1 | /* gsasl.h --- Header file for GNU SASL Library. |
2 | * Copyright (C) 2002-2012 Simon Josefsson |
3 | * |
4 | * This file is part of GNU SASL Library. |
5 | * |
6 | * GNU SASL Library is free software; you can redistribute it and/or |
7 | * modify it under the terms of the GNU Lesser General Public License |
8 | * as published by the Free Software Foundation; either version 2.1 of |
9 | * the License, or (at your option) any later version. |
10 | * |
11 | * GNU SASL Library is distributed in the hope that it will be useful, |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
14 | * Lesser General Public License for more details. |
15 | * |
16 | * You should have received a copy of the GNU Lesser General Public |
17 | * License License along with GNU SASL Library; if not, write to the |
18 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, |
19 | * Boston, MA 02110-1301, USA. |
20 | * |
21 | */ |
22 | |
23 | #ifndef GSASL_H |
24 | #define GSASL_H |
25 | |
26 | #include <stdio.h> /* FILE */ |
27 | #include <stddef.h> /* size_t */ |
28 | #include <unistd.h> /* ssize_t */ |
29 | |
30 | #ifndef GSASL_API |
31 | #if defined GSASL_BUILDING && defined HAVE_VISIBILITY && HAVE_VISIBILITY |
32 | #define GSASL_API __attribute__((__visibility__("default"))) |
33 | #elif defined GSASL_BUILDING && defined _MSC_VER && ! defined GSASL_STATIC |
34 | #define GSASL_API __declspec(dllexport) |
35 | #elif defined _MSC_VER && ! defined GSASL_STATIC |
36 | #define GSASL_API __declspec(dllimport) |
37 | #else |
38 | #define GSASL_API |
39 | #endif |
40 | #endif |
41 | |
42 | #ifdef __cplusplus |
43 | extern "C" |
44 | { |
45 | #endif |
46 | |
47 | /** |
48 | * GSASL_VERSION |
49 | * |
50 | * Pre-processor symbol with a string that describe the header file |
51 | * version number. Used together with gsasl_check_version() to |
52 | * verify header file and run-time library consistency. |
53 | */ |
54 | #define GSASL_VERSION "1.8.0" |
55 | |
56 | /** |
57 | * GSASL_VERSION_MAJOR |
58 | * |
59 | * Pre-processor symbol with a decimal value that describe the major |
60 | * level of the header file version number. For example, when the |
61 | * header version is 1.2.3 this symbol will be 1. |
62 | * |
63 | * Since: 1.1 |
64 | */ |
65 | #define GSASL_VERSION_MAJOR 1 |
66 | |
67 | /** |
68 | * GSASL_VERSION_MINOR |
69 | * |
70 | * Pre-processor symbol with a decimal value that describe the minor |
71 | * level of the header file version number. For example, when the |
72 | * header version is 1.2.3 this symbol will be 2. |
73 | * |
74 | * Since: 1.1 |
75 | */ |
76 | #define GSASL_VERSION_MINOR 8 |
77 | |
78 | /** |
79 | * GSASL_VERSION_PATCH |
80 | * |
81 | * Pre-processor symbol with a decimal value that describe the patch |
82 | * level of the header file version number. For example, when the |
83 | * header version is 1.2.3 this symbol will be 3. |
84 | * |
85 | * Since: 1.1 |
86 | */ |
87 | #define GSASL_VERSION_PATCH 0 |
88 | |
89 | /** |
90 | * GSASL_VERSION_NUMBER |
91 | * |
92 | * Pre-processor symbol with a hexadecimal value describing the |
