Implement SASL ANONYMOUS on the server side

Fixes #11.
This commit is contained in:
Emmanuel Gil Peyrot 2021-12-25 16:15:08 +01:00
parent 6e22c0fcb4
commit 3a802eb193
3 changed files with 40 additions and 0 deletions

View file

@ -0,0 +1,28 @@
use crate::common::Identity;
use crate::server::{Mechanism, MechanismError, Response};
use getrandom::getrandom;
pub struct Anonymous;
impl Anonymous {
pub fn new() -> Anonymous {
Anonymous
}
}
impl Mechanism for Anonymous {
fn name(&self) -> &str {
"ANONYMOUS"
}
fn respond(&mut self, payload: &[u8]) -> Result<Response, MechanismError> {
if !payload.is_empty() {
return Err(MechanismError::FailedToDecodeMessage);
}
let mut rand = [0u8; 16];
getrandom(&mut rand)?;
let username = format!("{:02x?}", rand);
let ident = Identity::Username(username);
Ok(Response::Success(ident, Vec::new()))
}
}

View file

@ -1,7 +1,9 @@
mod anonymous;
mod plain; mod plain;
#[cfg(feature = "scram")] #[cfg(feature = "scram")]
mod scram; mod scram;
pub use self::anonymous::Anonymous;
pub use self::plain::Plain; pub use self::plain::Plain;
#[cfg(feature = "scram")] #[cfg(feature = "scram")]
pub use self::scram::Scram; pub use self::scram::Scram;

View file

@ -62,6 +62,7 @@ pub enum MechanismError {
CannotDecodeResponse, CannotDecodeResponse,
InvalidKeyLength(hmac::digest::InvalidLength), InvalidKeyLength(hmac::digest::InvalidLength),
RandomFailure(getrandom::Error),
NoProof, NoProof,
CannotDecodeProof, CannotDecodeProof,
AuthenticationFailed, AuthenticationFailed,
@ -98,6 +99,12 @@ impl From<hmac::digest::InvalidLength> for MechanismError {
} }
} }
impl From<getrandom::Error> for MechanismError {
fn from(err: getrandom::Error) -> MechanismError {
MechanismError::RandomFailure(err)
}
}
impl fmt::Display for ProviderError { impl fmt::Display for ProviderError {
fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result { fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
write!(fmt, "provider error") write!(fmt, "provider error")
@ -139,6 +146,9 @@ impl fmt::Display for MechanismError {
MechanismError::CannotDecodeResponse => write!(fmt, "cant decode response"), MechanismError::CannotDecodeResponse => write!(fmt, "cant decode response"),
MechanismError::InvalidKeyLength(err) => write!(fmt, "invalid key length: {}", err), MechanismError::InvalidKeyLength(err) => write!(fmt, "invalid key length: {}", err),
MechanismError::RandomFailure(err) => {
write!(fmt, "failure to get random data: {}", err)
}
MechanismError::NoProof => write!(fmt, "no proof"), MechanismError::NoProof => write!(fmt, "no proof"),
MechanismError::CannotDecodeProof => write!(fmt, "cant decode proof"), MechanismError::CannotDecodeProof => write!(fmt, "cant decode proof"),
MechanismError::AuthenticationFailed => write!(fmt, "authentication failed"), MechanismError::AuthenticationFailed => write!(fmt, "authentication failed"),