gsasl  1.10.0
About: GNU SASL is an implementation of the Simple Authentication and Security Layer (SASL). Development version.
  Fossies Dox: gsasl-1.10.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

gsasl.h
Go to the documentation of this file.
1 /* gsasl.h --- Header file for GNU SASL Library.
2  * Copyright (C) 2002-2021 Simon Josefsson
3  *
4  * This file is part of GNU SASL Library.
5  *
6  * GNU SASL Library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public License
8  * as published by the Free Software Foundation; either version 2.1 of
9  * the License, or (at your option) any later version.
10  *
11  * GNU SASL Library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License License along with GNU SASL Library; if not, write to the
18  * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
19  * Boston, MA 02110-1301, USA.
20  *
21  */
22 
23 #ifndef GSASL_H
24 #define GSASL_H
25 
26 #include <stdio.h> /* FILE */
27 #include <stddef.h> /* size_t */
28 #include <unistd.h> /* ssize_t */
29 
30 #ifndef GSASL_API
31 #if defined GSASL_BUILDING && defined HAVE_VISIBILITY && HAVE_VISIBILITY
32 #define GSASL_API __attribute__((__visibility__("default")))
33 #elif defined GSASL_BUILDING && defined _MSC_VER && ! defined GSASL_STATIC
34 #define GSASL_API __declspec(dllexport)
35 #elif defined _MSC_VER && ! defined GSASL_STATIC
36 #define GSASL_API __declspec(dllimport)
37 #else
38 #define GSASL_API
39 #endif
40 #endif
41 
42 #ifdef __cplusplus
43 extern "C"
44 {
45 #endif
46 
47  /**
48  * GSASL_VERSION
49  *
50  * Pre-processor symbol with a string that describe the header file
51  * version number. Used together with gsasl_check_version() to
52  * verify header file and run-time library consistency.
53  */
54 #define GSASL_VERSION "1.10.0"
55 
56  /**
57  * GSASL_VERSION_MAJOR
58  *
59  * Pre-processor symbol with a decimal value that describe the major
60  * level of the header file version number. For example, when the
61  * header version is 1.2.3 this symbol will be 1.
62  *
63  * Since: 1.1
64  */
65 #define GSASL_VERSION_MAJOR 1
66 
67  /**
68  * GSASL_VERSION_MINOR
69  *
70  * Pre-processor symbol with a decimal value that describe the minor
71  * level of the header file version number. For example, when the
72  * header version is 1.2.3 this symbol will be 2.
73  *
74  * Since: 1.1
75  */
76 #define GSASL_VERSION_MINOR 10
77 
78  /**
79  * GSASL_VERSION_PATCH
80  *
81  * Pre-processor symbol with a decimal value that describe the patch
82  * level of the header file version number. For example, when the
83  * header version is 1.2.3 this symbol will be 3.
84  *
85  * Since: 1.1
86  */
87 #define GSASL_VERSION_PATCH 0
88 
89  /**
90  * GSASL_VERSION_NUMBER
91  *
92  * Pre-processor symbol with a hexadecimal value describing the
93  * header file version number. For example, when the header version
94  * is 1.2.3 this symbol will have the value 0x010203.
95  *
96  * Since: 1.1
97  */
98 #define GSASL_VERSION_NUMBER 0x010a00
99 
100  /* RFC 2222: SASL mechanisms are named by strings, from 1 to 20
101  * characters in length, consisting of upper-case letters, digits,
102  * hyphens, and/or underscores. SASL mechanism names must be
103  * registered with the IANA.
104  */
105  enum
106  {
109  };
111 
112  /**
113  * Gsasl_rc:
114  * @GSASL_OK: Successful return code, guaranteed to be always 0.
115  * @GSASL_NEEDS_MORE: Mechanism expects another round-trip.
116  * @GSASL_UNKNOWN_MECHANISM: Application requested an unknown mechanism.
117  * @GSASL_MECHANISM_CALLED_TOO_MANY_TIMES: Application requested too
118  * many round trips from mechanism.
119  * @GSASL_MALLOC_ERROR: Memory allocation failed.
