Module: EventMachine::Protocols::SASLauthclient

Defined in:: lib/em/protocols/saslauth.rb

Overview

Implements the SASL authd client protocol. This is a very, very simple protocol that mimics the one used by saslauthd and pwcheck, two outboard daemons included in the standard SASL library distro. The only thing this is really suitable for is SASL PLAIN (user+password) authentication, but the SASL libs that are linked into standard servers (like imapd and sendmail) implement the other ones.

You can use this module directly as a handler for EM Connections, or include it in a module or handler class of your own.

First connect to a SASL server (it's probably a TCP server, or more likely a Unix-domain socket). Then call the #validate? method, passing at least a username and a password. #validate? returns a Deferrable which will either succeed or fail, depending on the status of the authentication operation.

Constant Summary collapse

MaxFieldSize =

128*1024

Instance Method Summary collapse

Instance Method Details

#post_init ⇒ `Object`

# File 'lib/em/protocols/saslauth.rb', line 151

def post_init
  @sasl_data = ""
  @queries = []
end

#receive_data(data) ⇒ `Object`

# File 'lib/em/protocols/saslauth.rb', line 156

def receive_data data
  @sasl_data << data

  while @sasl_data.length > 2
    len = (@sasl_data[0,2].unpack("n")).first
    raise "SASL Max Field Length exceeded" if len > MaxFieldSize
    if @sasl_data.length >= (len + 2)
      val = @sasl_data[2,len]
      @sasl_data.slice!(0...(2+len))
      q = @queries.pop
      (val == "NO") ? q.fail : q.succeed
    else
      break
    end
  end
end

#validate?(username, psw, sysname = nil, realm = nil) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/em/protocols/saslauth.rb', line 139

def validate? username, psw, sysname=nil, realm=nil

  str = [username, psw, sysname, realm].map {|m|
    [(m || "").length, (m || "")]
  }.flatten.pack( "nA*" * 4 )
  send_data str

  d = EM::DefaultDeferrable.new
  @queries.unshift d
  d
end