--- /tmp/jabberd-2.1.24.1/c2s/c2s.h 2008-04-27 02:57:20.000000000 -0700 +++ ./jabberd2/c2s/c2s.h 2009-05-26 12:44:38.000000000 -0700 @@ -35,6 +35,9 @@ # include <sys/stat.h> #endif +#include <sys/resource.h> +#include <sys/syslimits.h> + #ifdef _WIN32 #ifdef _USRDLL #define DLLEXPORT __declspec(dllexport) @@ -99,11 +102,15 @@ struct sess_st { nad_t result; int sasl_authd; /* 1 = they did a sasl auth */ + + /** Apple: session challenge for challenge-response authentication */ + char auth_challenge[65]; }; /* allowed mechanisms */ #define AR_MECH_TRAD_PLAIN (1<<0) #define AR_MECH_TRAD_DIGEST (1<<1) +#define AR_MECH_TRAD_CRAMMD5 (1<<2) struct host_st { /** our realm (SASL) */ @@ -112,6 +119,12 @@ struct host_st { /** starttls pemfile */ char *host_pemfile; + /** certificate chain */ + char *host_cachain; + + /** private key password */ + char *host_private_key_password; + /** verify-mode */ int host_verify_mode; @@ -136,6 +149,8 @@ struct c2s_st { char *router_user; char *router_pass; char *router_pemfile; + char *router_cachain; + char *router_private_key_password; /** mio context */ mio_t mio; @@ -191,6 +206,12 @@ struct c2s_st { /** encrypted port pemfile */ char *local_pemfile; + /** certificate chain */ + char *local_cachain; + + /** private key password */ + char *local_private_key_password; + /** verify-mode */ int local_verify_mode; @@ -301,6 +322,10 @@ struct authreg_st /** returns 1 if the user is permitted to authorize as the requested_user, 0 if not. requested_user is a JID */ int (*user_authz_allowed)(authreg_t ar, char *username, char *realm, char *requested_user); + + /** Apple extensions for challenge/response authentication methods */ + int (*create_challenge)(authreg_t ar, char *username, char *challenge, int maxlen); + int (*check_response)(authreg_t ar, char *username, char *realm, char *challenge, char *response); }; /** get a handle for a single module */ @@ -332,3 +357,11 @@ union xhashv char **char_val; sess_t *sess_val; }; + +/* Apple OD authentication/authorization */ +#define APPLE_ENABLE_OD_AUTH 1 + +#ifdef APPLE_ENABLE_OD_AUTH +#define APPLE_CHAT_SACL_NAME "chat" + +#endif /* APPLE_ENABLE_OD_AUTH */