120  * @GSASL_BASE64_ERROR: Base64 encoding/decoding failed.
121  * @GSASL_CRYPTO_ERROR: Cryptographic error.
122  * @GSASL_SASLPREP_ERROR: Failed to prepare internationalized string.
123  * @GSASL_MECHANISM_PARSE_ERROR: Mechanism could not parse input.
124  * @GSASL_AUTHENTICATION_ERROR: Authentication has failed.
125  * @GSASL_INTEGRITY_ERROR: Application data integrity check failed.
126  * @GSASL_NO_CLIENT_CODE: Library was built with client functionality.
127  * @GSASL_NO_SERVER_CODE: Library was built with server functionality.
128  * @GSASL_NO_CALLBACK: Application did not provide a callback.
129  * @GSASL_NO_ANONYMOUS_TOKEN: Could not get required anonymous token.
130  * @GSASL_NO_AUTHID: Could not get required authentication
131  * identity (username).
132  * @GSASL_NO_AUTHZID: Could not get required authorization identity.
133  * @GSASL_NO_PASSWORD: Could not get required password.
134  * @GSASL_NO_PASSCODE: Could not get required SecurID PIN.
135  * @GSASL_NO_PIN: Could not get required SecurID PIN.
136  * @GSASL_NO_SERVICE: Could not get required service name.
137  * @GSASL_NO_HOSTNAME: Could not get required hostname.
138  * @GSASL_NO_CB_TLS_UNIQUE: Could not get required tls-unique CB.
139  * @GSASL_NO_SAML20_IDP_IDENTIFIER: Could not get required SAML IdP.
140  * @GSASL_NO_SAML20_REDIRECT_URL: Could not get required SAML
141  * redirect URL.
142  * @GSASL_NO_OPENID20_REDIRECT_URL: Could not get required OpenID
143  * redirect URL.
144  * @GSASL_GSSAPI_RELEASE_BUFFER_ERROR: GSS-API library call error.
145  * @GSASL_GSSAPI_IMPORT_NAME_ERROR: GSS-API library call error.
146  * @GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR: GSS-API library call error.
147  * @GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR: GSS-API library call error.
148  * @GSASL_GSSAPI_UNWRAP_ERROR: GSS-API library call error.
149  * @GSASL_GSSAPI_WRAP_ERROR: GSS-API library call error.
150  * @GSASL_GSSAPI_ACQUIRE_CRED_ERROR: GSS-API library call error.
151  * @GSASL_GSSAPI_DISPLAY_NAME_ERROR: GSS-API library call error.
152  * @GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR: An unsupported
153  * quality-of-protection layer was requeted.
154  * @GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR: GSS-API library call error.
155  * @GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR: GSS-API library call error.
156  * @GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR: GSS-API library call error.
157  * @GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR: GSS-API library call error.
158  * @GSASL_GSSAPI_RELEASE_OID_SET_ERROR: GSS-API library call error.
159  * @GSASL_KERBEROS_V5_INIT_ERROR: Init error in KERBEROS_V5.
160  * @GSASL_KERBEROS_V5_INTERNAL_ERROR: General error in KERBEROS_V5.
161  * @GSASL_SHISHI_ERROR: Same as %GSASL_KERBEROS_V5_INTERNAL_ERROR.
162  * @GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE: SecurID mechanism
163  * needs an additional passcode.
164  * @GSASL_SECURID_SERVER_NEED_NEW_PIN: SecurID mechanism
165  * needs an new PIN.
166  *
167  * Error codes for library functions.
168  */
169  typedef enum
170  {
171  GSASL_OK = 0,
197  /* Mechanism specific errors. */
217  /* When adding new values, note that integers are not necessarily
218  assigned monotonously increasingly. */
220 
221  /**
222  * Gsasl_qop:
223  * @GSASL_QOP_AUTH: Authentication only.
224  * @GSASL_QOP_AUTH_INT: Authentication and integrity.
225  * @GSASL_QOP_AUTH_CONF: Authentication, integrity and confidentiality.
