| 1 | /* gsasl.h --- Header file for GNU SASL Library. |
|---|---|
| 2 | * Copyright (C) 2002-2012 Simon Josefsson |
| 3 | * |
| 4 | * This file is part of GNU SASL Library. |
| 5 | * |
| 6 | * GNU SASL Library is free software; you can redistribute it and/or |
| 7 | * modify it under the terms of the GNU Lesser General Public License |
| 8 | * as published by the Free Software Foundation; either version 2.1 of |
| 9 | * the License, or (at your option) any later version. |
| 10 | * |
| 11 | * GNU SASL Library is distributed in the hope that it will be useful, |
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 14 | * Lesser General Public License for more details. |
| 15 | * |
| 16 | * You should have received a copy of the GNU Lesser General Public |
| 17 | * License License along with GNU SASL Library; if not, write to the |
| 18 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, |
| 19 | * Boston, MA 02110-1301, USA. |
| 20 | * |
| 21 | */ |
| 22 | |
| 23 | #ifndef GSASL_H |
| 24 | #define GSASL_H |
| 25 | |
| 26 | #include <stdio.h> /* FILE */ |
| 27 | #include <stddef.h> /* size_t */ |
| 28 | #include <unistd.h> /* ssize_t */ |
| 29 | |
| 30 | #ifndef GSASL_API |
| 31 | #if defined GSASL_BUILDING && defined HAVE_VISIBILITY && HAVE_VISIBILITY |
| 32 | #define GSASL_API __attribute__((__visibility__("default"))) |
| 33 | #elif defined GSASL_BUILDING && defined _MSC_VER && ! defined GSASL_STATIC |
| 34 | #define GSASL_API __declspec(dllexport) |
| 35 | #elif defined _MSC_VER && ! defined GSASL_STATIC |
| 36 | #define GSASL_API __declspec(dllimport) |
| 37 | #else |
| 38 | #define GSASL_API |
| 39 | #endif |
| 40 | #endif |
| 41 | |
| 42 | #ifdef __cplusplus |
| 43 | extern "C" |
| 44 | { |
| 45 | #endif |
| 46 | |
| 47 | /** |
| 48 | * GSASL_VERSION |
| 49 | * |
| 50 | * Pre-processor symbol with a string that describe the header file |
| 51 | * version number. Used together with gsasl_check_version() to |
| 52 | * verify header file and run-time library consistency. |
| 53 | */ |
| 54 | #define GSASL_VERSION "1.8.0" |
| 55 | |
| 56 | /** |
| 57 | * GSASL_VERSION_MAJOR |
| 58 | * |
| 59 | * Pre-processor symbol with a decimal value that describe the major |
| 60 | * level of the header file version number. For example, when the |
| 61 | * header version is 1.2.3 this symbol will be 1. |
| 62 | * |
| 63 | * Since: 1.1 |
| 64 | */ |
| 65 | #define GSASL_VERSION_MAJOR 1 |
| 66 | |
| 67 | /** |
| 68 | * GSASL_VERSION_MINOR |
| 69 | * |
| 70 | * Pre-processor symbol with a decimal value that describe the minor |
| 71 | * level of the header file version number. For example, when the |
| 72 | * header version is 1.2.3 this symbol will be 2. |
| 73 | * |
| 74 | * Since: 1.1 |
| 75 | */ |
| 76 | #define GSASL_VERSION_MINOR 8 |
| 77 | |
| 78 | /** |
| 79 | * GSASL_VERSION_PATCH |
| 80 | * |
| 81 | * Pre-processor symbol with a decimal value that describe the patch |
| 82 | * level of the header file version number. For example, when the |
| 83 | * header version is 1.2.3 this symbol will be 3. |