93 | * header file version number. For example, when the header version |
94 | * is 1.2.3 this symbol will have the value 0x010203. |
95 | * |
96 | * Since: 1.1 |
97 | */ |
98 | #define GSASL_VERSION_NUMBER 0x010800 |
99 | |
100 | /* RFC 2222: SASL mechanisms are named by strings, from 1 to 20 |
101 | * characters in length, consisting of upper-case letters, digits, |
102 | * hyphens, and/or underscores. SASL mechanism names must be |
103 | * registered with the IANA. |
104 | */ |
105 | enum |
106 | { |
107 | GSASL_MIN_MECHANISM_SIZE = 1, |
108 | GSASL_MAX_MECHANISM_SIZE = 20 |
109 | }; |
110 | extern GSASL_API const char *GSASL_VALID_MECHANISM_CHARACTERS; |
111 | |
112 | /** |
113 | * Gsasl_rc: |
114 | * @GSASL_OK: Successful return code, guaranteed to be always 0. |
115 | * @GSASL_NEEDS_MORE: Mechanism expects another round-trip. |
116 | * @GSASL_UNKNOWN_MECHANISM: Application requested an unknown mechanism. |
117 | * @GSASL_MECHANISM_CALLED_TOO_MANY_TIMES: Application requested too |
118 | * many round trips from mechanism. |
119 | * @GSASL_MALLOC_ERROR: Memory allocation failed. |
120 | * @GSASL_BASE64_ERROR: Base64 encoding/decoding failed. |
121 | * @GSASL_CRYPTO_ERROR: Cryptographic error. |
122 | * @GSASL_SASLPREP_ERROR: Failed to prepare internationalized string. |
123 | * @GSASL_MECHANISM_PARSE_ERROR: Mechanism could not parse input. |
124 | * @GSASL_AUTHENTICATION_ERROR: Authentication has failed. |
125 | * @GSASL_INTEGRITY_ERROR: Application data integrity check failed. |
126 | * @GSASL_NO_CLIENT_CODE: Library was built with client functionality. |
127 | * @GSASL_NO_SERVER_CODE: Library was built with server functionality. |
128 | * @GSASL_NO_CALLBACK: Application did not provide a callback. |
129 | * @GSASL_NO_ANONYMOUS_TOKEN: Could not get required anonymous token. |
130 | * @GSASL_NO_AUTHID: Could not get required authentication |
131 | * identity (username). |
132 | * @GSASL_NO_AUTHZID: Could not get required authorization identity. |
133 | * @GSASL_NO_PASSWORD: Could not get required password. |
134 | * @GSASL_NO_PASSCODE: Could not get required SecurID PIN. |
135 | * @GSASL_NO_PIN: Could not get required SecurID PIN. |
136 | * @GSASL_NO_SERVICE: Could not get required service name. |
137 | * @GSASL_NO_HOSTNAME: Could not get required hostname. |
138 | * @GSASL_NO_CB_TLS_UNIQUE: Could not get required tls-unique CB. |
139 | * @GSASL_NO_SAML20_IDP_IDENTIFIER: Could not get required SAML IdP. |
140 | * @GSASL_NO_SAML20_REDIRECT_URL: Could not get required SAML |
141 | * redirect URL. |
142 | * @GSASL_NO_OPENID20_REDIRECT_URL: Could not get required OpenID |
143 | * redirect URL. |
144 | * @GSASL_GSSAPI_RELEASE_BUFFER_ERROR: GSS-API library call error. |
145 | * @GSASL_GSSAPI_IMPORT_NAME_ERROR: GSS-API library call error. |
146 | * @GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR: GSS-API library call error. |
147 | * @GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR: GSS-API library call error. |
148 | * @GSASL_GSSAPI_UNWRAP_ERROR: GSS-API library call error. |