226  *
227  * Quality of Protection types (DIGEST-MD5 and GSSAPI). The
228  * integrity and confidentiality values is about application data
229  * wrapping. We recommend that you use @GSASL_QOP_AUTH with TLS as
230  * that combination is generally more secure and have better chance
231  * of working than the integrity/confidentiality layers of SASL.
232  */
233  typedef enum
234  {
239 
240  /**
241  * Gsasl_cipher:
242  * @GSASL_CIPHER_DES: Cipher DES.
243  * @GSASL_CIPHER_3DES: Cipher 3DES.
244  * @GSASL_CIPHER_RC4: Cipher RC4.
245  * @GSASL_CIPHER_RC4_40: Cipher RC4 with 40-bit keys.
246  * @GSASL_CIPHER_RC4_56: Cipher RC4 with 56-bit keys.
247  * @GSASL_CIPHER_AES: Cipher AES.
248  *
249  * Encryption types (DIGEST-MD5) for confidentiality services of
250  * application data. We recommend that you use TLS instead as it is
251  * generally more secure and have better chance of working.
252  */
253  typedef enum
254  {
260  GSASL_CIPHER_AES = 32
262 
263  /**
264  * Gsasl_saslprep_flags:
265  * @GSASL_ALLOW_UNASSIGNED: Allow unassigned code points.
266  *
267  * Flags for the SASLprep function, see gsasl_saslprep(). For
268  * background, see the GNU Libidn documentation.
269  */
270  typedef enum
271  {
274 
275  /**
276  * Gsasl:
277  *
278  * Handle to global library context.
279  */
280  typedef struct Gsasl Gsasl;
281 
282  /**
283  * Gsasl_session:
284  *
285  * Handle to SASL session context.
286  */
287  typedef struct Gsasl_session Gsasl_session;
288 
289  /**
290  * Gsasl_property:
291  * @GSASL_AUTHID: Authentication identity (username).
292  * @GSASL_AUTHZID: Authorization identity.
293  * @GSASL_PASSWORD: Password.
294  * @GSASL_ANONYMOUS_TOKEN: Anonymous identifier.
295  * @GSASL_SERVICE: Service name
296  * @GSASL_HOSTNAME: Host name.
297  * @GSASL_GSSAPI_DISPLAY_NAME: GSS-API credential principal name.
298  * @GSASL_PASSCODE: SecurID passcode.
299  * @GSASL_SUGGESTED_PIN: SecurID suggested PIN.
300  * @GSASL_PIN: SecurID PIN.
301  * @GSASL_REALM: User realm.
302  * @GSASL_DIGEST_MD5_HASHED_PASSWORD: Pre-computed hashed DIGEST-MD5
303  * password, to avoid storing passwords in the clear.
304  * @GSASL_QOPS: Set of quality-of-protection values.
305  * @GSASL_QOP: Quality-of-protection value.
306  * @GSASL_SCRAM_ITER: Number of iterations in password-to-key hashing.
307  * @GSASL_SCRAM_SALT: Salt for password-to-key hashing.
308  * @GSASL_SCRAM_SALTED_PASSWORD: Hex-encoded hashed/salted password.
309  * @GSASL_SCRAM_SERVERKEY: Hex-encoded SCRAM ServerKey derived
310  * from users' passowrd.
311  * @GSASL_SCRAM_STOREDKEY: Hex-encoded SCRAM StoredKey derived
312  * from users' passowrd.
313  * @GSASL_CB_TLS_UNIQUE: Base64 encoded tls-unique channel binding.
314  * @GSASL_SAML20_IDP_IDENTIFIER: SAML20 user IdP URL.
315  * @GSASL_SAML20_REDIRECT_URL: SAML 2.0 URL to access in browser.
316  * @GSASL_OPENID20_REDIRECT_URL: OpenID 2.0 URL to access in browser.
317  * @GSASL_OPENID20_OUTCOME_DATA: OpenID 2.0 authentication outcome data.
318  * @GSASL_SAML20_AUTHENTICATE_IN_BROWSER: Request to perform SAML 2.0
319  * authentication in browser.
320  * @GSASL_OPENID20_AUTHENTICATE_IN_BROWSER: Request to perform OpenID 2.0
321  * authentication in browser.
322  * @GSASL_VALIDATE_SIMPLE: Request for simple validation.
