gsasl.h   gsasl.h 
skipping to change at line 54 skipping to change at line 54
{ {
# endif # endif
/** /**
* GSASL_VERSION * GSASL_VERSION
* *
* Pre-processor symbol with a string that describe the header file * Pre-processor symbol with a string that describe the header file
* version number. Used together with gsasl_check_version() to * version number. Used together with gsasl_check_version() to
* verify header file and run-time library consistency. * verify header file and run-time library consistency.
*/ */
# define GSASL_VERSION "1.4.4" # define GSASL_VERSION "1.6.0"
/** /**
* GSASL_VERSION_MAJOR * GSASL_VERSION_MAJOR
* *
* Pre-processor symbol with a decimal value that describe the major * Pre-processor symbol with a decimal value that describe the major
* level of the header file version number. For example, when the * level of the header file version number. For example, when the
* header version is 1.2.3 this symbol will be 1. * header version is 1.2.3 this symbol will be 1.
* *
* Since: 1.1 * Since: 1.1
*/ */
skipping to change at line 76 skipping to change at line 76
/** /**
* GSASL_VERSION_MINOR * GSASL_VERSION_MINOR
* *
* Pre-processor symbol with a decimal value that describe the minor * Pre-processor symbol with a decimal value that describe the minor
* level of the header file version number. For example, when the * level of the header file version number. For example, when the
* header version is 1.2.3 this symbol will be 2. * header version is 1.2.3 this symbol will be 2.
* *
* Since: 1.1 * Since: 1.1
*/ */
# define GSASL_VERSION_MINOR 4 # define GSASL_VERSION_MINOR 6
/** /**
* GSASL_VERSION_PATCH * GSASL_VERSION_PATCH
* *
* Pre-processor symbol with a decimal value that describe the patch * Pre-processor symbol with a decimal value that describe the patch
* level of the header file version number. For example, when the * level of the header file version number. For example, when the
* header version is 1.2.3 this symbol will be 3. * header version is 1.2.3 this symbol will be 3.
* *
* Since: 1.1 * Since: 1.1
*/ */
# define GSASL_VERSION_PATCH 4 # define GSASL_VERSION_PATCH 0
/** /**
* GSASL_VERSION_NUMBER * GSASL_VERSION_NUMBER
* *
* Pre-processor symbol with a hexadecimal value describing the * Pre-processor symbol with a hexadecimal value describing the
* header file version number. For example, when the header version * header file version number. For example, when the header version
* is 1.2.3 this symbol will have the value 0x010203. * is 1.2.3 this symbol will have the value 0x010203.
* *
* Since: 1.1 * Since: 1.1
*/ */
# define GSASL_VERSION_NUMBER 0x010404 # define GSASL_VERSION_NUMBER 0x010600
/* RFC 2222: SASL mechanisms are named by strings, from 1 to 20 /* RFC 2222: SASL mechanisms are named by strings, from 1 to 20
* characters in length, consisting of upper-case letters, digits, * characters in length, consisting of upper-case letters, digits,
* hyphens, and/or underscores. SASL mechanism names must be * hyphens, and/or underscores. SASL mechanism names must be
* registered with the IANA. * registered with the IANA.
*/ */
enum enum
{ {
GSASL_MIN_MECHANISM_SIZE = 1, GSASL_MIN_MECHANISM_SIZE = 1,
GSASL_MAX_MECHANISM_SIZE = 20 GSASL_MAX_MECHANISM_SIZE = 20
}; };
extern GSASL_API const char *GSASL_VALID_MECHANISM_CHARACTERS; extern GSASL_API const char *GSASL_VALID_MECHANISM_CHARACTERS;
/* Error codes */ /**
* Gsasl_rc:
* @GSASL_OK: Successful return code, guaranteed to be always 0.
* @GSASL_NEEDS_MORE: Mechanism expects another round-trip.
* @GSASL_UNKNOWN_MECHANISM: Application requested an unknown mechanism.
* @GSASL_MECHANISM_CALLED_TOO_MANY_TIMES: Application requested too
* many round trips from mechanism.
* @GSASL_MALLOC_ERROR: Memory allocation failed.
* @GSASL_BASE64_ERROR: Base64 encoding/decoding failed.
* @GSASL_CRYPTO_ERROR: Cryptographic error.
* @GSASL_SASLPREP_ERROR: Failed to prepare internationalized string.
* @GSASL_MECHANISM_PARSE_ERROR: Mechanism could not parse input.
* @GSASL_AUTHENTICATION_ERROR: Authentication has failed.
* @GSASL_INTEGRITY_ERROR: Application data integrity check failed.