149 | * @GSASL_GSSAPI_WRAP_ERROR: GSS-API library call error. |
150 | * @GSASL_GSSAPI_ACQUIRE_CRED_ERROR: GSS-API library call error. |
151 | * @GSASL_GSSAPI_DISPLAY_NAME_ERROR: GSS-API library call error. |
152 | * @GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR: An unsupported |
153 | * quality-of-protection layer was requeted. |
154 | * @GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR: GSS-API library call error. |
155 | * @GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR: GSS-API library call error. |
156 | * @GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR: GSS-API library call error. |
157 | * @GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR: GSS-API library call error. |
158 | * @GSASL_GSSAPI_RELEASE_OID_SET_ERROR: GSS-API library call error. |
159 | * @GSASL_KERBEROS_V5_INIT_ERROR: Init error in KERBEROS_V5. |
160 | * @GSASL_KERBEROS_V5_INTERNAL_ERROR: General error in KERBEROS_V5. |
161 | * @GSASL_SHISHI_ERROR: Same as %GSASL_KERBEROS_V5_INTERNAL_ERROR. |
162 | * @GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE: SecurID mechanism |
163 | * needs an additional passcode. |
164 | * @GSASL_SECURID_SERVER_NEED_NEW_PIN: SecurID mechanism |
165 | * needs an new PIN. |
166 | * |
167 | * Error codes for library functions. |
168 | */ |
169 | typedef enum |
170 | { |
171 | GSASL_OK = 0, |
172 | GSASL_NEEDS_MORE = 1, |
173 | GSASL_UNKNOWN_MECHANISM = 2, |
174 | GSASL_MECHANISM_CALLED_TOO_MANY_TIMES = 3, |
175 | GSASL_MALLOC_ERROR = 7, |
176 | GSASL_BASE64_ERROR = 8, |
177 | GSASL_CRYPTO_ERROR = 9, |
178 | GSASL_SASLPREP_ERROR = 29, |
179 | GSASL_MECHANISM_PARSE_ERROR = 30, |
180 | GSASL_AUTHENTICATION_ERROR = 31, |
181 | GSASL_INTEGRITY_ERROR = 33, |
182 | GSASL_NO_CLIENT_CODE = 35, |
183 | GSASL_NO_SERVER_CODE = 36, |
184 | GSASL_NO_CALLBACK = 51, |
185 | GSASL_NO_ANONYMOUS_TOKEN = 52, |
186 | GSASL_NO_AUTHID = 53, |
187 | GSASL_NO_AUTHZID = 54, |
188 | GSASL_NO_PASSWORD = 55, |
189 | GSASL_NO_PASSCODE = 56, |
190 | GSASL_NO_PIN = 57, |
191 | GSASL_NO_SERVICE = 58, |
192 | GSASL_NO_HOSTNAME = 59, |
193 | GSASL_NO_CB_TLS_UNIQUE = 65, |
194 | GSASL_NO_SAML20_IDP_IDENTIFIER = 66, |
195 | GSASL_NO_SAML20_REDIRECT_URL = 67, |
196 | GSASL_NO_OPENID20_REDIRECT_URL = 68, |
197 | /* Mechanism specific errors. */ |
198 | GSASL_GSSAPI_RELEASE_BUFFER_ERROR = 37, |
199 | GSASL_GSSAPI_IMPORT_NAME_ERROR = 38, |
200 | GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR = 39, |
201 | GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR = 40, |
202 | GSASL_GSSAPI_UNWRAP_ERROR = 41, |
203 | GSASL_GSSAPI_WRAP_ERROR = 42, |
204 | GSASL_GSSAPI_ACQUIRE_CRED_ERROR = 43, |
205 | GSASL_GSSAPI_DISPLAY_NAME_ERROR = 44, |
206 | GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR = 45, |
207 | GSASL_KERBEROS_V5_INIT_ERROR = 46, |
208 | GSASL_KERBEROS_V5_INTERNAL_ERROR = 47, |
209 | GSASL_SHISHI_ERROR = GSASL_KERBEROS_V5_INTERNAL_ERROR, |
210 | GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE = 48, |
211 | GSASL_SECURID_SERVER_NEED_NEW_PIN = 49, |