| 84 | * |
| 85 | * Since: 1.1 |
| 86 | */ |
| 87 | #define GSASL_VERSION_PATCH 0 |
| 88 | |
| 89 | /** |
| 90 | * GSASL_VERSION_NUMBER |
| 91 | * |
| 92 | * Pre-processor symbol with a hexadecimal value describing the |
| 93 | * header file version number. For example, when the header version |
| 94 | * is 1.2.3 this symbol will have the value 0x010203. |
| 95 | * |
| 96 | * Since: 1.1 |
| 97 | */ |
| 98 | #define GSASL_VERSION_NUMBER 0x010800 |
| 99 | |
| 100 | /* RFC 2222: SASL mechanisms are named by strings, from 1 to 20 |
| 101 | * characters in length, consisting of upper-case letters, digits, |
| 102 | * hyphens, and/or underscores. SASL mechanism names must be |
| 103 | * registered with the IANA. |
| 104 | */ |
| 105 | enum |
| 106 | { |
| 107 | GSASL_MIN_MECHANISM_SIZE = 1, |
| 108 | GSASL_MAX_MECHANISM_SIZE = 20 |
| 109 | }; |
| 110 | extern GSASL_API const char *GSASL_VALID_MECHANISM_CHARACTERS; |
| 111 | |
| 112 | /** |
| 113 | * Gsasl_rc: |
| 114 | * @GSASL_OK: Successful return code, guaranteed to be always 0. |
| 115 | * @GSASL_NEEDS_MORE: Mechanism expects another round-trip. |
| 116 | * @GSASL_UNKNOWN_MECHANISM: Application requested an unknown mechanism. |
| 117 | * @GSASL_MECHANISM_CALLED_TOO_MANY_TIMES: Application requested too |
| 118 | * many round trips from mechanism. |
| 119 | * @GSASL_MALLOC_ERROR: Memory allocation failed. |
| 120 | * @GSASL_BASE64_ERROR: Base64 encoding/decoding failed. |
| 121 | * @GSASL_CRYPTO_ERROR: Cryptographic error. |
| 122 | * @GSASL_SASLPREP_ERROR: Failed to prepare internationalized string. |
| 123 | * @GSASL_MECHANISM_PARSE_ERROR: Mechanism could not parse input. |
| 124 | * @GSASL_AUTHENTICATION_ERROR: Authentication has failed. |
| 125 | * @GSASL_INTEGRITY_ERROR: Application data integrity check failed. |
| 126 | * @GSASL_NO_CLIENT_CODE: Library was built with client functionality. |
| 127 | * @GSASL_NO_SERVER_CODE: Library was built with server functionality. |
| 128 | * @GSASL_NO_CALLBACK: Application did not provide a callback. |
| 129 | * @GSASL_NO_ANONYMOUS_TOKEN: Could not get required anonymous token. |
| 130 | * @GSASL_NO_AUTHID: Could not get required authentication |
| 131 | * identity (username). |
| 132 | * @GSASL_NO_AUTHZID: Could not get required authorization identity. |
| 133 | * @GSASL_NO_PASSWORD: Could not get required password. |
| 134 | * @GSASL_NO_PASSCODE: Could not get required SecurID PIN. |
| 135 | * @GSASL_NO_PIN: Could not get required SecurID PIN. |
| 136 | * @GSASL_NO_SERVICE: Could not get required service name. |
| 137 | * @GSASL_NO_HOSTNAME: Could not get required hostname. |
| 138 | * @GSASL_NO_CB_TLS_UNIQUE: Could not get required tls-unique CB. |
| 139 | * @GSASL_NO_SAML20_IDP_IDENTIFIER: Could not get required SAML IdP. |
| 140 | * @GSASL_NO_SAML20_REDIRECT_URL: Could not get required SAML |
| 141 | * redirect URL. |
| 142 | * @GSASL_NO_OPENID20_REDIRECT_URL: Could not get required OpenID |
| 143 | * redirect URL. |
