Module: EventMachine::Protocols::SASLauthclient

Defined in:: lib/protocols/saslauth.rb

Overview

Implements the SASL authd client protocol. This is a very, very simple protocol that mimics the one used by saslauthd and pwcheck, two outboard daemons included in the standard SASL library distro. The only thing this is really suitable for is SASL PLAIN (user+password) authentication, but the SASL libs that are linked into standard servers (like imapd and sendmail) implement the other ones.

You can use this module directly as a handler for EM Connections, or include it in a module or handler class of your own.

First connect to a SASL server (it’s probably a TCP server, or more likely a Unix-domain socket). Then call the #validate? method, passing at least a username and a password. #validate? returns a Deferrable which will either succeed or fail, depending on the status of the authentication operation.

Constant Summary collapse

MaxFieldSize =

128*1024

Instance Method Summary collapse

Instance Method Details

#post_init ⇒ `Object`

# File 'lib/protocols/saslauth.rb', line 153

def post_init
	@sasl_data = ""
	@queries = []
end

#receive_data(data) ⇒ `Object`

# File 'lib/protocols/saslauth.rb', line 158

def receive_data data
	@sasl_data << data

	while @sasl_data.length > 2
		len = (@sasl_data[0,2].unpack("n")).first
		raise "SASL Max Field Length exceeded" if len > MaxFieldSize
		if @sasl_data.length >= (len + 2)
			val = @sasl_data[2,len]
			@sasl_data.slice!(0...(2+len))
			q = @queries.pop
			(val == "NO") ? q.fail : q.succeed
		else
			break
		end
	end
end

#validate?(username, psw, sysname = nil, realm = nil) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/protocols/saslauth.rb', line 141

def validate? username, psw, sysname=nil, realm=nil

	str = [username, psw, sysname, realm].map {|m|
		[(m || "").length, (m || "")]
	}.flatten.pack( "nA*" * 4 )
	send_data str

	d = EM::DefaultDeferrable.new
	@queries.unshift d
	d
end