c2s.h.patch   [plain text]

--- /tmp/jabberd-2.1.24.1/c2s/c2s.h	2008-04-27 02:57:20.000000000 -0700
+++ ./jabberd2/c2s/c2s.h	2009-05-26 12:44:38.000000000 -0700
@@ -35,6 +35,9 @@
 # include <sys/stat.h>
 #endif
 
+#include <sys/resource.h>
+#include <sys/syslimits.h>
+
 #ifdef _WIN32
   #ifdef _USRDLL
     #define DLLEXPORT  __declspec(dllexport)
@@ -99,11 +102,15 @@ struct sess_st {
     nad_t               result;
 
     int                 sasl_authd;     /* 1 = they did a sasl auth */
+
+    /** Apple: session challenge for challenge-response authentication */
+    char                auth_challenge[65];
 };
 
 /* allowed mechanisms */
 #define AR_MECH_TRAD_PLAIN      (1<<0)
 #define AR_MECH_TRAD_DIGEST     (1<<1)
+#define AR_MECH_TRAD_CRAMMD5    (1<<2)
 
 struct host_st {
     /** our realm (SASL) */
@@ -112,6 +119,12 @@ struct host_st {
     /** starttls pemfile */
     char                *host_pemfile;
 
+    /** certificate chain */
+    char                *host_cachain;
+
+    /** private key password */
+    char                *host_private_key_password;
+
     /** verify-mode  */
     int                 host_verify_mode;
 
@@ -136,6 +149,8 @@ struct c2s_st {
     char                *router_user;
     char                *router_pass;
     char                *router_pemfile;
+    char                *router_cachain;
+    char                *router_private_key_password;
 
     /** mio context */
     mio_t               mio;
@@ -191,6 +206,12 @@ struct c2s_st {
     /** encrypted port pemfile */
     char                *local_pemfile;
 
+    /** certificate chain */
+    char                *local_cachain;
+
+    /** private key password */
+    char                *local_private_key_password;
+
     /** verify-mode  */
     int                 local_verify_mode;
 
@@ -301,6 +322,10 @@ struct authreg_st
 
     /** returns 1 if the user is permitted to authorize as the requested_user, 0 if not. requested_user is a JID */
     int               (*user_authz_allowed)(authreg_t ar, char *username, char *realm, char *requested_user);
+
+    /** Apple extensions for challenge/response authentication methods */
+    int         (*create_challenge)(authreg_t ar, char *username, char *challenge, int maxlen);
+    int         (*check_response)(authreg_t ar, char *username, char *realm, char *challenge, char *response);
 };
 
 /** get a handle for a single module */
@@ -332,3 +357,11 @@ union xhashv
   char **char_val;
   sess_t *sess_val;
 };
+
+/* Apple OD authentication/authorization */
+#define APPLE_ENABLE_OD_AUTH 1
+
+#ifdef APPLE_ENABLE_OD_AUTH
+#define APPLE_CHAT_SACL_NAME "chat"
+
+#endif /* APPLE_ENABLE_OD_AUTH */