323  * @GSASL_VALIDATE_EXTERNAL: Request for validation of EXTERNAL.
324  * @GSASL_VALIDATE_ANONYMOUS: Request for validation of ANONYMOUS.
325  * @GSASL_VALIDATE_GSSAPI: Request for validation of GSSAPI/GS2.
326  * @GSASL_VALIDATE_SECURID: Reqest for validation of SecurID.
327  * @GSASL_VALIDATE_SAML20: Reqest for validation of SAML20.
328  * @GSASL_VALIDATE_OPENID20: Reqest for validation of OpenID 2.0 login.
329  *
330  * Callback/property types.
331  */
332  typedef enum
333  {
334  /* Information properties, e.g., username. */
344  GSASL_PIN = 10,
348  GSASL_QOP = 14,
359  /* Client callbacks. */
362  /* Server validation callback properties. */
371 
372  /**
373  * Gsasl_callback_function:
374  * @ctx: libgsasl handle.
375  * @sctx: session handle, may be NULL.
376  * @prop: enumerated value of Gsasl_property type.
377  *
378  * Prototype of function that the application should implement. Use
379  * gsasl_callback_set() to inform the library about your callback
380  * function.
381  *
382  * It is called by the SASL library when it need some information
383  * from the application. Depending on the value of @prop, it should
384  * either set some property (e.g., username or password) using
385  * gsasl_property_set(), or it should extract some properties (e.g.,
386  * authentication and authorization identities) using
387  * gsasl_property_fast() and use them to make a policy decision,
388  * perhaps returning GSASL_AUTHENTICATION_ERROR or GSASL_OK
389  * depending on whether the policy permitted the operation.
390  *
391  * Return value: Any valid return code, the interpretation of which
392  * depend on the @prop value.
393  *
394  * Since: 0.2.0
395  **/
396  typedef int (*Gsasl_callback_function) (Gsasl * ctx, Gsasl_session * sctx,
397  Gsasl_property prop);
398 
399  /* Library entry and exit points: version.c, init.c, done.c */
400  extern GSASL_API int gsasl_init (Gsasl ** ctx);
401  extern GSASL_API void gsasl_done (Gsasl * ctx);
402  extern GSASL_API const char *gsasl_check_version (const char *req_version);
403 
404  /* Callback handling: callback.c */
405  extern GSASL_API void gsasl_callback_set (Gsasl * ctx,
407  extern GSASL_API int gsasl_callback (Gsasl * ctx, Gsasl_session * sctx,
408  Gsasl_property prop);
409 
410  extern GSASL_API void gsasl_callback_hook_set (Gsasl * ctx, void *hook);
411  extern GSASL_API void *gsasl_callback_hook_get (Gsasl * ctx);
412 
413  extern GSASL_API void gsasl_session_hook_set (Gsasl_session * sctx,
414  void *hook);
415  extern GSASL_API void *gsasl_session_hook_get (Gsasl_session * sctx);
416 
417  /* Property handling: property.c */
418  extern GSASL_API void gsasl_property_set (Gsasl_session * sctx,
419  Gsasl_property prop,
420  const char *data);
421  extern GSASL_API void gsasl_property_set_raw (Gsasl_session * sctx,
422  Gsasl_property prop,
423  const char *data, size_t len);
424  extern GSASL_API const char *gsasl_property_get (Gsasl_session * sctx,
425  Gsasl_property prop);
426  extern GSASL_API const char *gsasl_property_fast (Gsasl_session * sctx,
427  Gsasl_property prop);
428 
429  /* Mechanism handling: listmech.c, supportp.c, suggest.c */
