| sasl.h | sasl.h | |||
|---|---|---|---|---|
| skipping to change at line 28 | skipping to change at line 28 | |||
| * | * | |||
| * Callbacks: | * Callbacks: | |||
| * sasl_getopt_t client/server: Get an option value | * sasl_getopt_t client/server: Get an option value | |||
| * sasl_logmsg_t client/server: Log message handler | * sasl_logmsg_t client/server: Log message handler | |||
| * sasl_getsimple_t client: Get user/language list | * sasl_getsimple_t client: Get user/language list | |||
| * sasl_getsecret_t client: Get authentication secret | * sasl_getsecret_t client: Get authentication secret | |||
| * sasl_chalprompt_t client: Display challenge and prompt for response | * sasl_chalprompt_t client: Display challenge and prompt for response | |||
| * | * | |||
| * Server only Callbacks: | * Server only Callbacks: | |||
| * sasl_authorize_t user authorization policy callback | * sasl_authorize_t user authorization policy callback | |||
| * sasl_getconfpath_t get path to search for config file | ||||
| * sasl_server_userdb_checkpass check password and auxprops in userdb | * sasl_server_userdb_checkpass check password and auxprops in userdb | |||
| * sasl_server_userdb_setpass set password in userdb | * sasl_server_userdb_setpass set password in userdb | |||
| * sasl_server_canon_user canonicalize username routine | * sasl_server_canon_user canonicalize username routine | |||
| * | * | |||
| * Client/Server Function Summary: | * Client/Server Function Summary: | |||
| * sasl_done Release all SASL global state | * sasl_done Release all SASL global state | |||
| * sasl_dispose Connection done: Dispose of sasl_conn_t | * sasl_dispose Connection done: Dispose of sasl_conn_t | |||
| * sasl_getprop Get property (e.g., user name, security layer info) | * sasl_getprop Get property (e.g., user name, security layer info) | |||
| * sasl_setprop Set property (e.g., external ssf) | * sasl_setprop Set property (e.g., external ssf) | |||
| * sasl_errdetail Generate string from last error on connection | * sasl_errdetail Generate string from last error on connection | |||
| skipping to change at line 123 | skipping to change at line 124 | |||
| * expected to append "@" and user_realm to the user name. The canon_user | * expected to append "@" and user_realm to the user name. The canon_user | |||
| * facility may treat other characters such as "%" as equivalent to "@". | * facility may treat other characters such as "%" as equivalent to "@". | |||
| * | * | |||
| * If the server forbids the use of "@" in user names for other | * If the server forbids the use of "@" in user names for other | |||
| * purposes, this simplifies security validation. | * purposes, this simplifies security validation. | |||
| */ | */ | |||
| #ifndef SASL_H | #ifndef SASL_H | |||
| #define SASL_H 1 | #define SASL_H 1 | |||
| /* Keep in sync with win32/common.mak */ | ||||
| #define SASL_VERSION_MAJOR 2 | #define SASL_VERSION_MAJOR 2 | |||
| #define SASL_VERSION_MINOR 1 | #define SASL_VERSION_MINOR 1 | |||
| #define SASL_VERSION_STEP 21 | #define SASL_VERSION_STEP 22 | |||
| /* A convenience macro: same as was defined in the OpenLDAP LDAPDB */ | /* A convenience macro: same as was defined in the OpenLDAP LDAPDB */ | |||
| #define SASL_VERSION_FULL ((SASL_VERSION_MAJOR << 16) |\ | #define SASL_VERSION_FULL ((SASL_VERSION_MAJOR << 16) |\ | |||
| (SASL_VERSION_MINOR << 8) | SASL_VERSION_STEP) | (SASL_VERSION_MINOR << 8) | SASL_VERSION_STEP) | |||
| #include "prop.h" | #include "prop.h" | |||
| /************* | /************* | |||
| * Basic API * | * Basic API * | |||
| *************/ | *************/ | |||
| skipping to change at line 445 | skipping to change at line 447 | |||
| SASL_VRFY_PLUGIN=0, /* a DLL/shared library plug-in */ | SASL_VRFY_PLUGIN=0, /* a DLL/shared library plug-in */ | |||
| SASL_VRFY_CONF=1, /* a configuration file */ | SASL_VRFY_CONF=1, /* a configuration file */ | |||
| SASL_VRFY_PASSWD=2, /* a password storage file/db */ | SASL_VRFY_PASSWD=2, /* a password storage file/db */ | |||
| SASL_VRFY_OTHER=3 /* some other file */ | SASL_VRFY_OTHER=3 /* some other file */ | |||
| } sasl_verify_type_t; | } sasl_verify_type_t; | |||
| typedef int sasl_verifyfile_t(void *context, | typedef int sasl_verifyfile_t(void *context, | |||
