12f9606b3Saliguori /* 22f9606b3Saliguori * QEMU VNC display driver: SASL auth protocol 32f9606b3Saliguori * 42f9606b3Saliguori * Copyright (C) 2009 Red Hat, Inc 52f9606b3Saliguori * 62f9606b3Saliguori * Permission is hereby granted, free of charge, to any person obtaining a copy 72f9606b3Saliguori * of this software and associated documentation files (the "Software"), to deal 82f9606b3Saliguori * in the Software without restriction, including without limitation the rights 92f9606b3Saliguori * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 102f9606b3Saliguori * copies of the Software, and to permit persons to whom the Software is 112f9606b3Saliguori * furnished to do so, subject to the following conditions: 122f9606b3Saliguori * 132f9606b3Saliguori * The above copyright notice and this permission notice shall be included in 142f9606b3Saliguori * all copies or substantial portions of the Software. 152f9606b3Saliguori * 162f9606b3Saliguori * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 172f9606b3Saliguori * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 182f9606b3Saliguori * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 192f9606b3Saliguori * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 202f9606b3Saliguori * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 212f9606b3Saliguori * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 222f9606b3Saliguori * THE SOFTWARE. 232f9606b3Saliguori */ 242f9606b3Saliguori 252a6a4076SMarkus Armbruster #ifndef QEMU_VNC_AUTH_SASL_H 262a6a4076SMarkus Armbruster #define QEMU_VNC_AUTH_SASL_H 272f9606b3Saliguori 282f9606b3Saliguori #include <sasl/sasl.h> 292f9606b3Saliguori 302f9606b3Saliguori typedef struct VncStateSASL VncStateSASL; 3176655d6dSaliguori typedef struct VncDisplaySASL VncDisplaySASL; 3276655d6dSaliguori 33b76806d4SDaniel P. Berrange #include "authz/base.h" 342f9606b3Saliguori 352f9606b3Saliguori struct VncStateSASL { 362f9606b3Saliguori sasl_conn_t *conn; 372f9606b3Saliguori /* If we want to negotiate an SSF layer with client */ 38ee032ca1SStefan Weil bool wantSSF; 392f9606b3Saliguori /* If we are now running the SSF layer */ 40ee032ca1SStefan Weil bool runSSF; 412f9606b3Saliguori /* 422f9606b3Saliguori * If this is non-zero, then wait for that many bytes 432f9606b3Saliguori * to be written plain, before switching to SSF encoding 442f9606b3Saliguori * This allows the VNC auth result to finish being 452f9606b3Saliguori * written in plain. 462f9606b3Saliguori */ 472f9606b3Saliguori unsigned int waitWriteSSF; 482f9606b3Saliguori 492f9606b3Saliguori /* 502f9606b3Saliguori * Buffering encoded data to allow more clear data 512f9606b3Saliguori * to be stuffed onto the output buffer 522f9606b3Saliguori */ 532f9606b3Saliguori const uint8_t *encoded; 542f9606b3Saliguori unsigned int encodedLength; 558f61f1c5SDaniel P. Berrange unsigned int encodedRawLength; 562f9606b3Saliguori unsigned int encodedOffset; 572f9606b3Saliguori char *username; 582f9606b3Saliguori char *mechlist; 592f9606b3Saliguori }; 602f9606b3Saliguori 6176655d6dSaliguori struct VncDisplaySASL { 62b76806d4SDaniel P. Berrange QAuthZ *authz; 63b76806d4SDaniel P. Berrange char *authzid; 6476655d6dSaliguori }; 6576655d6dSaliguori 66*b65310abSPaolo Bonzini bool vnc_sasl_server_init(Error **errp); 672f9606b3Saliguori void vnc_sasl_client_cleanup(VncState *vs); 682f9606b3Saliguori 6930b80fd5SDaniel P. Berrange size_t vnc_client_read_sasl(VncState *vs); 7030b80fd5SDaniel P. Berrange size_t vnc_client_write_sasl(VncState *vs); 712f9606b3Saliguori 722f9606b3Saliguori void start_auth_sasl(VncState *vs); 732f9606b3Saliguori 742a6a4076SMarkus Armbruster #endif /* QEMU_VNC_AUTH_SASL_H */ 75