* @GSASL_NO_CLIENT_CODE: Library was built with client functionality.
* @GSASL_NO_SERVER_CODE: Library was built with server functionality.
* @GSASL_NO_CALLBACK: Application did not provide a callback.
* @GSASL_NO_ANONYMOUS_TOKEN: Could not get required anonymous token.
* @GSASL_NO_AUTHID: Could not get required authentication
* identity (username).
* @GSASL_NO_AUTHZID: Could not get required authorization identity.
* @GSASL_NO_PASSWORD: Could not get required password.
* @GSASL_NO_PASSCODE: Could not get required SecurID PIN.
* @GSASL_NO_PIN: Could not get required SecurID PIN.
* @GSASL_NO_SERVICE: Could not get required service name.
* @GSASL_NO_HOSTNAME: Could not get required hostname.
* @GSASL_NO_CB_TLS_UNIQUE: Could not get required tls-unique CB.
* @GSASL_GSSAPI_RELEASE_BUFFER_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_IMPORT_NAME_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_UNWRAP_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_WRAP_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_ACQUIRE_CRED_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_DISPLAY_NAME_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR: An unsupported
* quality-of-protection layer was requeted.
* @GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR: GSS-API library call er
ror.
* @GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR: GSS-API library call error.
* @GSASL_GSSAPI_RELEASE_OID_SET_ERROR: GSS-API library call error.
* @GSASL_KERBEROS_V5_INIT_ERROR: Init error in KERBEROS_V5.
* @GSASL_KERBEROS_V5_INTERNAL_ERROR: General error in KERBEROS_V5.
* @GSASL_SHISHI_ERROR: Same as %GSASL_KERBEROS_V5_INTERNAL_ERROR.
* @GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE: SecurID mechanism
* needs an additional passcode.
* @GSASL_SECURID_SERVER_NEED_NEW_PIN: SecurID mechanism
* needs an new PIN.
*
* Error codes for library functions.
*/
typedef enum typedef enum
{ {
GSASL_OK = 0, GSASL_OK = 0,
GSASL_NEEDS_MORE = 1, GSASL_NEEDS_MORE = 1,
GSASL_UNKNOWN_MECHANISM = 2, GSASL_UNKNOWN_MECHANISM = 2,
GSASL_MECHANISM_CALLED_TOO_MANY_TIMES = 3, GSASL_MECHANISM_CALLED_TOO_MANY_TIMES = 3,
GSASL_MALLOC_ERROR = 7, GSASL_MALLOC_ERROR = 7,
GSASL_BASE64_ERROR = 8, GSASL_BASE64_ERROR = 8,
GSASL_CRYPTO_ERROR = 9, GSASL_CRYPTO_ERROR = 9,
GSASL_SASLPREP_ERROR = 29, GSASL_SASLPREP_ERROR = 29,
skipping to change at line 137 skipping to change at line 188
GSASL_NO_SERVER_CODE = 36, GSASL_NO_SERVER_CODE = 36,
GSASL_NO_CALLBACK = 51, GSASL_NO_CALLBACK = 51,
GSASL_NO_ANONYMOUS_TOKEN = 52, GSASL_NO_ANONYMOUS_TOKEN = 52,
GSASL_NO_AUTHID = 53, GSASL_NO_AUTHID = 53,
GSASL_NO_AUTHZID = 54, GSASL_NO_AUTHZID = 54,
GSASL_NO_PASSWORD = 55, GSASL_NO_PASSWORD = 55,
GSASL_NO_PASSCODE = 56, GSASL_NO_PASSCODE = 56,
GSASL_NO_PIN = 57, GSASL_NO_PIN = 57,
GSASL_NO_SERVICE = 58, GSASL_NO_SERVICE = 58,
GSASL_NO_HOSTNAME = 59, GSASL_NO_HOSTNAME = 59,
GSASL_NO_CB_TLS_UNIQUE = 65,
/* Mechanism specific errors. */ /* Mechanism specific errors. */
GSASL_GSSAPI_RELEASE_BUFFER_ERROR = 37, GSASL_GSSAPI_RELEASE_BUFFER_ERROR = 37,
GSASL_GSSAPI_IMPORT_NAME_ERROR = 38, GSASL_GSSAPI_IMPORT_NAME_ERROR = 38,
GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR = 39, GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR = 39,
GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR = 40, GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR = 40,
