 
 865             if (((myflags ^ m->plug->security_flags) & myflags) != 0) {
 866                 break;
 867             }
 868 
 869             /* Can we meet it's features? */
 870             if ((m->plug->features & SASL_FEAT_NEEDSERVERFQDN)
 871                 && !conn->serverFQDN) {
 872                 break;
 873             }
 874 
 875             /* Can it meet our features? */
 876             if ((conn->flags & SASL_NEED_PROXY) &&
 877                 !(m->plug->features & SASL_FEAT_ALLOWS_PROXY)) {
 878                 break;
 879             }
 880             
 881 #ifdef PREFER_MECH
 882             /* EXPORT DELETE START */
 883             /* CRYPT DELETE START */
 884 #ifdef _INTEGRATED_SOLARIS_
 885             if (strcasecmp(m->plug->mech_name, PREFER_MECH) &&
 886                 bestm && (m->sun_reg && m->plug->max_ssf <= bestssf) ||
 887                 (m->plug->max_ssf == 0)) {
 888 #else
 889             /* CRYPT DELETE END */
 890             /* EXPORT DELETE END */
 891             if (strcasecmp(m->plug->mech_name, PREFER_MECH) &&
 892                 bestm && m->plug->max_ssf <= bestssf) {
 893 
 894                 /* EXPORT DELETE START */
 895                 /* CRYPT DELETE START */
 896 #endif /* _INTEGRATED_SOLARIS_ */
 897                 /* CRYPT DELETE END */
 898                 /* EXPORT DELETE END */
 899 
 900                 /* this mechanism isn't our favorite, and it's no better
 901                    than what we already have! */
 902                 break;
 903             }
 904 #else
 905             /* EXPORT DELETE START */
 906             /* CRYPT DELETE START */
 907 #ifdef _INTEGRATED_SOLARIS_
 908             if (bestm && m->sun_reg && m->plug->max_ssf <= bestssf) {
 909 #else
 910             /* CRYPT DELETE END */
 911             /* EXPORT DELETE END */
 912 
 913             if (bestm && m->plug->max_ssf <= bestssf) {
 914             /* EXPORT DELETE START */
 915             /* CRYPT DELETE START */
 916 #endif /* _INTEGRATED_SOLARIS_ */
 917             /* CRYPT DELETE END */
 918             /* EXPORT DELETE END */
 919 
 920                 /* this mechanism is no better than what we already have! */
 921                 break;
 922             }
 923 #endif
 924 
 925             /* compare security flags, only take new mechanism if it has
 926              * all the security flags of the previous one.
 927              *
 928              * From the mechanisms we ship with, this yields the order:
 929              *
 930              * SRP
 931              * GSSAPI + KERBEROS_V4
 932              * DIGEST + OTP
 933              * CRAM + EXTERNAL
 934              * PLAIN + LOGIN + ANONYMOUS
 935              *
 936              * This might be improved on by comparing the numeric value of
 937              * the bitwise-or'd security flags, which splits DIGEST/OTP,
 938              * CRAM/EXTERNAL, and PLAIN/LOGIN from ANONYMOUS, but then we
 939              * are depending on the numeric values of the flags (which may
 940              * change, and their ordering could be considered dumb luck.
 941              */
 942 
 943             if (bestm &&
 944                 ((m->plug->security_flags ^ bestm->plug->security_flags) &
 945                  bestm->plug->security_flags)) {
 946                 break;
 947             }
 948 
 949             if (mech) {
 950                 *mech = m->plug->mech_name;
 951             }
 952             /* EXPORT DELETE START */
 953             /* CRYPT DELETE START */
 954 #ifdef _INTEGRATED_SOLARIS_
 955             bestssf = m->sun_reg ? m->plug->max_ssf : 0;
 956 #else
 957             /* CRYPT DELETE END */
 958             /* EXPORT DELETE END */
 959             bestssf = m->plug->max_ssf;
 960             /* EXPORT DELETE START */
 961             /* CRYPT DELETE START */
 962 #endif /* _INTEGRATED_SOLARIS_ */
 963             /* CRYPT DELETE END */
 964             /* EXPORT DELETE END */
 965             bestm = m;
 966             break;
 967         }
 968     }
 969 
 970     if (bestm == NULL) {
 971 #ifdef _INTEGRATED_SOLARIS_
 972         sasl_seterror(conn, 0, gettext("No worthy mechs found"));
 973 #else
 974         sasl_seterror(conn, 0, "No worthy mechs found");
 975 #endif /* _INTEGRATED_SOLARIS_ */
 976         result = SASL_NOMECH;
 977         goto done;
 978     }
 979 
 980     /* make (the rest of) cparams */
 981     c_conn->cparams->service = conn->service;
 982     c_conn->cparams->servicelen = strlen(conn->service);
 983     
 984     c_conn->cparams->serverFQDN = conn->serverFQDN; 
 985     c_conn->cparams->slen = strlen(conn->serverFQDN);
 986 
 987     c_conn->cparams->clientFQDN = c_conn->clientFQDN; 
 988     c_conn->cparams->clen = strlen(c_conn->clientFQDN);
 989 
 990     c_conn->cparams->external_ssf = conn->external.ssf;
 991     c_conn->cparams->props = conn->props;
 992     /* EXPORT DELETE START */
 993     /* CRYPT DELETE START */
 994 #ifdef _INTEGRATED_SOLARIS_
 995     if (!bestm->sun_reg) {
 996         c_conn->cparams->props.min_ssf = 0;
 997         c_conn->cparams->props.max_ssf = 0;
 998     }
 999     c_conn->base.sun_reg = bestm->sun_reg;
1000 #endif /* _INTEGRATED_SOLARIS_ */
1001     /* CRYPT DELETE END */
1002     /* EXPORT DELETE END */
1003     c_conn->mech = bestm;
1004 
1005     /* init that plugin */
1006 #ifdef _SUN_SDK_
1007     result = c_conn->mech->plug->mech_new(c_conn->mech->glob_context,
1008 #else
1009     result = c_conn->mech->plug->mech_new(c_conn->mech->plug->glob_context,
1010 #endif /* _SUN_SDK_ */
1011                                           c_conn->cparams,
1012                                           &(conn->context));
1013     if(result != SASL_OK) goto done;
1014 
1015     /* do a step -- but only if we can do a client-send-first */
1016  dostep:
1017     if(clientout) {
1018         if(c_conn->mech->plug->features & SASL_FEAT_SERVER_FIRST) {
1019             *clientout = NULL;
1020             *clientoutlen = 0;
1021             result = SASL_CONTINUE;
1022         } else {