212 | GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR = 60, |
213 | GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR = 61, |
214 | GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR = 62, |
215 | GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR = 63, |
216 | GSASL_GSSAPI_RELEASE_OID_SET_ERROR = 64 |
217 | /* When adding new values, note that integers are not necessarily |
218 | assigned monotonously increasingly. */ |
219 | } Gsasl_rc; |
220 | |
221 | /** |
222 | * Gsasl_qop: |
223 | * @GSASL_QOP_AUTH: Authentication only. |
224 | * @GSASL_QOP_AUTH_INT: Authentication and integrity. |
225 | * @GSASL_QOP_AUTH_CONF: Authentication, integrity and confidentiality. |
226 | * |
227 | * Quality of Protection types (DIGEST-MD5 and GSSAPI). The |
228 | * integrity and confidentiality values is about application data |
229 | * wrapping. We recommend that you use @GSASL_QOP_AUTH with TLS as |
230 | * that combination is generally more secure and have better chance |
231 | * of working than the integrity/confidentiality layers of SASL. |
232 | */ |
233 | typedef enum |
234 | { |
235 | GSASL_QOP_AUTH = 1, |
236 | GSASL_QOP_AUTH_INT = 2, |
237 | GSASL_QOP_AUTH_CONF = 4 |
238 | } Gsasl_qop; |
239 | |
240 | /** |
241 | * Gsasl_cipher: |
242 | * @GSASL_CIPHER_DES: Cipher DES. |
243 | * @GSASL_CIPHER_3DES: Cipher 3DES. |
244 | * @GSASL_CIPHER_RC4: Cipher RC4. |
245 | * @GSASL_CIPHER_RC4_40: Cipher RC4 with 40-bit keys. |
246 | * @GSASL_CIPHER_RC4_56: Cipher RC4 with 56-bit keys. |
247 | * @GSASL_CIPHER_AES: Cipher AES. |
248 | * |
249 | * Encryption types (DIGEST-MD5) for confidentiality services of |
250 | * application data. We recommend that you use TLS instead as it is |
251 | * generally more secure and have better chance of working. |
252 | */ |
253 | typedef enum |
254 | { |
255 | GSASL_CIPHER_DES = 1, |
256 | GSASL_CIPHER_3DES = 2, |
257 | GSASL_CIPHER_RC4 = 4, |
258 | GSASL_CIPHER_RC4_40 = 8, |
259 | GSASL_CIPHER_RC4_56 = 16, |
260 | GSASL_CIPHER_AES = 32 |
261 | } Gsasl_cipher; |
262 | |
263 | /** |
264 | * Gsasl_saslprep_flags: |
265 | * @GSASL_ALLOW_UNASSIGNED: Allow unassigned code points. |
266 | * |
267 | * Flags for the SASLprep function, see gsasl_saslprep(). For |
268 | * background, see the GNU Libidn documentation. |
269 | */ |
270 | typedef enum |
271 | { |
272 | GSASL_ALLOW_UNASSIGNED = 1 |
273 | } Gsasl_saslprep_flags; |
274 | |
275 | /** |
276 | * Gsasl: |
277 | * |
278 | * Handle to global library context. |
279 | */ |
280 | typedef struct Gsasl Gsasl; |
281 | |
282 | /** |
283 | * Gsasl_session: |
284 | * |
285 | * Handle to SASL session context. |
286 | */ |
287 | typedef struct Gsasl_session Gsasl_session; |
288 | |
289 | /** |
290 | * Gsasl_property: |
291 | * @GSASL_AUTHID: Authentication identity (username). |
292 | * @GSASL_AUTHZID: Authorization identity. |
293 | * @GSASL_PASSWORD: Password. |
294 | * @GSASL_ANONYMOUS_TOKEN: Anonymous identifier. |
295 | * @GSASL_SERVICE: Service name |
296 | * @GSASL_HOSTNAME: Host name. |
297 | * @GSASL_GSSAPI_DISPLAY_NAME: GSS-API credential principal name. |