430  extern GSASL_API int gsasl_client_mechlist (Gsasl * ctx, char **out);
431  extern GSASL_API int gsasl_client_support_p (Gsasl * ctx, const char *name);
432  extern GSASL_API const char *gsasl_client_suggest_mechanism (Gsasl * ctx,
433  const char
434  *mechlist);
435 
436  extern GSASL_API int gsasl_server_mechlist (Gsasl * ctx, char **out);
437  extern GSASL_API int gsasl_server_support_p (Gsasl * ctx, const char *name);
438 
439  /* Authentication functions: xstart.c, xstep.c, xfinish.c */
440  extern GSASL_API int gsasl_client_start (Gsasl * ctx, const char *mech,
441  Gsasl_session ** sctx);
442  extern GSASL_API int gsasl_server_start (Gsasl * ctx, const char *mech,
443  Gsasl_session ** sctx);
444  extern GSASL_API int gsasl_step (Gsasl_session * sctx,
445  const char *input, size_t input_len,
446  char **output, size_t *output_len);
447  extern GSASL_API int gsasl_step64 (Gsasl_session * sctx,
448  const char *b64input, char **b64output);
449  extern GSASL_API void gsasl_finish (Gsasl_session * sctx);
450 
451  /* Session functions: xcode.c, mechname.c */
452  extern GSASL_API int gsasl_encode (Gsasl_session * sctx,
453  const char *input, size_t input_len,
454  char **output, size_t *output_len);
455  extern GSASL_API int gsasl_decode (Gsasl_session * sctx,
456  const char *input, size_t input_len,
457  char **output, size_t *output_len);
458  extern GSASL_API const char *gsasl_mechanism_name (Gsasl_session * sctx);
459 
460  /* Error handling: error.c */
461  extern GSASL_API const char *gsasl_strerror (int err);
462  extern GSASL_API const char *gsasl_strerror_name (int err);
463 
464  /* Internationalized string processing: stringprep.c */
465  extern GSASL_API int gsasl_saslprep (const char *in,
466  Gsasl_saslprep_flags flags, char **out,
467  int *stringpreprc);
468 
469  /* Crypto functions: crypto.c */
470  typedef enum
471  {
472  /* Hash algorithm identifiers. */
475  } Gsasl_hash;
476 
477  typedef enum
478  {
479  /* Output sizes of hashes. */
484 
485  extern GSASL_API int gsasl_nonce (char *data, size_t datalen);
486  extern GSASL_API int gsasl_random (char *data, size_t datalen);
487 
488  extern GSASL_API size_t gsasl_hash_length (Gsasl_hash hash);
489 
490  extern GSASL_API int
492  const char *salted_password,
493  char *client_key,
494  char *server_key,
495  char *stored_key);
496  extern GSASL_API int
498  const char *password,
499  unsigned int iteration_count,
500  const char *salt,
501  size_t saltlen,
502  char *salted_password,
503  char *client_key,
504  char *server_key, char *stored_key);
505 
506  /* Utilities: md5pwd.c, base64.c, free.c */
507  extern GSASL_API int gsasl_simple_getpass (const char *filename,
508  const char *username,
509  char **key);
510  extern GSASL_API int gsasl_base64_to (const char *in, size_t inlen,
511  char **out, size_t *outlen);
512  extern GSASL_API int gsasl_base64_from (const char *in, size_t inlen,
513  char **out, size_t *outlen);
514  extern GSASL_API int gsasl_hex_to (const char *in, size_t inlen,
515  char **out, size_t *outlen);
516  extern GSASL_API int gsasl_hex_from (const char *in, char **out,
517  size_t *outlen);
518  extern GSASL_API void gsasl_free (void *ptr);