| const char *file, sasl_verify_type_t type); | const char *file, sasl_verify_type_t type); | |||
| #define SASL_CB_VERIFYFILE 4 | #define SASL_CB_VERIFYFILE 4 | |||
| /* getconfpath callback -- this allows applications to specify the | ||||
| * colon-separated path to search for config files (by default, | ||||
| * taken from the SASL_CONF_PATH environment variable). | ||||
| * inputs: | ||||
| * context -- getconfpath context from the callback record | ||||
| * outputs: | ||||
| * path -- colon seperated path (allocated on the heap; the | ||||
| * library will free it using the sasl_free_t * | ||||
| * passed to sasl_set_callback, or the standard free() | ||||
| * library call). | ||||
| * returns: | ||||
| * SASL_OK -- no error | ||||
| * SASL_FAIL -- error | ||||
| */ | ||||
| typedef int sasl_getconfpath_t(void *context, | ||||
| char **path); | ||||
| #define SASL_CB_GETCONFPATH 5 | ||||
| /* client/user interaction callbacks: | /* client/user interaction callbacks: | |||
| */ | */ | |||
| /* Simple prompt -- result must persist until next call to getsimple on | /* Simple prompt -- result must persist until next call to getsimple on | |||
| * same connection or until connection context is disposed | * same connection or until connection context is disposed | |||
| * inputs: | * inputs: | |||
| * context -- context from callback structure | * context -- context from callback structure | |||
| * id -- callback id | * id -- callback id | |||
| * outputs: | * outputs: | |||
| * result -- set to NUL terminated string | * result -- set to NUL terminated string | |||
| * NULL = user cancel | * NULL = user cancel | |||
| skipping to change at line 621 | skipping to change at line 642 | |||
| const char *user_realm, | const char *user_realm, | |||
| char *out, | char *out, | |||
| unsigned out_max, unsigned *out_len); | unsigned out_max, unsigned *out_len); | |||
| #define SASL_CB_CANON_USER (0x8007) | #define SASL_CB_CANON_USER (0x8007) | |||
| /********************************** | /********************************** | |||
| * Common Client/server functions * | * Common Client/server functions * | |||
| **********************************/ | **********************************/ | |||
| /* Types of paths to set (see sasl_set_path below). */ | ||||
| #define SASL_PATH_TYPE_PLUGIN 0 | ||||
| #define SASL_PATH_TYPE_CONFIG 1 | ||||
| /* a simpler way to set plugin path or configuration file path | ||||
| * without the need to set sasl_getpath_t callback. | ||||
| * | ||||
| * This function can be called before sasl_server_init/sasl_client_init. | ||||
| */ | ||||
| LIBSASL_API int sasl_set_path (int path_type, char * path); | ||||
| /* get sasl library version information | /* get sasl library version information | |||
| * implementation is a vendor-defined string | * implementation is a vendor-defined string | |||
| * version is a vender-defined representation of the version # | * version is a vender-defined representation of the version #. | |||
| * | * | |||
| * this function is being deprecated in favor of sasl_version_info */ | * This function is being deprecated in favor of sasl_version_info. */ | |||
| LIBSASL_API void sasl_version(const char **implementation, | LIBSASL_API void sasl_version(const char **implementation, | |||
| int *version); | int *version); | |||
| /* Extended version of sasl_version(). | /* Extended version of sasl_version(). | |||
| * | * | |||
| * This function is to be used | * This function is to be used | |||
| * for library version display and logging | * for library version display and logging | |||
| * for bug workarounds in old library versions | * for bug workarounds in old library versions | |||
| * | * | |||
| * The sasl_version_info is not to be used for API feature detection. | * The sasl_version_info is not to be used for API feature detection. | |||
| skipping to change at line 745 | skipping to change at line 777 | |||
| #define SASL_SERVICE 12 /* service passed to sasl_*_new */ | #define SASL_SERVICE 12 /* service passed to sasl_*_new */ | |||
| #define SASL_SERVERFQDN 13 /* serverFQDN passed to sasl_*_new */ | #define SASL_SERVERFQDN 13 /* serverFQDN passed to sasl_*_new */ | |||
| #define SASL_AUTHSOURCE 14 /* name of auth source last used, useful | #define SASL_AUTHSOURCE 14 /* name of auth source last used, useful | |||