1204         + 1;
1205     ret = _buf_alloc(&conn->mechlist_buf,
1206                      &conn->mechlist_buf_len, resultlen);
1207     if(ret != SASL_OK) MEMERROR(conn);
1208 
1209     if (prefix)
1210         strcpy (conn->mechlist_buf,prefix);
1211     else
1212         *(conn->mechlist_buf) = '\0';
1213 
1214     flag = 0;
1215     for (m = cmechlist->mech_list; m != NULL; m = m->next) {
1216             /* do we have the prompts for it? */
1217             if (!have_prompts(conn, m->plug))
1218                 continue;
1219 
1220             /* is it strong enough? */
1221             if (minssf > m->plug->max_ssf)
1222                 continue;
1223 
1224             /* EXPORT DELETE START */
1225             /* CRYPT DELETE START */
1226 #ifdef _INTEGRATED_SOLARIS_
1227             /* If not SUN supplied mech, it has no strength */
1228             if (minssf > 0 && !m->sun_reg)
1229                 continue;
1230 #endif /* _INTEGRATED_SOLARIS_ */
1231             /* CRYPT DELETE END */
1232             /* EXPORT DELETE END */
1233 
1234             /* does it meet our security properties? */
1235             if (((conn->props.security_flags ^ m->plug->security_flags)
1236                  & conn->props.security_flags) != 0) {
1237                 continue;
1238             }
1239 
1240             /* Can we meet it's features? */
1241             if ((m->plug->features & SASL_FEAT_NEEDSERVERFQDN)
1242                 && !conn->serverFQDN) {
1243                 continue;
1244             }
1245 
1246             /* Can it meet our features? */
1247             if ((conn->flags & SASL_NEED_PROXY) &&
1248                 !(m->plug->features & SASL_FEAT_ALLOWS_PROXY)) {
1249                 break;
1250             }
1251 
1252             /* Okay, we like it, add it to the list! */