| 144 | * @GSASL_GSSAPI_RELEASE_BUFFER_ERROR: GSS-API library call error. |
| 145 | * @GSASL_GSSAPI_IMPORT_NAME_ERROR: GSS-API library call error. |
| 146 | * @GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR: GSS-API library call error. |
| 147 | * @GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR: GSS-API library call error. |
| 148 | * @GSASL_GSSAPI_UNWRAP_ERROR: GSS-API library call error. |
| 149 | * @GSASL_GSSAPI_WRAP_ERROR: GSS-API library call error. |
| 150 | * @GSASL_GSSAPI_ACQUIRE_CRED_ERROR: GSS-API library call error. |
| 151 | * @GSASL_GSSAPI_DISPLAY_NAME_ERROR: GSS-API library call error. |
| 152 | * @GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR: An unsupported |
| 153 | * quality-of-protection layer was requeted. |
| 154 | * @GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR: GSS-API library call error. |
| 155 | * @GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR: GSS-API library call error. |
| 156 | * @GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR: GSS-API library call error. |
| 157 | * @GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR: GSS-API library call error. |
| 158 | * @GSASL_GSSAPI_RELEASE_OID_SET_ERROR: GSS-API library call error. |
| 159 | * @GSASL_KERBEROS_V5_INIT_ERROR: Init error in KERBEROS_V5. |
| 160 | * @GSASL_KERBEROS_V5_INTERNAL_ERROR: General error in KERBEROS_V5. |
| 161 | * @GSASL_SHISHI_ERROR: Same as %GSASL_KERBEROS_V5_INTERNAL_ERROR. |
| 162 | * @GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE: SecurID mechanism |
| 163 | * needs an additional passcode. |
| 164 | * @GSASL_SECURID_SERVER_NEED_NEW_PIN: SecurID mechanism |
| 165 | * needs an new PIN. |
| 166 | * |
| 167 | * Error codes for library functions. |
| 168 | */ |
| 169 | typedef enum |
| 170 | { |
| 171 | GSASL_OK = 0, |
| 172 | GSASL_NEEDS_MORE = 1, |
| 173 | GSASL_UNKNOWN_MECHANISM = 2, |
| 174 | GSASL_MECHANISM_CALLED_TOO_MANY_TIMES = 3, |
| 175 | GSASL_MALLOC_ERROR = 7, |
| 176 | GSASL_BASE64_ERROR = 8, |
| 177 | GSASL_CRYPTO_ERROR = 9, |
| 178 | GSASL_SASLPREP_ERROR = 29, |
| 179 | GSASL_MECHANISM_PARSE_ERROR = 30, |
| 180 | GSASL_AUTHENTICATION_ERROR = 31, |
| 181 | GSASL_INTEGRITY_ERROR = 33, |
| 182 | GSASL_NO_CLIENT_CODE = 35, |
| 183 | GSASL_NO_SERVER_CODE = 36, |
| 184 | GSASL_NO_CALLBACK = 51, |
| 185 | GSASL_NO_ANONYMOUS_TOKEN = 52, |
| 186 | GSASL_NO_AUTHID = 53, |
| 187 | GSASL_NO_AUTHZID = 54, |
| 188 | GSASL_NO_PASSWORD = 55, |
| 189 | GSASL_NO_PASSCODE = 56, |
| 190 | GSASL_NO_PIN = 57, |
| 191 | GSASL_NO_SERVICE = 58, |
| 192 | GSASL_NO_HOSTNAME = 59, |
| 193 | GSASL_NO_CB_TLS_UNIQUE = 65, |
| 194 | GSASL_NO_SAML20_IDP_IDENTIFIER = 66, |
| 195 | GSASL_NO_SAML20_REDIRECT_URL = 67, |
| 196 | GSASL_NO_OPENID20_REDIRECT_URL = 68, |
| 197 | /* Mechanism specific errors. */ |
| 198 | GSASL_GSSAPI_RELEASE_BUFFER_ERROR = 37, |
| 199 | GSASL_GSSAPI_IMPORT_NAME_ERROR = 38, |
| 200 | GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR = 39, |
| 201 | GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR = 40, |
| 202 | GSASL_GSSAPI_UNWRAP_ERROR = 41, |