| * for failed authentication tracking */ | * for failed authentication tracking */ | |||
| #define SASL_MECHNAME 15 /* active mechanism name, if any */ | #define SASL_MECHNAME 15 /* active mechanism name, if any */ | |||
| #define SASL_AUTHUSER 16 /* authentication/admin user */ | #define SASL_AUTHUSER 16 /* authentication/admin user */ | |||
| #define SASL_APPNAME 17 /* application name (used for logging/ | #define SASL_APPNAME 17 /* application name (used for logging/ | |||
| configuration), same as appname parameter | configuration), same as appname parameter | |||
| to sasl_server_init */ | to sasl_server_init */ | |||
| /* GSS-API credential handle for sasl_client_step() or sasl_server_step(). | ||||
| * The application is responsible for releasing this credential handle. */ | ||||
| #define SASL_GSS_CREDS 18 | ||||
| /* GSS name (gss_name_t) of the peer, as output by gss_inquire_context() | ||||
| * or gss_accept_sec_context(). | ||||
| * On server end this is similar to SASL_USERNAME, but the gss_name_t | ||||
| * structure can contain additional attributes associated with the peer. | ||||
| */ | ||||
| #define SASL_GSS_PEER_NAME 19 | ||||
| /* Local GSS name (gss_name_t) as output by gss_inquire_context(). This | ||||
| * is particularly useful for servers that respond to multiple names. */ | ||||
| #define SASL_GSS_LOCAL_NAME 20 | ||||
| /* set property in SASL connection state | /* set property in SASL connection state | |||
| * returns: | * returns: | |||
| * SASL_OK -- value set | * SASL_OK -- value set | |||
| * SASL_BADPARAM -- invalid property or value | * SASL_BADPARAM -- invalid property or value | |||
| */ | */ | |||
| LIBSASL_API int sasl_setprop(sasl_conn_t *conn, | LIBSASL_API int sasl_setprop(sasl_conn_t *conn, | |||
| int propnum, | int propnum, | |||
| const void *value); | const void *value); | |||
| #define SASL_SSF_EXTERNAL 100 /* external SSF active (sasl_ssf_t *) */ | #define SASL_SSF_EXTERNAL 100 /* external SSF active (sasl_ssf_t *) */ | |||
| #define SASL_SEC_PROPS 101 /* sasl_security_properties_t */ | #define SASL_SEC_PROPS 101 /* sasl_security_properties_t */ | |||
| End of changes. 8 change blocks. | ||||
| 3 lines changed or deleted | 50 lines changed or added | |||
| saslplug.h | saslplug.h | |||
|---|---|---|---|---|
| skipping to change at line 178 | skipping to change at line 178 | |||
| typedef struct sasl_out_params { | typedef struct sasl_out_params { | |||
| unsigned doneflag; /* exchange complete */ | unsigned doneflag; /* exchange complete */ | |||
| const char *user; /* canonicalized user name */ | const char *user; /* canonicalized user name */ | |||
| const char *authid; /* canonicalized authentication id * / | const char *authid; /* canonicalized authentication id * / | |||
| unsigned ulen; /* length of canonicalized user name */ | unsigned ulen; /* length of canonicalized user name */ | |||
| unsigned alen; /* length of canonicalized authid */ | unsigned alen; /* length of canonicalized authid */ | |||
| /* security layer information */ | /* security layer information */ | |||
| unsigned maxoutbuf; | unsigned maxoutbuf; /* Maximum buffer size, which will | |||
| produce buffer no bigger than the | ||||
| negotiated SASL maximum buffer size */ | ||||
| sasl_ssf_t mech_ssf; /* Should be set non-zero if negotiation of a | sasl_ssf_t mech_ssf; /* Should be set non-zero if negotiation of a | |||
| * security layer was *attempted*, even if | * security layer was *attempted*, even if | |||
| * the negotiation failed */ | * the negotiation failed */ | |||
| void *encode_context; | void *encode_context; | |||
| int (*encode)(void *context, const struct iovec *invec, unsigned numiov , | int (*encode)(void *context, const struct iovec *invec, unsigned numiov , | |||
| const char **output, unsigned *outputlen); | const char **output, unsigned *outputlen); | |||
| void *decode_context; | void *decode_context; | |||
| int (*decode)(void *context, const char *input, unsigned inputlen, | int (*decode)(void *context, const char *input, unsigned inputlen, | |||
| const char **output, unsigned *outputlen); | const char **output, unsigned *outputlen); | |||
| skipping to change at line 442 | skipping to change at line 444 | |||
| char *plugname; | char *plugname; | |||
| const sasl_client_plug_t *plug; | const sasl_client_plug_t *plug; | |||
