server: add SASL support

We introduce 2 public functions to integrate with the library user.

spice_server_set_sasl() - turn on SASL
spice_server_set_sasl_appname() - specify the name of the app (It is
used for where to find the default configuration file)

The patch for QEMU is on its way.

https://bugs.freedesktop.org/show_bug.cgi?id=34795

1 files changed, 39 insertions, 0 deletions

diff --git a/server/reds.h b/server/reds.h
index f0276b12..485d9eb4 100644
--- a/server/reds.h
+++ b/server/reds.h
@@ -18,10 +18,16 @@
 #ifndef _H_REDS
 #define _H_REDS
 
+#include "config.h"
+
 #include <stdint.h>
 #include <openssl/ssl.h>
 #include <sys/uio.h>
 #include <spice/vd_agent.h>
+#if HAVE_SASL
+#include <sasl/sasl.h>
+#endif
+
 #include "common/marshaller.h"
 #include "common/messages.h"
 #include "spice.h"
@@ -30,6 +36,35 @@
 
 typedef struct RedsStream RedsStream;
 
+#if HAVE_SASL
+typedef struct RedsSASL {
+    sasl_conn_t *conn;
+
+    /* If we want to negotiate an SSF layer with client */
+    int wantSSF :1;
+    /* If we are now running the SSF layer */
+    int runSSF :1;
+
+    /*
+     * Buffering encoded data to allow more clear data
+     * to be stuffed onto the output buffer
+     */
+    const uint8_t *encoded;
+    unsigned int encodedLength;
+    unsigned int encodedOffset;
+
+    SpiceBuffer inbuffer;
+
+    char *username;
+    char *mechlist;
+    char *mechname;
+
+    /* temporary data during authentication */
+    unsigned int len;
+    char *data;
+} RedsSASL;
+#endif
+
 struct RedsStream {
     int socket;
     SpiceWatch *watch;
@@ -39,6 +74,10 @@ struct RedsStream {
     int shutdown;
     SSL *ssl;
 
+#if HAVE_SASL
+    RedsSASL sasl;
+#endif
+
     SpiceChannelEventInfo info;
 
     /* private */