 181   cmechlist = NULL;
 182 #endif /* _SUN_SDK_ */
 183 
 184   return SASL_OK;
 185 }
 186 
 187 int sasl_client_add_plugin(const char *plugname,
 188                            sasl_client_plug_init_t *entry_point)
 189 {
 190 #ifdef _SUN_SDK_
 191     return (_sasl_client_add_plugin(_sasl_gbl_ctx(), plugname, entry_point));
 192 }
 193 
 194 int _sasl_client_add_plugin(void *ctx,
 195                             const char *plugname,
 196                             sasl_client_plug_init_t *entry_point)
 197 {
 198   cmech_list_t *cmechlist;
 199 #ifdef _INTEGRATED_SOLARIS_
 200   _sasl_global_context_t *gctx = ctx == NULL ? _sasl_gbl_ctx() : ctx;


 201   int sun_reg;


 202 #endif /* _INTEGRATED_SOLARIS_ */
 203   int i;
 204   cmechanism_t *m;
 205 #endif /* _SUN_SDK_ */
 206   int plugcount;
 207   sasl_client_plug_t *pluglist;
 208   cmechanism_t *mech;
 209   int result;
 210   int version;
 211   int lupe;
 212 
 213   if(!plugname || !entry_point) return SASL_BADPARAM;
 214   
 215 #ifdef _SUN_SDK_
 216   cmechlist = gctx->cmechlist;
 217 
 218   if (cmechlist == NULL) return SASL_BADPARAM;
 219 
 220   /* Check to see if this plugin has already been registered */
 221   m = cmechlist->mech_list;
 222   for (i = 0; i < cmechlist->mech_length; i++) {
 223     if (strcmp(plugname, m->plugname) == 0) {
 224         return SASL_OK;
 225     }
 226     m = m->next;
 227   }
 228 
 229   result = LOCK_MUTEX(&client_plug_mutex);
 230   if (result != SASL_OK)
 231         return result;
 232 
 233 #endif /* _SUN_SDK_ */
 234 
 235   result = entry_point(cmechlist->utils, SASL_CLIENT_PLUG_VERSION, &version,
 236                        &pluglist, &plugcount);
 237 


 238 #ifdef _INTEGRATED_SOLARIS_
 239   sun_reg = _is_sun_reg(pluglist);
 240 #endif /* _INTEGRATED_SOLARIS_ */


 241   if (result != SASL_OK)
 242   {
 243 #ifdef _SUN_SDK_
 244     UNLOCK_MUTEX(&client_plug_mutex);
 245     __sasl_log(gctx, gctx->client_global_callbacks.callbacks, SASL_LOG_WARN,
 246               "entry_point failed in sasl_client_add_plugin for %s",
 247               plugname);
 248 #else
 249     _sasl_log(NULL, SASL_LOG_WARN,
 250               "entry_point failed in sasl_client_add_plugin for %s",
 251               plugname);
 252 #endif /* _SUN_SDK_ */
 253     return result;
 254   }
 255 
 256   if (version != SASL_CLIENT_PLUG_VERSION)
 257   {
 258 #ifdef _SUN_SDK_
 259     UNLOCK_MUTEX(&client_plug_mutex);
 260     __sasl_log(gctx, gctx->client_global_callbacks.callbacks, SASL_LOG_WARN,


 284     {
 285       mech = sasl_ALLOC(sizeof(cmechanism_t));
 286 #ifdef _SUN_SDK_
 287       if (! mech) {
 288         UNLOCK_MUTEX(&client_plug_mutex);
 289         return SASL_NOMEM;
 290       }
 291       mech->glob_context = pluglist->glob_context;
 292 #else
 293       if (! mech) return SASL_NOMEM;
 294 #endif /* _SUN_SDK_ */
 295 
 296       mech->plug=pluglist++;
 297       if(_sasl_strdup(plugname, &mech->plugname, NULL) != SASL_OK) {
 298 #ifdef _SUN_SDK_
 299         UNLOCK_MUTEX(&client_plug_mutex);
 300 #endif /* _SUN_SDK_ */
 301         sasl_FREE(mech);
 302         return SASL_NOMEM;
 303       }


 304 #ifdef _INTEGRATED_SOLARIS_
 305       mech->sun_reg = sun_reg;
 306 #endif /* _INTEGRATED_SOLARIS_ */