| } client_sasl_mechanism_t; | } client_sasl_mechanism_t; | |||
| typedef void sasl_client_info_callback_t (client_sasl_mechanism_t *m, | typedef void sasl_client_info_callback_t (client_sasl_mechanism_t *m, | |||
| sasl_info_callback_stage_t stage, | sasl_info_callback_stage_t stage, | |||
| void *rock); | void *rock); | |||
| /* Dump information about available client plugins */ | /* Dump information about available client plugins */ | |||
| LIBSASL_API int sasl_client_plugin_info (char *mech_list, | LIBSASL_API int sasl_client_plugin_info (const char *mech_list, | |||
| sasl_client_info_callback_t *info_cb, | sasl_client_info_callback_t *info_cb, | |||
| void *info_cb_rock); | void *info_cb_rock); | |||
| /******************** | /******************** | |||
| * Server Functions * | * Server Functions * | |||
| ********************/ | ********************/ | |||
| /* log message formatting routine */ | /* log message formatting routine */ | |||
| typedef void sasl_logmsg_p(sasl_conn_t *conn, const char *fmt, ...); | typedef void sasl_logmsg_p(sasl_conn_t *conn, const char *fmt, ...); | |||
| skipping to change at line 780 | skipping to change at line 782 | |||
| set to SASL_CONTINUE if delayed plugin loading */ | set to SASL_CONTINUE if delayed plugin loading */ | |||
| char *plugname; /* for AUTHSOURCE tracking */ | char *plugname; /* for AUTHSOURCE tracking */ | |||
| const sasl_server_plug_t *plug; | const sasl_server_plug_t *plug; | |||
| char *f; /* where should i load the mechanism from? */ | char *f; /* where should i load the mechanism from? */ | |||
| } server_sasl_mechanism_t; | } server_sasl_mechanism_t; | |||
| typedef void sasl_server_info_callback_t (server_sasl_mechanism_t *m, | typedef void sasl_server_info_callback_t (server_sasl_mechanism_t *m, | |||
| sasl_info_callback_stage_t stage, | sasl_info_callback_stage_t stage, | |||
| void *rock); | void *rock); | |||
| /* Dump information about available server plugins (separate functions shou | /* Dump information about available server plugins (separate functions are | |||
| ld be | used for canon and auxprop plugins) */ | |||
| used for canon and auxprop plugins */ | LIBSASL_API int sasl_server_plugin_info (const char *mech_list, | |||
| LIBSASL_API int sasl_server_plugin_info (char *mech_list, | ||||
| sasl_server_info_callback_t *info_cb, | sasl_server_info_callback_t *info_cb, | |||
| void *info_cb_rock); | void *info_cb_rock); | |||
| /********************************************************* | /********************************************************* | |||
| * user canonicalization plug-in -- added cjn 1999-09-29 * | * user canonicalization plug-in -- added cjn 1999-09-29 * | |||
| *********************************************************/ | *********************************************************/ | |||
| typedef struct sasl_canonuser { | typedef struct sasl_canonuser { | |||
| /* optional features of plugin (set to 0) */ | /* optional features of plugin (set to 0) */ | |||
| int features; | int features; | |||
| skipping to change at line 928 | skipping to change at line 930 | |||
| int max_version, | int max_version, | |||
| int *out_version, | int *out_version, | |||
| sasl_auxprop_plug_t **plug, | sasl_auxprop_plug_t **plug, | |||
| const char *plugname); | const char *plugname); | |||
| /* add an auxiliary property plug-in | /* add an auxiliary property plug-in | |||
| */ | */ | |||
| LIBSASL_API int sasl_auxprop_add_plugin(const char *plugname, | LIBSASL_API int sasl_auxprop_add_plugin(const char *plugname, | |||
| sasl_auxprop_init_t *auxpropfunc); | sasl_auxprop_init_t *auxpropfunc); | |||
| typedef void auxprop_info_callback_t (sasl_auxprop_plug_t *m, | ||||
| sasl_info_callback_stage_t stage, | ||||
| void *rock); | ||||
| /* Dump information about available auxprop plugins (separate functions are | ||||
| used for canon and server authentication plugins) */ | ||||
| LIBSASL_API int auxprop_plugin_info (const char *mech_list, | ||||
| auxprop_info_callback_t *info_cb, | ||||
| void *info_cb_rock); | ||||
| #ifdef __cplusplus | #ifdef __cplusplus | |||
| } | } | |||
| #endif | #endif | |||
| #endif /* SASLPLUG_H */ | #endif /* SASLPLUG_H */ | |||
| End of changes. 4 change blocks. | ||||
| 6 lines changed or deleted | 17 lines changed or added | |||