sasl.h   sasl.h 
skipping to change at line 28 skipping to change at line 28
* *
* Callbacks: * Callbacks:
* sasl_getopt_t client/server: Get an option value * sasl_getopt_t client/server: Get an option value
* sasl_logmsg_t client/server: Log message handler * sasl_logmsg_t client/server: Log message handler
* sasl_getsimple_t client: Get user/language list * sasl_getsimple_t client: Get user/language list
* sasl_getsecret_t client: Get authentication secret * sasl_getsecret_t client: Get authentication secret
* sasl_chalprompt_t client: Display challenge and prompt for response * sasl_chalprompt_t client: Display challenge and prompt for response
* *
* Server only Callbacks: * Server only Callbacks:
* sasl_authorize_t user authorization policy callback * sasl_authorize_t user authorization policy callback
* sasl_getconfpath_t get path to search for config file
* sasl_server_userdb_checkpass check password and auxprops in userdb * sasl_server_userdb_checkpass check password and auxprops in userdb
* sasl_server_userdb_setpass set password in userdb * sasl_server_userdb_setpass set password in userdb
* sasl_server_canon_user canonicalize username routine * sasl_server_canon_user canonicalize username routine
* *
* Client/Server Function Summary: * Client/Server Function Summary:
* sasl_done Release all SASL global state * sasl_done Release all SASL global state
* sasl_dispose Connection done: Dispose of sasl_conn_t * sasl_dispose Connection done: Dispose of sasl_conn_t
* sasl_getprop Get property (e.g., user name, security layer info) * sasl_getprop Get property (e.g., user name, security layer info)
* sasl_setprop Set property (e.g., external ssf) * sasl_setprop Set property (e.g., external ssf)
* sasl_errdetail Generate string from last error on connection * sasl_errdetail Generate string from last error on connection
skipping to change at line 123 skipping to change at line 124
* expected to append "@" and user_realm to the user name. The canon_user * expected to append "@" and user_realm to the user name. The canon_user
* facility may treat other characters such as "%" as equivalent to "@". * facility may treat other characters such as "%" as equivalent to "@".
* *
* If the server forbids the use of "@" in user names for other * If the server forbids the use of "@" in user names for other
* purposes, this simplifies security validation. * purposes, this simplifies security validation.
*/ */
#ifndef SASL_H #ifndef SASL_H
#define SASL_H 1 #define SASL_H 1
/* Keep in sync with win32/common.mak */
#define SASL_VERSION_MAJOR 2 #define SASL_VERSION_MAJOR 2
#define SASL_VERSION_MINOR 1 #define SASL_VERSION_MINOR 1
#define SASL_VERSION_STEP 21 #define SASL_VERSION_STEP 22
/* A convenience macro: same as was defined in the OpenLDAP LDAPDB */ /* A convenience macro: same as was defined in the OpenLDAP LDAPDB */
#define SASL_VERSION_FULL ((SASL_VERSION_MAJOR << 16) |\ #define SASL_VERSION_FULL ((SASL_VERSION_MAJOR << 16) |\
(SASL_VERSION_MINOR << 8) | SASL_VERSION_STEP) (SASL_VERSION_MINOR << 8) | SASL_VERSION_STEP)
#include "prop.h" #include "prop.h"
/************* /*************
* Basic API * * Basic API *
*************/ *************/
skipping to change at line 445 skipping to change at line 447
SASL_VRFY_PLUGIN=0, /* a DLL/shared library plug-in */ SASL_VRFY_PLUGIN=0, /* a DLL/shared library plug-in */
SASL_VRFY_CONF=1, /* a configuration file */ SASL_VRFY_CONF=1, /* a configuration file */
SASL_VRFY_PASSWD=2, /* a password storage file/db */ SASL_VRFY_PASSWD=2, /* a password storage file/db */
SASL_VRFY_OTHER=3 /* some other file */ SASL_VRFY_OTHER=3 /* some other file */
} sasl_verify_type_t; } sasl_verify_type_t;
typedef int sasl_verifyfile_t(void *context, typedef int sasl_verifyfile_t(void *context,
const char *file, sasl_verify_type_t type); const char *file, sasl_verify_type_t type);
#define SASL_CB_VERIFYFILE 4 #define SASL_CB_VERIFYFILE 4
/* getconfpath callback -- this allows applications to specify the
* colon-separated path to search for config files (by default,
* taken from the SASL_CONF_PATH environment variable).
* inputs:
* context -- getconfpath context from the callback record
* outputs:
* path -- colon seperated path (allocated on the heap; the
* library will free it using the sasl_free_t *
* passed to sasl_set_callback, or the standard free()
* library call).
