2 * Copyright (C) 2006-2010 Brian Aker
5 * Use and distribution licensed under the BSD license. See
6 * the COPYING file in the parent directory for full text.
8 * Summary: interface for memcached server
9 * Description: main include file for libmemcached
14 void memcached_set_sasl_callbacks(memcached_st
*ptr
,
15 const sasl_callback_t
*callbacks
)
17 ptr
->sasl
.callbacks
= callbacks
;
18 ptr
->sasl
.is_allocated
= false;
21 const sasl_callback_t
*memcached_get_sasl_callbacks(memcached_st
*ptr
)
23 return ptr
->sasl
.callbacks
;
27 * Resolve the names for both ends of a connection
28 * @param fd socket to check
29 * @param laddr local address (out)
30 * @param raddr remote address (out)
31 * @return true on success false otherwise (errno contains more info)
33 static bool resolve_names(int fd
, char *laddr
, char *raddr
)
35 char host
[NI_MAXHOST
];
36 char port
[NI_MAXSERV
];
37 struct sockaddr_storage saddr
;
38 socklen_t salen
= sizeof(saddr
);
40 if ((getsockname(fd
, (struct sockaddr
*)&saddr
, &salen
) < 0) ||
41 (getnameinfo((struct sockaddr
*)&saddr
, salen
, host
, sizeof(host
),
42 port
, sizeof(port
), NI_NUMERICHOST
| NI_NUMERICSERV
) < 0))
47 (void)sprintf(laddr
, "%s;%s", host
, port
);
50 if ((getpeername(fd
, (struct sockaddr
*)&saddr
, &salen
) < 0) ||
51 (getnameinfo((struct sockaddr
*)&saddr
, salen
, host
, sizeof(host
),
52 port
, sizeof(port
), NI_NUMERICHOST
| NI_NUMERICSERV
) < 0))
57 (void)sprintf(raddr
, "%s;%s", host
, port
);
62 memcached_return_t
memcached_sasl_authenticate_connection(memcached_server_st
*server
)
64 memcached_return_t rc
;
66 /* SANITY CHECK: SASL can only be used with the binary protocol */
67 unlikely (!server
->root
->flags
.binary_protocol
)
68 return MEMCACHED_FAILURE
;
70 /* Try to get the supported mech from the server. Servers without SASL
71 * support will return UNKNOWN COMMAND, so we can just treat that
74 protocol_binary_request_no_extras request
= {
75 .message
.header
.request
= {
76 .magic
= PROTOCOL_BINARY_REQ
,
77 .opcode
= PROTOCOL_BINARY_CMD_SASL_LIST_MECHS
81 if (memcached_io_write(server
, request
.bytes
,
82 sizeof(request
.bytes
), 1) != sizeof(request
.bytes
))
84 return MEMCACHED_WRITE_FAILURE
;
87 memcached_server_response_increment(server
);
89 char mech
[MEMCACHED_MAX_BUFFER
];
90 rc
= memcached_response(server
, mech
, sizeof(mech
), NULL
);
91 if (rc
!= MEMCACHED_SUCCESS
)
93 if (rc
== MEMCACHED_PROTOCOL_ERROR
)
95 /* If the server doesn't support SASL it will return PROTOCOL_ERROR.
96 * This error may also be returned for other errors, but let's assume
97 * that the server don't support SASL and treat it as success and
98 * let the client fail with the next operation if the error was
99 * caused by another problem....