| 203 | GSASL_GSSAPI_WRAP_ERROR = 42, |
| 204 | GSASL_GSSAPI_ACQUIRE_CRED_ERROR = 43, |
| 205 | GSASL_GSSAPI_DISPLAY_NAME_ERROR = 44, |
| 206 | GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR = 45, |
| 207 | GSASL_KERBEROS_V5_INIT_ERROR = 46, |
| 208 | GSASL_KERBEROS_V5_INTERNAL_ERROR = 47, |
| 209 | GSASL_SHISHI_ERROR = GSASL_KERBEROS_V5_INTERNAL_ERROR, |
| 210 | GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE = 48, |
| 211 | GSASL_SECURID_SERVER_NEED_NEW_PIN = 49, |
| 212 | GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR = 60, |
| 213 | GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR = 61, |
| 214 | GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR = 62, |
| 215 | GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR = 63, |
| 216 | GSASL_GSSAPI_RELEASE_OID_SET_ERROR = 64 |
| 217 | /* When adding new values, note that integers are not necessarily |
| 218 | assigned monotonously increasingly. */ |
| 219 | } Gsasl_rc; |
| 220 | |
| 221 | /** |
| 222 | * Gsasl_qop: |
| 223 | * @GSASL_QOP_AUTH: Authentication only. |
| 224 | * @GSASL_QOP_AUTH_INT: Authentication and integrity. |
| 225 | * @GSASL_QOP_AUTH_CONF: Authentication, integrity and confidentiality. |
| 226 | * |
| 227 | * Quality of Protection types (DIGEST-MD5 and GSSAPI). The |
| 228 | * integrity and confidentiality values is about application data |
| 229 | * wrapping. We recommend that you use @GSASL_QOP_AUTH with TLS as |
| 230 | * that combination is generally more secure and have better chance |
| 231 | * of working than the integrity/confidentiality layers of SASL. |
| 232 | */ |
| 233 | typedef enum |
| 234 | { |
| 235 | GSASL_QOP_AUTH = 1, |
| 236 | GSASL_QOP_AUTH_INT = 2, |
| 237 | GSASL_QOP_AUTH_CONF = 4 |
| 238 | } Gsasl_qop; |
| 239 | |
| 240 | /** |
| 241 | * Gsasl_cipher: |
| 242 | * @GSASL_CIPHER_DES: Cipher DES. |
| 243 | * @GSASL_CIPHER_3DES: Cipher 3DES. |
| 244 | * @GSASL_CIPHER_RC4: Cipher RC4. |
| 245 | * @GSASL_CIPHER_RC4_40: Cipher RC4 with 40-bit keys. |
| 246 | * @GSASL_CIPHER_RC4_56: Cipher RC4 with 56-bit keys. |
| 247 | * @GSASL_CIPHER_AES: Cipher AES. |
| 248 | * |
| 249 | * Encryption types (DIGEST-MD5) for confidentiality services of |
| 250 | * application data. We recommend that you use TLS instead as it is |
| 251 | * generally more secure and have better chance of working. |
| 252 | */ |
| 253 | typedef enum |
| 254 | { |
| 255 | GSASL_CIPHER_DES = 1, |
| 256 | GSASL_CIPHER_3DES = 2, |
| 257 | GSASL_CIPHER_RC4 = 4, |
| 258 | GSASL_CIPHER_RC4_40 = 8, |
| 259 | GSASL_CIPHER_RC4_56 = 16, |
| 260 | GSASL_CIPHER_AES = 32 |
| 261 | } Gsasl_cipher; |
| 262 | |
| 263 | /** |
| 264 | * Gsasl_saslprep_flags: |
| 265 | * @GSASL_ALLOW_UNASSIGNED: Allow unassigned code points. |
| 266 | * |
| 267 | * Flags for the SASLprep function, see gsasl_saslprep(). For |
| 268 | * background, see the GNU Libidn documentation. |
| 269 | */ |
| 270 | typedef enum |
| 271 | { |
| 272 | GSASL_ALLOW_UNASSIGNED = 1 |
| 273 | } Gsasl_saslprep_flags; |