* returns:
* SASL_OK -- no error
* SASL_FAIL -- error
*/
typedef int sasl_getconfpath_t(void *context,
char **path);
#define SASL_CB_GETCONFPATH 5
/* client/user interaction callbacks: /* client/user interaction callbacks:
*/ */
/* Simple prompt -- result must persist until next call to getsimple on /* Simple prompt -- result must persist until next call to getsimple on
* same connection or until connection context is disposed * same connection or until connection context is disposed
* inputs: * inputs:
* context -- context from callback structure * context -- context from callback structure
* id -- callback id * id -- callback id
* outputs: * outputs:
* result -- set to NUL terminated string * result -- set to NUL terminated string
* NULL = user cancel * NULL = user cancel
skipping to change at line 621 skipping to change at line 642
const char *user_realm, const char *user_realm,
char *out, char *out,
unsigned out_max, unsigned *out_len); unsigned out_max, unsigned *out_len);
#define SASL_CB_CANON_USER (0x8007) #define SASL_CB_CANON_USER (0x8007)
/********************************** /**********************************
* Common Client/server functions * * Common Client/server functions *
**********************************/ **********************************/
/* Types of paths to set (see sasl_set_path below). */
#define SASL_PATH_TYPE_PLUGIN 0
#define SASL_PATH_TYPE_CONFIG 1
/* a simpler way to set plugin path or configuration file path
* without the need to set sasl_getpath_t callback.
*
* This function can be called before sasl_server_init/sasl_client_init.
*/
LIBSASL_API int sasl_set_path (int path_type, char * path);
/* get sasl library version information /* get sasl library version information
* implementation is a vendor-defined string * implementation is a vendor-defined string
* version is a vender-defined representation of the version # * version is a vender-defined representation of the version #.
* *
* this function is being deprecated in favor of sasl_version_info */ * This function is being deprecated in favor of sasl_version_info. */
LIBSASL_API void sasl_version(const char **implementation, LIBSASL_API void sasl_version(const char **implementation,
int *version); int *version);
/* Extended version of sasl_version(). /* Extended version of sasl_version().
* *
* This function is to be used * This function is to be used
* for library version display and logging * for library version display and logging
* for bug workarounds in old library versions * for bug workarounds in old library versions
* *
* The sasl_version_info is not to be used for API feature detection. * The sasl_version_info is not to be used for API feature detection.
skipping to change at line 745 skipping to change at line 777
#define SASL_SERVICE 12 /* service passed to sasl_*_new */ #define SASL_SERVICE 12 /* service passed to sasl_*_new */
#define SASL_SERVERFQDN 13 /* serverFQDN passed to sasl_*_new */ #define SASL_SERVERFQDN 13 /* serverFQDN passed to sasl_*_new */
#define SASL_AUTHSOURCE 14 /* name of auth source last used, useful #define SASL_AUTHSOURCE 14 /* name of auth source last used, useful
* for failed authentication tracking */ * for failed authentication tracking */
#define SASL_MECHNAME 15 /* active mechanism name, if any */ #define SASL_MECHNAME 15 /* active mechanism name, if any */
#define SASL_AUTHUSER 16 /* authentication/admin user */ #define SASL_AUTHUSER 16 /* authentication/admin user */
#define SASL_APPNAME 17 /* application name (used for logging/ #define SASL_APPNAME 17 /* application name (used for logging/
configuration), same as appname parameter configuration), same as appname parameter
to sasl_server_init */ to sasl_server_init */
/* GSS-API credential handle for sasl_client_step() or sasl_server_step().
* The application is responsible for releasing this credential handle. */
#define SASL_GSS_CREDS 18
/* GSS name (gss_name_t) of the peer, as output by gss_inquire_context()
* or gss_accept_sec_context().
* On server end this is similar to SASL_USERNAME, but the gss_name_t
* structure can contain additional attributes associated with the peer.
*/
#define SASL_GSS_PEER_NAME 19
/* Local GSS name (gss_name_t) as output by gss_inquire_context(). This
* is particularly useful for servers that respond to multiple names. */
#define SASL_GSS_LOCAL_NAME 20
/* set property in SASL connection state /* set property in SASL connection state
* returns: * returns:
* SASL_OK -- value set * SASL_OK -- value set
* SASL_BADPARAM -- invalid property or value * SASL_BADPARAM -- invalid property or value
*/ */
LIBSASL_API int sasl_setprop(sasl_conn_t *conn, LIBSASL_API int sasl_setprop(sasl_conn_t *conn,
int propnum, int propnum,
const void *value); const void *value);
#define SASL_SSF_EXTERNAL 100 /* external SSF active (sasl_ssf_t *) */ #define SASL_SSF_EXTERNAL 100 /* external SSF active (sasl_ssf_t *) */
#define SASL_SEC_PROPS 101 /* sasl_security_properties_t */ #define SASL_SEC_PROPS 101 /* sasl_security_properties_t */
 End of changes. 8 change blocks. 