101 rc
= MEMCACHED_SUCCESS
;
107 /* set ip addresses */
108 char laddr
[NI_MAXHOST
+ NI_MAXSERV
];
109 char raddr
[NI_MAXHOST
+ NI_MAXSERV
];
111 unlikely (!resolve_names(server
->fd
, laddr
, raddr
))
113 server
->cached_errno
= errno
;
114 return MEMCACHED_ERRNO
;
118 int ret
= sasl_client_new("memcached", server
->hostname
, laddr
, raddr
,
119 server
->root
->sasl
.callbacks
, 0, &conn
);
122 return MEMCACHED_AUTH_PROBLEM
;
126 const char *chosenmech
;
128 ret
= sasl_client_start(conn
, mech
, NULL
, &data
, &len
, &chosenmech
);
130 if (ret
!= SASL_OK
&& ret
!= SASL_CONTINUE
)
132 rc
= MEMCACHED_AUTH_PROBLEM
;
136 uint16_t keylen
= (uint16_t)strlen(chosenmech
);
137 request
.message
.header
.request
.opcode
= PROTOCOL_BINARY_CMD_SASL_AUTH
;
138 request
.message
.header
.request
.keylen
= htons(keylen
);
139 request
.message
.header
.request
.bodylen
= htonl(len
+ keylen
);
142 /* send the packet */
144 struct __write_vector_st vector
[]=
146 { .length
= sizeof(request
.bytes
), .buffer
= request
.bytes
},
147 { .length
= keylen
, .buffer
= chosenmech
},
148 { .length
= len
, .buffer
= data
}
151 if (memcached_io_writev(server
, vector
, 3, true) == -1)
153 rc
= MEMCACHED_WRITE_FAILURE
;
156 memcached_server_response_increment(server
);
158 /* read the response */
159 rc
= memcached_response(server
, NULL
, 0, NULL
);
160 if (rc
!= MEMCACHED_AUTH_CONTINUE
)
165 ret
= sasl_client_step(conn
, memcached_result_value(&server
->root
->result
),
166 (unsigned int)memcached_result_length(&server
->root
->result
),
169 if (ret
!= SASL_OK
&& ret
!= SASL_CONTINUE
)
171 rc
= MEMCACHED_AUTH_PROBLEM
;
175 request
.message
.header
.request
.opcode
= PROTOCOL_BINARY_CMD_SASL_STEP
;
176 request
.message
.header
.request
.bodylen
= htonl(len
+ keylen
);
180 /* Release resources */
186 static int get_username(void *context
, int id
, const char **result
,
189 if (!context
|| !result
|| (id
!= SASL_CB_USER
&& id
!= SASL_CB_AUTHNAME
))
191 return SASL_BADPARAM
;
197 *len
= (unsigned int)strlen(*result
);
203 static int get_password(sasl_conn_t
*conn
, void *context
, int id
,
204 sasl_secret_t
**psecret
)
206 if (!conn
|| ! psecret
|| id
!= SASL_CB_PASS
)
208 return SASL_BADPARAM
;
216 memcached_return_t
memcached_set_sasl_auth_data(memcached_st
*ptr
,
217 const char *username
,
218 const char *password
)
220 if (ptr
== NULL
|| username
== NULL
||
221 password
== NULL
|| ptr
->sasl
.callbacks
!= NULL
)
223 return MEMCACHED_FAILURE
;
226 sasl_callback_t
*cb
= libmemcached_calloc(ptr
, 4, sizeof(sasl_callback_t
));
227 char *name
= libmemcached_malloc(ptr
, strlen(username
) + 1);
228 sasl_secret_t
*secret
= libmemcached_malloc(ptr
, strlen(password
) + 1 + sizeof(*secret
))
230 if (cb
== NULL
|| name
== NULL
|| secret
== NULL
)
232 libmemcached_free(ptr
, cb
);
233 libmemcached_free(ptr
, name
);
234 libmemcached_free(ptr
, secret
);
235 return MEMCACHED_MEMORY_ALLOCATION_FAILURE
;
238 secret
->len
= strlen(password
);
239 strcpy((void*)secret
->data
, password
);
241 cb
[0].id
= SASL_CB_USER
;
242 cb
[0].proc
= get_username
;
243 cb
[0].context
= strcpy(name
, username
);
244 cb
[1].id
= SASL_CB_AUTHNAME
;
245 cb
[1].proc
= get_username
;
247 cb
[2].id
= SASL_CB_PASS
;
248 cb
[2].proc