 307       mech->version = version;
 308       mech->next = cmechlist->mech_list;
 309       cmechlist->mech_list = mech;
 310       cmechlist->mech_length++;
 311     }
 312 #ifdef _SUN_SDK_
 313     UNLOCK_MUTEX(&client_plug_mutex);
 314 #endif /* _SUN_SDK_ */
 315 
 316   return SASL_OK;
 317 }
 318 
 319 static int
 320 client_idle(sasl_conn_t *conn)
 321 {
 322   cmechanism_t *m;
 323 #ifdef _SUN_SDK_
 324   _sasl_global_context_t *gctx = conn == NULL ? _sasl_gbl_ctx() : conn->gctx;
 325    cmech_list_t *cmechlist = gctx->cmechlist;
 326 #endif /* _SUN_SDK_ */


 814         name[place]=0;
 815 
 816         if (! place) continue;
 817 
 818         /* foreach in server list */
 819         for (m = cmechlist->mech_list; m != NULL; m = m->next) {
 820             int myflags;
 821             
 822             /* Is this the mechanism the server is suggesting? */
 823             if (strcasecmp(m->plug->mech_name, name))
 824                 continue; /* no */
 825 
 826             /* Do we have the prompts for it? */
 827             if (!have_prompts(conn, m->plug))
 828                 break;
 829 
 830             /* Is it strong enough? */
 831             if (minssf > m->plug->max_ssf)
 832                 break;
 833 


 834 #ifdef _INTEGRATED_SOLARIS_
 835             /* If not SUN supplied mech, it has no strength */
 836             if (minssf > 0 && !m->sun_reg)
 837                 break;
 838 #endif /* _INTEGRATED_SOLARIS_ */


 839 
 840             /* Does it meet our security properties? */
 841             myflags = conn->props.security_flags;
 842             
 843             /* if there's an external layer this is no longer plaintext */
 844             if ((conn->props.min_ssf <= conn->external.ssf) && 
 845                 (conn->external.ssf > 1)) {
 846                 myflags &= ~SASL_SEC_NOPLAINTEXT;
 847             }
 848 
 849             if (((myflags ^ m->plug->security_flags) & myflags) != 0) {
 850                 break;
 851             }
 852 
 853             /* Can we meet it's features? */
 854             if ((m->plug->features & SASL_FEAT_NEEDSERVERFQDN)
 855                 && !conn->serverFQDN) {
 856                 break;
 857             }
 858 
 859             /* Can it meet our features? */
 860             if ((conn->flags & SASL_NEED_PROXY) &&
 861                 !(m->plug->features & SASL_FEAT_ALLOWS_PROXY)) {
 862                 break;
 863             }
 864             
 865 #ifdef PREFER_MECH


 866 #ifdef _INTEGRATED_SOLARIS_
 867             if (strcasecmp(m->plug->mech_name, PREFER_MECH) &&
 868                 bestm && (m->sun_reg && m->plug->max_ssf <= bestssf) ||
 869                 (m->plug->max_ssf == 0)) {
 870 #else


 871             if (strcasecmp(m->plug->mech_name, PREFER_MECH) &&
 872                 bestm && m->plug->max_ssf <= bestssf) {



 873 #endif /* _INTEGRATED_SOLARIS_ */


 874 
 875                 /* this mechanism isn't our favorite, and it's no better
 876                    than what we already have! */
 877                 break;
 878             }
 879 #else


 880 #ifdef _INTEGRATED_SOLARIS_
 881             if (bestm && m->sun_reg && m->plug->max_ssf <= bestssf) {
 882 #else


 883 
 884             if (bestm && m->plug->max_ssf <= bestssf) {


 885 #endif /* _INTEGRATED_SOLARIS_ */


 886 
 887                 /* this mechanism is no better than what we already have! */
 888                 break;
 889             }
 890 #endif
 891 
 892             /* compare security flags, only take new mechanism if it has
 893              * all the security flags of the previous one.
 894              *
 895              * From the mechanisms we ship with, this yields the order:
 896              *
 897              * SRP
 898              * GSSAPI + KERBEROS_V4
 899              * DIGEST + OTP
 900              * CRAM + EXTERNAL
 901              * PLAIN + LOGIN + ANONYMOUS
 902              *
 903              * This might be improved on by comparing the numeric value of
 904              * the bitwise-or'd security flags, which splits DIGEST/OTP,
 905              * CRAM/EXTERNAL, and PLAIN/LOGIN from ANONYMOUS, but then we
 906              * are depending on the numeric values of the flags (which may
 907              * change, and their ordering could be considered dumb luck.
 908              */
 909 
 910             if (bestm &&
 911                 ((m->plug->security_flags ^ bestm->plug->security_flags) &
 912                  bestm->plug->security_flags)) {
 913                 break;
 914             }
 915 
 916             if (mech) {
 917                 *mech = m->plug->mech_name;
 918             }