298 | * @GSASL_PASSCODE: SecurID passcode. |
299 | * @GSASL_SUGGESTED_PIN: SecurID suggested PIN. |
300 | * @GSASL_PIN: SecurID PIN. |
301 | * @GSASL_REALM: User realm. |
302 | * @GSASL_DIGEST_MD5_HASHED_PASSWORD: Pre-computed hashed DIGEST-MD5 |
303 | * password, to avoid storing passwords in the clear. |
304 | * @GSASL_QOPS: Set of quality-of-protection values. |
305 | * @GSASL_QOP: Quality-of-protection value. |
306 | * @GSASL_SCRAM_ITER: Number of iterations in password-to-key hashing. |
307 | * @GSASL_SCRAM_SALT: Salt for password-to-key hashing. |
308 | * @GSASL_SCRAM_SALTED_PASSWORD: Pre-computed salted SCRAM key, |
309 | * to avoid re-computation and storing passwords in the clear. |
310 | * @GSASL_CB_TLS_UNIQUE: Base64 encoded tls-unique channel binding. |
311 | * @GSASL_SAML20_IDP_IDENTIFIER: SAML20 user IdP URL. |
312 | * @GSASL_SAML20_REDIRECT_URL: SAML 2.0 URL to access in browser. |
313 | * @GSASL_OPENID20_REDIRECT_URL: OpenID 2.0 URL to access in browser. |
314 | * @GSASL_OPENID20_OUTCOME_DATA: OpenID 2.0 authentication outcome data. |
315 | * @GSASL_SAML20_AUTHENTICATE_IN_BROWSER: Request to perform SAML 2.0 |
316 | * authentication in browser. |
317 | * @GSASL_OPENID20_AUTHENTICATE_IN_BROWSER: Request to perform OpenID 2.0 |
318 | * authentication in browser. |
319 | * @GSASL_VALIDATE_SIMPLE: Request for simple validation. |
320 | * @GSASL_VALIDATE_EXTERNAL: Request for validation of EXTERNAL. |
321 | * @GSASL_VALIDATE_ANONYMOUS: Request for validation of ANONYMOUS. |
322 | * @GSASL_VALIDATE_GSSAPI: Request for validation of GSSAPI/GS2. |
323 | * @GSASL_VALIDATE_SECURID: Reqest for validation of SecurID. |
324 | * @GSASL_VALIDATE_SAML20: Reqest for validation of SAML20. |
325 | * @GSASL_VALIDATE_OPENID20: Reqest for validation of OpenID 2.0 login. |
326 | * |
327 | * Callback/property types. |
328 | */ |
329 | typedef enum |
330 | { |
331 | /* Information properties, e.g., username. */ |
332 | GSASL_AUTHID = 1, |
333 | GSASL_AUTHZID = 2, |
334 | GSASL_PASSWORD = 3, |
335 | GSASL_ANONYMOUS_TOKEN = 4, |
336 | GSASL_SERVICE = 5, |
337 | GSASL_HOSTNAME = 6, |
338 | GSASL_GSSAPI_DISPLAY_NAME = 7, |
339 | GSASL_PASSCODE = 8, |
340 | GSASL_SUGGESTED_PIN = 9, |
341 | GSASL_PIN = 10, |
342 | GSASL_REALM = 11, |
343 | GSASL_DIGEST_MD5_HASHED_PASSWORD = 12, |
344 | GSASL_QOPS = 13, |
345 | GSASL_QOP = 14, |
346 | GSASL_SCRAM_ITER = 15, |
347 | GSASL_SCRAM_SALT = 16, |
348 | GSASL_SCRAM_SALTED_PASSWORD = 17, |
349 | GSASL_CB_TLS_UNIQUE = 18, |
350 | GSASL_SAML20_IDP_IDENTIFIER = 19, |
351 | GSASL_SAML20_REDIRECT_URL = 20, |
352 | GSASL_OPENID20_REDIRECT_URL = 21, |
353 | GSASL_OPENID20_OUTCOME_DATA = 22, |
354 | /* Client callbacks. */ |
355 | GSASL_SAML20_AUTHENTICATE_IN_BROWSER = 250, |
356 | GSASL_OPENID20_AUTHENTICATE_IN_BROWSER = 251, |
357 | /* Server validation callback properties. */ |
358 | GSASL_VALIDATE_SIMPLE = 500, |
359 | GSASL_VALIDATE_EXTERNAL = 501, |
360 | GSASL_VALIDATE_ANONYMOUS = 502, |
361 | GSASL_VALIDATE_GSSAPI = 503, |
362 | GSASL_VALIDATE_SECURID = 504, |
363 | GSASL_VALIDATE_SAML20 = 505, |