GSASL_GSSAPI_UNWRAP_ERROR = 41, GSASL_GSSAPI_UNWRAP_ERROR = 41,
GSASL_GSSAPI_WRAP_ERROR = 42, GSASL_GSSAPI_WRAP_ERROR = 42,
GSASL_GSSAPI_ACQUIRE_CRED_ERROR = 43, GSASL_GSSAPI_ACQUIRE_CRED_ERROR = 43,
GSASL_GSSAPI_DISPLAY_NAME_ERROR = 44, GSASL_GSSAPI_DISPLAY_NAME_ERROR = 44,
GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR = 45, GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR = 45,
GSASL_KERBEROS_V5_INIT_ERROR = 46, GSASL_KERBEROS_V5_INIT_ERROR = 46,
GSASL_KERBEROS_V5_INTERNAL_ERROR = 47, GSASL_KERBEROS_V5_INTERNAL_ERROR = 47,
GSASL_SHISHI_ERROR = GSASL_KERBEROS_V5_INTERNAL_ERROR, GSASL_SHISHI_ERROR = GSASL_KERBEROS_V5_INTERNAL_ERROR,
GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE = 48, GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE = 48,
GSASL_SECURID_SERVER_NEED_NEW_PIN = 49 GSASL_SECURID_SERVER_NEED_NEW_PIN = 49,
GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR = 60,
GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR = 61,
GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR = 62,
GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR = 63,
GSASL_GSSAPI_RELEASE_OID_SET_ERROR = 64
/* When adding new values, note that integers are not necessarily
assigned monotonously increasingly. */
} Gsasl_rc; } Gsasl_rc;
/* Quality of Protection types, used by DIGEST-MD5 */ /**
* Gsasl_qop:
* @GSASL_QOP_AUTH: Authentication only.
* @GSASL_QOP_AUTH_INT: Authentication and integrity.
* @GSASL_QOP_AUTH_CONF: Authentication, integrity and confidentiality.
*
* Quality of Protection types (DIGEST-MD5 and GSSAPI). The
* integrity and confidentiality values is about application data
* wrapping. We recommend that you use @GSASL_QOP_AUTH with TLS as
* that combination is generally more secure and have better chance
* of working than the integrity/confidentiality layers of SASL.
*/
typedef enum typedef enum
{ {
GSASL_QOP_AUTH = 1, GSASL_QOP_AUTH = 1,
GSASL_QOP_AUTH_INT = 2, GSASL_QOP_AUTH_INT = 2,
GSASL_QOP_AUTH_CONF = 4 GSASL_QOP_AUTH_CONF = 4
} Gsasl_qop; } Gsasl_qop;
/* Cipher types, used by DIGEST-MD5 */ /**
* Gsasl_cipher:
* @GSASL_CIPHER_DES: Cipher DES.
* @GSASL_CIPHER_3DES: Cipher 3DES.
* @GSASL_CIPHER_RC4: Cipher RC4.
* @GSASL_CIPHER_RC4_40: Cipher RC4 with 40-bit keys.
* @GSASL_CIPHER_RC4_56: Cipher RC4 with 56-bit keys.
* @GSASL_CIPHER_AES: Cipher AES.
*
* Encryption types (DIGEST-MD5) for confidentiality services of
* application data. We recommend that you use TLS instead as it is
* generally more secure and have better chance of working.
*/
typedef enum typedef enum
{ {
GSASL_CIPHER_DES = 1, GSASL_CIPHER_DES = 1,
GSASL_CIPHER_3DES = 2, GSASL_CIPHER_3DES = 2,
GSASL_CIPHER_RC4 = 4, GSASL_CIPHER_RC4 = 4,
GSASL_CIPHER_RC4_40 = 8, GSASL_CIPHER_RC4_40 = 8,
GSASL_CIPHER_RC4_56 = 16, GSASL_CIPHER_RC4_56 = 16,
GSASL_CIPHER_AES = 32 GSASL_CIPHER_AES = 32
} Gsasl_cipher; } Gsasl_cipher;
/* SASLprep flags, see gsasl_saslprep(). */ /**
* Gsasl_saslprep_flags:
* @GSASL_ALLOW_UNASSIGNED: Allow unassigned code points.
*
* Flags for the SASLprep function, see gsasl_saslprep(). For
* background, see the GNU Libidn documentation.
*/
typedef enum typedef enum
{ {
GSASL_ALLOW_UNASSIGNED = 1 GSASL_ALLOW_UNASSIGNED = 1
} Gsasl_saslprep_flags; } Gsasl_saslprep_flags;
/* Library handles */ /**
* Gsasl:
*
* Handle to global library context.
*/
typedef struct Gsasl Gsasl; typedef struct Gsasl Gsasl;
/**
* Gsasl_session:
*
* Handle to SASL session context.