519 
520  /* Get the mechanism API. */
521 #include <gsasl-mech.h>
522 
523 #ifndef GSASL_NO_OBSOLETE
524  /* For compatibility with earlier versions. */
525 #include <gsasl-compat.h>
526 #endif
527 
528 #ifdef __cplusplus
529 }
530 #endif
531 
532 #endif /* GSASL_H */
int gsasl_random(char *data, size_t datalen)
Definition: crypto.c:54
const char * gsasl_property_get(Gsasl_session *sctx, Gsasl_property prop)
Definition: property.c:263
const char * gsasl_mechanism_name(Gsasl_session *sctx)
Definition: mechname.c:38
void gsasl_finish(Gsasl_session *sctx)
Definition: xfinish.c:33
Gsasl_saslprep_flags
Definition: gsasl.h:271
@ GSASL_ALLOW_UNASSIGNED
Definition: gsasl.h:272
const char * GSASL_VALID_MECHANISM_CHARACTERS
Definition: init.c:51
size_t gsasl_hash_length(Gsasl_hash hash)
Definition: crypto.c:72
void gsasl_property_set(Gsasl_session *sctx, Gsasl_property prop, const char *data)
Definition: property.c:158
int gsasl_base64_from(const char *in, size_t inlen, char **out, size_t *outlen)
Definition: base64.c:74
int gsasl_decode(Gsasl_session *sctx, const char *input, size_t input_len, char **output, size_t *output_len)
Definition: xcode.c:96
int gsasl_saslprep(const char *in, Gsasl_saslprep_flags flags, char **out, int *stringpreprc)
void gsasl_callback_set(Gsasl *ctx, Gsasl_callback_function cb)
Definition: callback.c:44
const char * gsasl_check_version(const char *req_version)
Definition: version.c:45
Gsasl_qop
Definition: gsasl.h:234
@ GSASL_QOP_AUTH_CONF
Definition: gsasl.h:237
@ GSASL_QOP_AUTH
Definition: gsasl.h:235
@ GSASL_QOP_AUTH_INT
Definition: gsasl.h:236
int gsasl_client_support_p(Gsasl *ctx, const char *name)
Definition: supportp.c:49
Gsasl_hash
Definition: gsasl.h:471
@ GSASL_HASH_SHA1
Definition: gsasl.h:473
@ GSASL_HASH_SHA256
Definition: gsasl.h:474
int gsasl_scram_secrets_from_salted_password(Gsasl_hash hash, const char *salted_password, char *client_key, char *server_key, char *stored_key)
Definition: crypto.c:103
int(* Gsasl_callback_function)(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop)
Definition: gsasl.h:396
int gsasl_nonce(char *data, size_t datalen)
Definition: crypto.c:38
int gsasl_client_start(Gsasl *ctx, const char *mech, Gsasl_session **sctx)
Definition: xstart.c:119
Gsasl_rc
Definition: gsasl.h:170
@ GSASL_GSSAPI_UNWRAP_ERROR
Definition: gsasl.h:202
@ GSASL_NO_CLIENT_CODE
Definition: gsasl.h:182
@ GSASL_NO_CALLBACK
Definition: gsasl.h:184
@ GSASL_GSSAPI_IMPORT_NAME_ERROR
Definition: gsasl.h:199
@ GSASL_GSSAPI_RELEASE_OID_SET_ERROR
Definition: gsasl.h:216
@ GSASL_KERBEROS_V5_INIT_ERROR
Definition: gsasl.h:207
@ GSASL_OK
Definition: gsasl.h:171
@ GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE
Definition: gsasl.h:210
@ GSASL_GSSAPI_RELEASE_BUFFER_ERROR
Definition: gsasl.h:198
@ GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR
Definition: gsasl.h:201
@ GSASL_BASE64_ERROR
Definition: gsasl.h:176
@ GSASL_NO_OPENID20_REDIRECT_URL
Definition: gsasl.h:196
@ GSASL_SECURID_SERVER_NEED_NEW_PIN
Definition: gsasl.h:211
@ GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR
Definition: gsasl.h:214
@ GSASL_AUTHENTICATION_ERROR
Definition: gsasl.h:180
@ GSASL_NEEDS_MORE
Definition: gsasl.h:172
@ GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR
Definition: gsasl.h:215
@ GSASL_MALLOC_ERROR
Definition: gsasl.h:175
@ GSASL_NO_PASSWORD
Definition: gsasl.h:188
@ GSASL_NO_SAML20_IDP_IDENTIFIER
Definition: gsasl.h:194
@ GSASL_GSSAPI_DISPLAY_NAME_ERROR
Definition: gsasl.h:205
@ GSASL_NO_PASSCODE
Definition: gsasl.h:189
@ GSASL_NO_SERVICE
Definition: gsasl.h:191
@ GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR
Definition: gsasl.h:212
@ GSASL_NO_AUTHZID
Definition: gsasl.h:187
@ GSASL_GSSAPI_ACQUIRE_CRED_ERROR
Definition: gsasl.h:204
@ GSASL_MECHANISM_CALLED_TOO_MANY_TIMES
Definition: gsasl.h:174
@ GSASL_NO_HOSTNAME
Definition: gsasl.h:192
@ GSASL_NO_AUTHID
Definition: gsasl.h:186
@ GSASL_GSSAPI_WRAP_ERROR
Definition: gsasl.h:203
@ GSASL_MECHANISM_PARSE_ERROR
Definition: gsasl.h:179
@ GSASL_NO_PIN
Definition: gsasl.h:190
@ GSASL_CRYPTO_ERROR
Definition: gsasl.h:177
@ GSASL_SASLPREP_ERROR
Definition: gsasl.h:178
@ GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR
Definition: gsasl.h:213
@ GSASL_NO_ANONYMOUS_TOKEN
Definition: gsasl.h:185
@ GSASL_NO_SERVER_CODE
Definition: gsasl.h:183
@ GSASL_NO_SAML20_REDIRECT_URL
Definition: gsasl.h:195
@ GSASL_KERBEROS_V5_INTERNAL_ERROR
Definition: gsasl.h:208
@ GSASL_INTEGRITY_ERROR
Definition: gsasl.h:181
@ GSASL_UNKNOWN_MECHANISM
Definition: gsasl.h:173
@ GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR
Definition: gsasl.h:200
@ GSASL_NO_CB_TLS_UNIQUE
Definition: gsasl.h:193
@ GSASL_SHISHI_ERROR
Definition: gsasl.h:209
@ GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR
Definition: gsasl.h:206
void gsasl_session_hook_set(Gsasl_session *sctx, void *hook)
Definition: callback.c:148
int gsasl_server_support_p(Gsasl *ctx, const char *name)
Definition: supportp.c:66
int gsasl_scram_secrets_from_password(Gsasl_hash hash, const char *password, unsigned int iteration_count, const char *salt, size_t saltlen, char *salted_password, char *client_key, char *server_key, char *stored_key)
Definition: crypto.c:155
void * gsasl_callback_hook_get(Gsasl *ctx)
Definition: callback.c:128
void * gsasl_session_hook_get(Gsasl_session *sctx)
Definition: callback.c:168
Gsasl_cipher
Definition: gsasl.h:254
@ GSASL_CIPHER_DES
Definition: gsasl.h:255
@ GSASL_CIPHER_RC4
Definition: gsasl.h:257
@ GSASL_CIPHER_RC4_56
Definition: gsasl.h:259
@ GSASL_CIPHER_3DES
Definition: gsasl.h:256
@ GSASL_CIPHER_RC4_40
Definition: gsasl.h:258
@ GSASL_CIPHER_AES
Definition: gsasl.h:260
void gsasl_free(void *ptr)
Definition: free.c:41
#define GSASL_API
Definition: gsasl.h:38
const char * gsasl_strerror(int err)
Definition: error.c:228
int gsasl_base64_to(const char *in, size_t inlen, char **out, size_t *outlen)
Definition: base64.c:44
int gsasl_server_start(Gsasl *ctx, const char *mech, Gsasl_session **sctx)
Definition: xstart.c:137
const char * gsasl_client_suggest_mechanism(Gsasl *ctx, const char *mechlist)
Definition: suggest.c:38
int gsasl_simple_getpass(const char *filename, const char *username, char **key)
Definition: md5pwd.c:47
void gsasl_property_set_raw(Gsasl_session *sctx, Gsasl_property prop, const char *data, size_t len)
Definition: property.c:184
@ GSASL_MIN_MECHANISM_SIZE
Definition: gsasl.h:107