364 | GSASL_VALIDATE_OPENID20 = 506 |
365 | } Gsasl_property; |
366 | |
367 | /** |
368 | * Gsasl_callback_function: |
369 | * @ctx: libgsasl handle. |
370 | * @sctx: session handle, may be NULL. |
371 | * @prop: enumerated value of Gsasl_property type. |
372 | * |
373 | * Prototype of function that the application should implement. Use |
374 | * gsasl_callback_set() to inform the library about your callback |
375 | * function. |
376 | * |
377 | * It is called by the SASL library when it need some information |
378 | * from the application. Depending on the value of @prop, it should |
379 | * either set some property (e.g., username or password) using |
380 | * gsasl_property_set(), or it should extract some properties (e.g., |
381 | * authentication and authorization identities) using |
382 | * gsasl_property_fast() and use them to make a policy decision, |
383 | * perhaps returning GSASL_AUTHENTICATION_ERROR or GSASL_OK |
384 | * depending on whether the policy permitted the operation. |
385 | * |
386 | * Return value: Any valid return code, the interpretation of which |
387 | * depend on the @prop value. |
388 | * |
389 | * Since: 0.2.0 |
390 | **/ |
391 | typedef int (*Gsasl_callback_function) (Gsasl * ctx, Gsasl_session * sctx, |
392 | Gsasl_property prop); |
393 | |
394 | /* Library entry and exit points: version.c, init.c, done.c */ |
395 | extern GSASL_API int gsasl_init (Gsasl ** ctx); |
396 | extern GSASL_API void gsasl_done (Gsasl * ctx); |
397 | extern GSASL_API const char *gsasl_check_version (const char *req_version); |
398 | |
399 | /* Callback handling: callback.c */ |
400 | extern GSASL_API void gsasl_callback_set (Gsasl * ctx, |
401 | Gsasl_callback_function cb); |
402 | extern GSASL_API int gsasl_callback (Gsasl * ctx, Gsasl_session * sctx, |
403 | Gsasl_property prop); |
404 | |
405 | extern GSASL_API void gsasl_callback_hook_set (Gsasl * ctx, void *hook); |
406 | extern GSASL_API void *gsasl_callback_hook_get (Gsasl * ctx); |
407 | |
408 | extern GSASL_API void gsasl_session_hook_set (Gsasl_session * sctx, |
409 | void *hook); |
410 | extern GSASL_API void *gsasl_session_hook_get (Gsasl_session * sctx); |
411 | |
412 | /* Property handling: property.c */ |
413 | extern GSASL_API void gsasl_property_set (Gsasl_session * sctx, |
414 | Gsasl_property prop, |
415 | const char *data); |
416 | extern GSASL_API void gsasl_property_set_raw (Gsasl_session * sctx, |
417 | Gsasl_property prop, |
418 | const char *data, size_t len); |
419 | extern GSASL_API const char *gsasl_property_get (Gsasl_session * sctx, |
420 | Gsasl_property prop); |
421 | extern GSASL_API const char *gsasl_property_fast (Gsasl_session * sctx, |
422 | Gsasl_property prop); |
423 | |
424 | /* Mechanism handling: listmech.c, supportp.c, suggest.c */ |
425 | extern GSASL_API int gsasl_client_mechlist (Gsasl * ctx, char **out); |
426 | extern GSASL_API int gsasl_client_support_p (Gsasl * ctx, const char *name); |
427 | extern GSASL_API const char *gsasl_client_suggest_mechanism (Gsasl * ctx, |
428 | const char |
429 | *mechlist); |