| 274 | |
| 275 | /** |
| 276 | * Gsasl: |
| 277 | * |
| 278 | * Handle to global library context. |
| 279 | */ |
| 280 | typedef struct Gsasl Gsasl; |
| 281 | |
| 282 | /** |
| 283 | * Gsasl_session: |
| 284 | * |
| 285 | * Handle to SASL session context. |
| 286 | */ |
| 287 | typedef struct Gsasl_session Gsasl_session; |
| 288 | |
| 289 | /** |
| 290 | * Gsasl_property: |
| 291 | * @GSASL_AUTHID: Authentication identity (username). |
| 292 | * @GSASL_AUTHZID: Authorization identity. |
| 293 | * @GSASL_PASSWORD: Password. |
| 294 | * @GSASL_ANONYMOUS_TOKEN: Anonymous identifier. |
| 295 | * @GSASL_SERVICE: Service name |
| 296 | * @GSASL_HOSTNAME: Host name. |
| 297 | * @GSASL_GSSAPI_DISPLAY_NAME: GSS-API credential principal name. |
| 298 | * @GSASL_PASSCODE: SecurID passcode. |
| 299 | * @GSASL_SUGGESTED_PIN: SecurID suggested PIN. |
| 300 | * @GSASL_PIN: SecurID PIN. |
| 301 | * @GSASL_REALM: User realm. |
| 302 | * @GSASL_DIGEST_MD5_HASHED_PASSWORD: Pre-computed hashed DIGEST-MD5 |
| 303 | * password, to avoid storing passwords in the clear. |
| 304 | * @GSASL_QOPS: Set of quality-of-protection values. |
| 305 | * @GSASL_QOP: Quality-of-protection value. |
| 306 | * @GSASL_SCRAM_ITER: Number of iterations in password-to-key hashing. |
| 307 | * @GSASL_SCRAM_SALT: Salt for password-to-key hashing. |
| 308 | * @GSASL_SCRAM_SALTED_PASSWORD: Pre-computed salted SCRAM key, |
| 309 | * to avoid re-computation and storing passwords in the clear. |
| 310 | * @GSASL_CB_TLS_UNIQUE: Base64 encoded tls-unique channel binding. |
| 311 | * @GSASL_SAML20_IDP_IDENTIFIER: SAML20 user IdP URL. |
| 312 | * @GSASL_SAML20_REDIRECT_URL: SAML 2.0 URL to access in browser. |
| 313 | * @GSASL_OPENID20_REDIRECT_URL: OpenID 2.0 URL to access in browser. |
| 314 | * @GSASL_OPENID20_OUTCOME_DATA: OpenID 2.0 authentication outcome data. |
| 315 | * @GSASL_SAML20_AUTHENTICATE_IN_BROWSER: Request to perform SAML 2.0 |
| 316 | * authentication in browser. |
| 317 | * @GSASL_OPENID20_AUTHENTICATE_IN_BROWSER: Request to perform OpenID 2.0 |
| 318 | * authentication in browser. |
| 319 | * @GSASL_VALIDATE_SIMPLE: Request for simple validation. |
| 320 | * @GSASL_VALIDATE_EXTERNAL: Request for validation of EXTERNAL. |
| 321 | * @GSASL_VALIDATE_ANONYMOUS: Request for validation of ANONYMOUS. |
| 322 | * @GSASL_VALIDATE_GSSAPI: Request for validation of GSSAPI/GS2. |
| 323 | * @GSASL_VALIDATE_SECURID: Reqest for validation of SecurID. |
| 324 | * @GSASL_VALIDATE_SAML20: Reqest for validation of SAML20. |
| 325 | * @GSASL_VALIDATE_OPENID20: Reqest for validation of OpenID 2.0 login. |
| 326 | * |
| 327 | * Callback/property types. |
| 328 | */ |
| 329 | typedef enum |
| 330 | { |
| 331 | /* Information properties, e.g., username. */ |
| 332 | GSASL_AUTHID = 1, |
| 333 | GSASL_AUTHZID = 2, |
| 334 | GSASL_PASSWORD = 3, |
| 335 | GSASL_ANONYMOUS_TOKEN = 4, |
| 336 | GSASL_SERVICE = 5, |
| 337 | GSASL_HOSTNAME = 6, |
| 338 | GSASL_GSSAPI_DISPLAY_NAME = 7, |
| 339 | GSASL_PASSCODE = 8, |
| 340 | GSASL_SUGGESTED_PIN = 9, |