= get_password
;
249 cb
[2].context
= secret
;
250 cb
[3].id
= SASL_CB_LIST_END
;
252 ptr
->sasl
.callbacks
= cb
;
253 ptr
->sasl
.is_allocated
= true;
255 return MEMCACHED_SUCCESS
;
258 memcached_return_t
memcached_destroy_sasl_auth_data(memcached_st
*ptr
)
260 if (ptr
== NULL
|| ptr
->sasl
.callbacks
== NULL
)
262 return MEMCACHED_FAILURE
;
265 if (ptr
->sasl
.is_allocated
)
267 libmemcached_free(ptr
, ptr
->sasl
.callbacks
[0].context
);
268 libmemcached_free(ptr
, ptr
->sasl
.callbacks
[2].context
);
269 libmemcached_free(ptr
, (void*)ptr
->sasl
.callbacks
);
270 ptr
->sasl
.is_allocated
= false;
273 ptr
->sasl
.callbacks
= NULL
;
275 return MEMCACHED_SUCCESS
;
278 memcached_return_t
memcached_clone_sasl(memcached_st
*clone
, const memcached_st
*source
)
280 /* Hopefully we are using our own callback mechanisms.. */
281 if (source
->sasl
.callbacks
[0].id
== SASL_CB_USER
&&
282 source
->sasl
.callbacks
[0].proc
== get_username
&&
283 source
->sasl
.callbacks
[1].id
== SASL_CB_AUTHNAME
&&
284 source
->sasl
.callbacks
[1].proc
== get_username
&&
285 source
->sasl
.callbacks
[2].id
== SASL_CB_PASS
&&
286 source
->sasl
.callbacks
[2].proc
== get_password
&&
287 source
->sasl
.callbacks
[3].id
== SASL_CB_LIST_END
)
289 sasl_secret_t
*secret
= source
->sasl
.callbacks
[2].context
;
290 return memcached_set_sasl_auth_data(clone
,
291 source
->sasl
.callbacks
[0].context
,
292 (const char*)secret
->data
);
296 * But we're not. It may work if we know what the user tries to pass
297 * into the list, but if we don't know the ID we don't know how to handle
302 while (source
->sasl
.callbacks
[total
].id
!= SASL_CB_LIST_END
) {
303 switch (source
->sasl
.callbacks
[total
].id
)
306 case SASL_CB_AUTHNAME
:
310 /* I don't know how to deal with this... */
311 return MEMCACHED_NOT_SUPPORTED
;
317 sasl_callback_t
*cb
= libmemcached_calloc(clone
, total
+ 1,
318 sizeof(sasl_callback_t
));
321 return MEMCACHED_MEMORY_ALLOCATION_FAILURE
;
323 memcpy(cb
, source
->sasl
.callbacks
, (total
+ 1) * sizeof(sasl_callback_t
));
325 /* Now update the context... */
326 for (size_t x
= 0; x
< total
; ++x
)
328 if (cb
[x
].id
== SASL_CB_USER
|| cb
[x
].id
== SASL_CB_AUTHNAME
)
330 cb
[x
].context
= libmemcached_malloc(clone
, strlen(source
->sasl
.callbacks
[x
].context
));
331 if (cb
[x
].context
== NULL
)
333 /* Failed to allocate memory, clean up previously allocated memory */
334 for (size_t y
= 0; y
< x
; ++y
)
336 libmemcached_free(clone
, clone
->sasl
.callbacks
[y
].context
);
339 libmemcached_free(clone
, cb
);
340 return MEMCACHED_MEMORY_ALLOCATION_FAILURE
;
342 strcpy(cb
[x
].context
, source
->sasl
.callbacks
[x
].context
);
346 sasl_secret_t
*src
= source
->sasl
.callbacks
[x
].context
;
347 sasl_secret_t
*n
= libmemcached_malloc(clone
, src
->len
+ 1 + sizeof(*n
));
350 /* Failed to allocate memory, clean up previously allocated memory */
351 for (size_t y
= 0; y
< x
; ++y
)
353 libmemcached_free(clone
, clone
->sasl
.callbacks
[y
].context
);
356 libmemcached_free(clone
, cb
);
357 return MEMCACHED_MEMORY_ALLOCATION_FAILURE
;
359 memcpy(n
, src
, src
->len
+ 1 + sizeof(*n
));
364 clone
->sasl
.callbacks
= cb
;
365 clone
->sasl
.is_allocated
= true;
367 return MEMCACHED_SUCCESS
;