430 | |
431 | extern GSASL_API int gsasl_server_mechlist (Gsasl * ctx, char **out); |
432 | extern GSASL_API int gsasl_server_support_p (Gsasl * ctx, const char *name); |
433 | |
434 | /* Authentication functions: xstart.c, xstep.c, xfinish.c */ |
435 | extern GSASL_API int gsasl_client_start (Gsasl * ctx, const char *mech, |
436 | Gsasl_session ** sctx); |
437 | extern GSASL_API int gsasl_server_start (Gsasl * ctx, const char *mech, |
438 | Gsasl_session ** sctx); |
439 | extern GSASL_API int gsasl_step (Gsasl_session * sctx, |
440 | const char *input, size_t input_len, |
441 | char **output, size_t * output_len); |
442 | extern GSASL_API int gsasl_step64 (Gsasl_session * sctx, |
443 | const char *b64input, char **b64output); |
444 | extern GSASL_API void gsasl_finish (Gsasl_session * sctx); |
445 | |
446 | /* Session functions: xcode.c, mechname.c */ |
447 | extern GSASL_API int gsasl_encode (Gsasl_session * sctx, |
448 | const char *input, size_t input_len, |
449 | char **output, size_t * output_len); |
450 | extern GSASL_API int gsasl_decode (Gsasl_session * sctx, |
451 | const char *input, size_t input_len, |
452 | char **output, size_t * output_len); |
453 | extern GSASL_API const char *gsasl_mechanism_name (Gsasl_session * sctx); |
454 | |
455 | /* Error handling: error.c */ |
456 | extern GSASL_API const char *gsasl_strerror (int err); |
457 | extern GSASL_API const char *gsasl_strerror_name (int err); |
458 | |
459 | /* Internationalized string processing: stringprep.c */ |
460 | extern GSASL_API int gsasl_saslprep (const char *in, |
461 | Gsasl_saslprep_flags flags, char **out, |
462 | int *stringpreprc); |
463 | |
464 | /* Utilities: base64.c, md5pwd.c, crypto.c */ |
465 | extern GSASL_API int gsasl_simple_getpass (const char *filename, |
466 | const char *username, |
467 | char **key); |
468 | extern GSASL_API int gsasl_base64_to (const char *in, size_t inlen, |
469 | char **out, size_t * outlen); |
470 | extern GSASL_API int gsasl_base64_from (const char *in, size_t inlen, |
471 | char **out, size_t * outlen); |
472 | extern GSASL_API int gsasl_nonce (char *data, size_t datalen); |
473 | extern GSASL_API int gsasl_random (char *data, size_t datalen); |
474 | extern GSASL_API int gsasl_md5 (const char *in, size_t inlen, |
475 | char *out[16]); |
476 | extern GSASL_API int gsasl_hmac_md5 (const char *key, size_t keylen, |
477 | const char *in, size_t inlen, |
478 | char *outhash[16]); |
479 | extern GSASL_API int gsasl_sha1 (const char *in, size_t inlen, |
480 | char *out[20]); |
481 | extern GSASL_API int gsasl_hmac_sha1 (const char *key, size_t keylen, |
482 | const char *in, size_t inlen, |
483 | char *outhash[20]); |
484 | extern GSASL_API void gsasl_free (void *ptr); |
485 | |
486 | /* Get the mechanism API. */ |
487 | #include <gsasl-mech.h> |
488 | |
489 | #ifndef GSASL_NO_OBSOLETE |
490 | /* For compatibility with earlier versions. */ |
491 | #include <gsasl-compat.h> |
492 | #endif |
493 | |
494 | #ifdef __cplusplus |
495 | } |
496 | #endif |
497 | |
498 | #endif /* GSASL_H */ |
499 | |