 919 #ifdef _INTEGRATED_SOLARIS_
 920             bestssf = m->sun_reg ? m->plug->max_ssf : 0;
 921 #else


 922             bestssf = m->plug->max_ssf;


 923 #endif /* _INTEGRATED_SOLARIS_ */


 924             bestm = m;
 925             break;
 926         }
 927     }
 928 
 929     if (bestm == NULL) {
 930 #ifdef _INTEGRATED_SOLARIS_
 931         sasl_seterror(conn, 0, gettext("No worthy mechs found"));
 932 #else
 933         sasl_seterror(conn, 0, "No worthy mechs found");
 934 #endif /* _INTEGRATED_SOLARIS_ */
 935         result = SASL_NOMECH;
 936         goto done;
 937     }
 938 
 939     /* make (the rest of) cparams */
 940     c_conn->cparams->service = conn->service;
 941     c_conn->cparams->servicelen = strlen(conn->service);
 942     
 943     c_conn->cparams->serverFQDN = conn->serverFQDN; 
 944     c_conn->cparams->slen = strlen(conn->serverFQDN);
 945 
 946     c_conn->cparams->clientFQDN = c_conn->clientFQDN; 
 947     c_conn->cparams->clen = strlen(c_conn->clientFQDN);
 948 
 949     c_conn->cparams->external_ssf = conn->external.ssf;
 950     c_conn->cparams->props = conn->props;


 951 #ifdef _INTEGRATED_SOLARIS_
 952     if (!bestm->sun_reg) {
 953         c_conn->cparams->props.min_ssf = 0;
 954         c_conn->cparams->props.max_ssf = 0;
 955     }
 956     c_conn->base.sun_reg = bestm->sun_reg;
 957 #endif /* _INTEGRATED_SOLARIS_ */


 958     c_conn->mech = bestm;
 959 
 960     /* init that plugin */
 961 #ifdef _SUN_SDK_
 962     result = c_conn->mech->plug->mech_new(c_conn->mech->glob_context,
 963 #else
 964     result = c_conn->mech->plug->mech_new(c_conn->mech->plug->glob_context,
 965 #endif /* _SUN_SDK_ */
 966                                           c_conn->cparams,
 967                                           &(conn->context));
 968     if(result != SASL_OK) goto done;
 969 
 970     /* do a step -- but only if we can do a client-send-first */
 971  dostep:
 972     if(clientout) {
 973         if(c_conn->mech->plug->features & SASL_FEAT_SERVER_FIRST) {
 974             *clientout = NULL;
 975             *clientoutlen = 0;
 976             result = SASL_CONTINUE;
 977         } else {


1159         + 1;
1160     ret = _buf_alloc(&conn->mechlist_buf,
1161                      &conn->mechlist_buf_len, resultlen);
1162     if(ret != SASL_OK) MEMERROR(conn);
1163 
1164     if (prefix)
1165         strcpy (conn->mechlist_buf,prefix);
1166     else
1167         *(conn->mechlist_buf) = '\0';
1168 
1169     flag = 0;
1170     for (m = cmechlist->mech_list; m != NULL; m = m->next) {
1171             /* do we have the prompts for it? */
1172             if (!have_prompts(conn, m->plug))
1173                 continue;
1174 
1175             /* is it strong enough? */
1176             if (minssf > m->plug->max_ssf)
1177                 continue;
1178 


1179 #ifdef _INTEGRATED_SOLARIS_
1180             /* If not SUN supplied mech, it has no strength */
1181             if (minssf > 0 && !m->sun_reg)
1182                 continue;
1183 #endif /* _INTEGRATED_SOLARIS_ */


1184 
1185             /* does it meet our security properties? */
1186             if (((conn->props.security_flags ^ m->plug->security_flags)
1187                  & conn->props.security_flags) != 0) {
1188                 continue;
1189             }
1190 
1191             /* Can we meet it's features? */
1192             if ((m->plug->features & SASL_FEAT_NEEDSERVERFQDN)
1193                 && !conn->serverFQDN) {
1194                 continue;
1195             }
1196 
1197             /* Can it meet our features? */
1198             if ((conn->flags & SASL_NEED_PROXY) &&
1199                 !(m->plug->features & SASL_FEAT_ALLOWS_PROXY)) {
1200                 break;
1201             }
1202 
1203             /* Okay, we like it, add it to the list! */