@ GSASL_MAX_MECHANISM_SIZE
Definition: gsasl.h:108
Gsasl_hash_length
Definition: gsasl.h:478
@ GSASL_HASH_SHA1_SIZE
Definition: gsasl.h:480
@ GSASL_HASH_MAX_SIZE
Definition: gsasl.h:482
@ GSASL_HASH_SHA256_SIZE
Definition: gsasl.h:481
int gsasl_init(Gsasl **ctx)
Definition: init.c:167
int gsasl_encode(Gsasl_session *sctx, const char *input, size_t input_len, char **output, size_t *output_len)
Definition: xcode.c:64
const char * gsasl_property_fast(Gsasl_session *sctx, Gsasl_property prop)
Definition: property.c:226
Gsasl_property
Definition: gsasl.h:333
@ GSASL_DIGEST_MD5_HASHED_PASSWORD
Definition: gsasl.h:346
@ GSASL_SCRAM_STOREDKEY
Definition: gsasl.h:353
@ GSASL_SAML20_AUTHENTICATE_IN_BROWSER
Definition: gsasl.h:360
@ GSASL_HOSTNAME
Definition: gsasl.h:340
@ GSASL_AUTHZID
Definition: gsasl.h:336
@ GSASL_VALIDATE_GSSAPI
Definition: gsasl.h:366
@ GSASL_OPENID20_AUTHENTICATE_IN_BROWSER
Definition: gsasl.h:361
@ GSASL_SCRAM_SALT
Definition: gsasl.h:350
@ GSASL_QOP
Definition: gsasl.h:348
@ GSASL_CB_TLS_UNIQUE
Definition: gsasl.h:354
@ GSASL_SERVICE
Definition: gsasl.h:339
@ GSASL_GSSAPI_DISPLAY_NAME
Definition: gsasl.h:341
@ GSASL_VALIDATE_SIMPLE
Definition: gsasl.h:363
@ GSASL_VALIDATE_EXTERNAL
Definition: gsasl.h:364
@ GSASL_OPENID20_OUTCOME_DATA
Definition: gsasl.h:358
@ GSASL_SAML20_IDP_IDENTIFIER
Definition: gsasl.h:355
@ GSASL_SCRAM_SALTED_PASSWORD
Definition: gsasl.h:351
@ GSASL_VALIDATE_OPENID20
Definition: gsasl.h:369
@ GSASL_VALIDATE_SAML20
Definition: gsasl.h:368
@ GSASL_QOPS
Definition: gsasl.h:347
@ GSASL_PASSWORD
Definition: gsasl.h:337
@ GSASL_REALM
Definition: gsasl.h:345
@ GSASL_SCRAM_ITER
Definition: gsasl.h:349
@ GSASL_PASSCODE
Definition: gsasl.h:342
@ GSASL_AUTHID
Definition: gsasl.h:335
@ GSASL_SAML20_REDIRECT_URL
Definition: gsasl.h:356
@ GSASL_PIN
Definition: gsasl.h:344
@ GSASL_VALIDATE_SECURID
Definition: gsasl.h:367
@ GSASL_VALIDATE_ANONYMOUS
Definition: gsasl.h:365
@ GSASL_ANONYMOUS_TOKEN
Definition: gsasl.h:338
@ GSASL_SCRAM_SERVERKEY
Definition: gsasl.h:352
@ GSASL_SUGGESTED_PIN
Definition: gsasl.h:343
@ GSASL_OPENID20_REDIRECT_URL
Definition: gsasl.h:357
int gsasl_step64(Gsasl_session *sctx, const char *b64input, char **b64output)
Definition: xstep.c:86
int gsasl_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop)
Definition: callback.c:75
int gsasl_client_mechlist(Gsasl *ctx, char **out)
Definition: listmech.c:74
const char * gsasl_strerror_name(int err)
Definition: error.c:266
int gsasl_hex_from(const char *in, char **out, size_t *outlen)
Definition: base64.c:139
int gsasl_step(Gsasl_session *sctx, const char *input, size_t input_len, char **output, size_t *output_len)
Definition: xstep.c:51
int gsasl_hex_to(const char *in, size_t inlen, char **out, size_t *outlen)
Definition: base64.c:106
void gsasl_done(Gsasl *ctx)
Definition: done.c:33
void gsasl_callback_hook_set(Gsasl *ctx, void *hook)
Definition: callback.c:108
int gsasl_server_mechlist(Gsasl *ctx, char **out)
Definition: listmech.c:93
const char * name
Definition: error.c:43
Gsasl_mechanism * mech
Definition: internal.h:82
Gsasl * ctx
Definition: internal.h:80
char * password
Definition: internal.h:90
Definition: internal.h:41