*/
typedef struct Gsasl_session Gsasl_session; typedef struct Gsasl_session Gsasl_session;
/* Callback/property types. */ /**
* Gsasl_property:
* @GSASL_AUTHID: Authentication identity (username).
* @GSASL_AUTHZID: Authorization identity.
* @GSASL_PASSWORD: Password.
* @GSASL_ANONYMOUS_TOKEN: Anonymous identifier.
* @GSASL_SERVICE: Service name
* @GSASL_HOSTNAME: Host name.
* @GSASL_GSSAPI_DISPLAY_NAME: GSS-API credential principal name.
* @GSASL_PASSCODE: SecurID passcode.
* @GSASL_SUGGESTED_PIN: SecurID suggested PIN.
* @GSASL_PIN: SecurID PIN.
* @GSASL_REALM: User realm.
* @GSASL_DIGEST_MD5_HASHED_PASSWORD: Pre-computed hashed DIGEST-MD5
* password, to avoid storing passwords in the clear.
* @GSASL_QOPS: Set of quality-of-protection values.
* @GSASL_QOP: Quality-of-protection value.
* @GSASL_SCRAM_ITER: Number of iterations in password-to-key hashing.
* @GSASL_SCRAM_SALT: Salt for password-to-key hashing.
* @GSASL_SCRAM_SALTED_PASSWORD: Pre-computed salted SCRAM key,
* to avoid re-computation and storing passwords in the clear.
* @GSASL_CB_TLS_UNIQUE: Base64 encoded tls-unique channel binding.
* @GSASL_VALIDATE_SIMPLE: Request for simple validation.
* @GSASL_VALIDATE_EXTERNAL: Request for validation of EXTERNAL.
* @GSASL_VALIDATE_ANONYMOUS: Request for validation of ANONYMOUS.
* @GSASL_VALIDATE_GSSAPI: Request for validation of GSSAPI/GS2.
* @GSASL_VALIDATE_SECURID: Reqest for validation of SecurID.
*
* Callback/property types.
*/
typedef enum typedef enum
{ {
/* Information properties, e.g., username. */ /* Information properties, e.g., username. */
GSASL_AUTHID = 1, GSASL_AUTHID = 1,
GSASL_AUTHZID = 2, GSASL_AUTHZID = 2,
GSASL_PASSWORD = 3, GSASL_PASSWORD = 3,
GSASL_ANONYMOUS_TOKEN = 4, GSASL_ANONYMOUS_TOKEN = 4,
GSASL_SERVICE = 5, GSASL_SERVICE = 5,
GSASL_HOSTNAME = 6, GSASL_HOSTNAME = 6,
GSASL_GSSAPI_DISPLAY_NAME = 7, GSASL_GSSAPI_DISPLAY_NAME = 7,
GSASL_PASSCODE = 8, GSASL_PASSCODE = 8,
GSASL_SUGGESTED_PIN = 9, GSASL_SUGGESTED_PIN = 9,
GSASL_PIN = 10, GSASL_PIN = 10,
GSASL_REALM = 11, GSASL_REALM = 11,
GSASL_DIGEST_MD5_HASHED_PASSWORD = 12, GSASL_DIGEST_MD5_HASHED_PASSWORD = 12,
GSASL_QOPS = 13, GSASL_QOPS = 13,
GSASL_QOP = 14, GSASL_QOP = 14,
GSASL_SCRAM_ITER = 15, GSASL_SCRAM_ITER = 15,
GSASL_SCRAM_SALT = 16, GSASL_SCRAM_SALT = 16,
GSASL_SCRAM_SALTED_PASSWORD = 17, GSASL_SCRAM_SALTED_PASSWORD = 17,
GSASL_CB_TLS_UNIQUE = 18,
/* Server validation callback properties. */ /* Server validation callback properties. */
GSASL_VALIDATE_SIMPLE = 500, GSASL_VALIDATE_SIMPLE = 500,
GSASL_VALIDATE_EXTERNAL = 501, GSASL_VALIDATE_EXTERNAL = 501,
GSASL_VALIDATE_ANONYMOUS = 502, GSASL_VALIDATE_ANONYMOUS = 502,
GSASL_VALIDATE_GSSAPI = 503, GSASL_VALIDATE_GSSAPI = 503,
GSASL_VALIDATE_SECURID = 504 GSASL_VALIDATE_SECURID = 504
} Gsasl_property; } Gsasl_property;
/** /**
* Gsasl_callback_function: * Gsasl_callback_function:
 End of changes. 14 change blocks. 
11 lines changed or deleted 140 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/