| 341 | GSASL_PIN = 10, |
| 342 | GSASL_REALM = 11, |
| 343 | GSASL_DIGEST_MD5_HASHED_PASSWORD = 12, |
| 344 | GSASL_QOPS = 13, |
| 345 | GSASL_QOP = 14, |
| 346 | GSASL_SCRAM_ITER = 15, |
| 347 | GSASL_SCRAM_SALT = 16, |
| 348 | GSASL_SCRAM_SALTED_PASSWORD = 17, |
| 349 | GSASL_CB_TLS_UNIQUE = 18, |
| 350 | GSASL_SAML20_IDP_IDENTIFIER = 19, |
| 351 | GSASL_SAML20_REDIRECT_URL = 20, |
| 352 | GSASL_OPENID20_REDIRECT_URL = 21, |
| 353 | GSASL_OPENID20_OUTCOME_DATA = 22, |
| 354 | /* Client callbacks. */ |
| 355 | GSASL_SAML20_AUTHENTICATE_IN_BROWSER = 250, |
| 356 | GSASL_OPENID20_AUTHENTICATE_IN_BROWSER = 251, |
| 357 | /* Server validation callback properties. */ |
| 358 | GSASL_VALIDATE_SIMPLE = 500, |
| 359 | GSASL_VALIDATE_EXTERNAL = 501, |
| 360 | GSASL_VALIDATE_ANONYMOUS = 502, |
| 361 | GSASL_VALIDATE_GSSAPI = 503, |
| 362 | GSASL_VALIDATE_SECURID = 504, |
| 363 | GSASL_VALIDATE_SAML20 = 505, |
| 364 | GSASL_VALIDATE_OPENID20 = 506 |
| 365 | } Gsasl_property; |
| 366 | |
| 367 | /** |
| 368 | * Gsasl_callback_function: |
| 369 | * @ctx: libgsasl handle. |
| 370 | * @sctx: session handle, may be NULL. |
| 371 | * @prop: enumerated value of Gsasl_property type. |
| 372 | * |
| 373 | * Prototype of function that the application should implement. Use |
| 374 | * gsasl_callback_set() to inform the library about your callback |
| 375 | * function. |
| 376 | * |
| 377 | * It is called by the SASL library when it need some information |
| 378 | * from the application. Depending on the value of @prop, it should |
| 379 | * either set some property (e.g., username or password) using |
| 380 | * gsasl_property_set(), or it should extract some properties (e.g., |
| 381 | * authentication and authorization identities) using |
| 382 | * gsasl_property_fast() and use them to make a policy decision, |
| 383 | * perhaps returning GSASL_AUTHENTICATION_ERROR or GSASL_OK |
| 384 | * depending on whether the policy permitted the operation. |
| 385 | * |
| 386 | * Return value: Any valid return code, the interpretation of which |
| 387 | * depend on the @prop value. |
| 388 | * |
| 389 | * Since: 0.2.0 |
| 390 | **/ |
| 391 | typedef int (*Gsasl_callback_function) (Gsasl * ctx, Gsasl_session * sctx, |
| 392 | Gsasl_property prop); |
| 393 | |
| 394 | /* Library entry and exit points: version.c, init.c, done.c */ |
| 395 | extern GSASL_API int gsasl_init (Gsasl ** ctx); |
| 396 | extern GSASL_API void gsasl_done (Gsasl * ctx); |
| 397 | extern GSASL_API const char *gsasl_check_version (const char *req_version); |
| 398 | |
| 399 | /* Callback handling: callback.c */ |
| 400 | extern GSASL_API void gsasl_callback_set (Gsasl * ctx, |
| 401 | Gsasl_callback_function cb); |
| 402 | extern GSASL_API int gsasl_callback (Gsasl * ctx, Gsasl_session * sctx, |
| 403 | Gsasl_property prop); |
| 404 | |
| 405 | extern GSASL_API void gsasl_callback_hook_set (Gsasl * ctx, void *hook); |
| 406 | extern GSASL_API void *gsasl_callback_hook_get (Gsasl * ctx); |
| 407 | |