3 lines changed or deleted 50 lines changed or added


 saslplug.h   saslplug.h 
skipping to change at line 178 skipping to change at line 178
typedef struct sasl_out_params { typedef struct sasl_out_params {
unsigned doneflag; /* exchange complete */ unsigned doneflag; /* exchange complete */
const char *user; /* canonicalized user name */ const char *user; /* canonicalized user name */
const char *authid; /* canonicalized authentication id * / const char *authid; /* canonicalized authentication id * /
unsigned ulen; /* length of canonicalized user name */ unsigned ulen; /* length of canonicalized user name */
unsigned alen; /* length of canonicalized authid */ unsigned alen; /* length of canonicalized authid */
/* security layer information */ /* security layer information */
unsigned maxoutbuf; unsigned maxoutbuf; /* Maximum buffer size, which will
produce buffer no bigger than the
negotiated SASL maximum buffer size */
sasl_ssf_t mech_ssf; /* Should be set non-zero if negotiation of a sasl_ssf_t mech_ssf; /* Should be set non-zero if negotiation of a
* security layer was *attempted*, even if * security layer was *attempted*, even if
* the negotiation failed */ * the negotiation failed */
void *encode_context; void *encode_context;
int (*encode)(void *context, const struct iovec *invec, unsigned numiov , int (*encode)(void *context, const struct iovec *invec, unsigned numiov ,
const char **output, unsigned *outputlen); const char **output, unsigned *outputlen);
void *decode_context; void *decode_context;
int (*decode)(void *context, const char *input, unsigned inputlen, int (*decode)(void *context, const char *input, unsigned inputlen,
const char **output, unsigned *outputlen); const char **output, unsigned *outputlen);
skipping to change at line 442 skipping to change at line 444
char *plugname; char *plugname;
const sasl_client_plug_t *plug; const sasl_client_plug_t *plug;
} client_sasl_mechanism_t; } client_sasl_mechanism_t;
typedef void sasl_client_info_callback_t (client_sasl_mechanism_t *m, typedef void sasl_client_info_callback_t (client_sasl_mechanism_t *m,
sasl_info_callback_stage_t stage, sasl_info_callback_stage_t stage,
void *rock); void *rock);
/* Dump information about available client plugins */ /* Dump information about available client plugins */
LIBSASL_API int sasl_client_plugin_info (char *mech_list, LIBSASL_API int sasl_client_plugin_info (const char *mech_list,
sasl_client_info_callback_t *info_cb, sasl_client_info_callback_t *info_cb,
void *info_cb_rock); void *info_cb_rock);
/******************** /********************
* Server Functions * * Server Functions *
********************/ ********************/
/* log message formatting routine */ /* log message formatting routine */
typedef void sasl_logmsg_p(sasl_conn_t *conn, const char *fmt, ...); typedef void sasl_logmsg_p(sasl_conn_t *conn, const char *fmt, ...);
skipping to change at line 780 skipping to change at line 782
set to SASL_CONTINUE if delayed plugin loading */ set to SASL_CONTINUE if delayed plugin loading */
char *plugname; /* for AUTHSOURCE tracking */ char *plugname; /* for AUTHSOURCE tracking */
const sasl_server_plug_t *plug; const sasl_server_plug_t *plug;
char *f; /* where should i load the mechanism from? */ char *f; /* where should i load the mechanism from? */
} server_sasl_mechanism_t; } server_sasl_mechanism_t;
typedef void sasl_server_info_callback_t (server_sasl_mechanism_t *m, typedef void sasl_server_info_callback_t (server_sasl_mechanism_t *m,
sasl_info_callback_stage_t stage, sasl_info_callback_stage_t stage,
void *rock); void *rock);
/* Dump information about available server plugins (separate functions shou /* Dump information about available server plugins (separate functions are
ld be used for canon and auxprop plugins) */
used for canon and auxprop plugins */ LIBSASL_API int sasl_server_plugin_info (const char *mech_list,
LIBSASL_API int sasl_server_plugin_info (char *mech_list,
sasl_server_info_callback_t *info_cb, sasl_server_info_callback_t *info_cb,
void *info_cb_rock); void *info_cb_rock);
/********************************************************* /*********************************************************
* user canonicalization plug-in -- added cjn 1999-09-29 * * user canonicalization plug-in -- added cjn 1999-09-29 *
*********************************************************/ *********************************************************/
typedef struct sasl_canonuser { typedef struct sasl_canonuser {
/* optional features of plugin (set to 0) */ /* optional features of plugin (set to 0) */
int features; int features;
skipping to change at line 928 skipping to change at line 930
int max_version, int max_version,
int *out_version, int *out_version,
sasl_auxprop_plug_t **plug, sasl_auxprop_plug_t **plug,
const char *plugname); const char *plugname);
/* add an auxiliary property plug-in /* add an auxiliary property plug-in
*/ */
LIBSASL_API int sasl_auxprop_add_plugin(const char *plugname, LIBSASL_API int sasl_auxprop_add_plugin(const char *plugname,
sasl_auxprop_init_t *auxpropfunc); sasl_auxprop_init_t *auxpropfunc);
typedef void auxprop_info_callback_t (sasl_auxprop_plug_t *m,
sasl_info_callback_stage_t stage,
void *rock);
/* Dump information about available auxprop plugins (separate functions are
used for canon and server authentication plugins) */
LIBSASL_API int auxprop_plugin_info (const char *mech_list,
auxprop_info_callback_t *info_cb,
void *info_cb_rock);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* SASLPLUG_H */ #endif /* SASLPLUG_H */
 End of changes. 4 change blocks. 
6 lines changed or deleted 17 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/