| 408 | extern GSASL_API void gsasl_session_hook_set (Gsasl_session * sctx, |
| 409 | void *hook); |
| 410 | extern GSASL_API void *gsasl_session_hook_get (Gsasl_session * sctx); |
| 411 | |
| 412 | /* Property handling: property.c */ |
| 413 | extern GSASL_API void gsasl_property_set (Gsasl_session * sctx, |
| 414 | Gsasl_property prop, |
| 415 | const char *data); |
| 416 | extern GSASL_API void gsasl_property_set_raw (Gsasl_session * sctx, |
| 417 | Gsasl_property prop, |
| 418 | const char *data, size_t len); |
| 419 | extern GSASL_API const char *gsasl_property_get (Gsasl_session * sctx, |
| 420 | Gsasl_property prop); |
| 421 | extern GSASL_API const char *gsasl_property_fast (Gsasl_session * sctx, |
| 422 | Gsasl_property prop); |
| 423 | |
| 424 | /* Mechanism handling: listmech.c, supportp.c, suggest.c */ |
| 425 | extern GSASL_API int gsasl_client_mechlist (Gsasl * ctx, char **out); |
| 426 | extern GSASL_API int gsasl_client_support_p (Gsasl * ctx, const char *name); |
| 427 | extern GSASL_API const char *gsasl_client_suggest_mechanism (Gsasl * ctx, |
| 428 | const char |
| 429 | *mechlist); |
| 430 | |
| 431 | extern GSASL_API int gsasl_server_mechlist (Gsasl * ctx, char **out); |
| 432 | extern GSASL_API int gsasl_server_support_p (Gsasl * ctx, const char *name); |
| 433 | |
| 434 | /* Authentication functions: xstart.c, xstep.c, xfinish.c */ |
| 435 | extern GSASL_API int gsasl_client_start (Gsasl * ctx, const char *mech, |
| 436 | Gsasl_session ** sctx); |
| 437 | extern GSASL_API int gsasl_server_start (Gsasl * ctx, const char *mech, |
| 438 | Gsasl_session ** sctx); |
| 439 | extern GSASL_API int gsasl_step (Gsasl_session * sctx, |
| 440 | const char *input, size_t input_len, |
| 441 | char **output, size_t * output_len); |
| 442 | extern GSASL_API int gsasl_step64 (Gsasl_session * sctx, |
| 443 | const char *b64input, char **b64output); |
| 444 | extern GSASL_API void gsasl_finish (Gsasl_session * sctx); |
| 445 | |
| 446 | /* Session functions: xcode.c, mechname.c */ |
| 447 | extern GSASL_API int gsasl_encode (Gsasl_session * sctx, |
| 448 | const char *input, size_t input_len, |
| 449 | char **output, size_t * output_len); |
| 450 | extern GSASL_API int gsasl_decode (Gsasl_session * sctx, |
| 451 | const char *input, size_t input_len, |
| 452 | char **output, size_t * output_len); |
| 453 | extern GSASL_API const char *gsasl_mechanism_name (Gsasl_session * sctx); |
| 454 | |
| 455 | /* Error handling: error.c */ |
| 456 | extern GSASL_API const char *gsasl_strerror (int err); |
| 457 | extern GSASL_API const char *gsasl_strerror_name (int err); |
| 458 | |
| 459 | /* Internationalized string processing: stringprep.c */ |
| 460 | extern GSASL_API int gsasl_saslprep (const char *in, |
| 461 | Gsasl_saslprep_flags flags, char **out, |
| 462 | int *stringpreprc); |
| 463 | |
| 464 | /* Utilities: base64.c, md5pwd.c, crypto.c */ |
| 465 | extern GSASL_API int gsasl_simple_getpass (const char *filename, |
| 466 | const char *username, |
| 467 | char **key); |
| 468 | extern GSASL_API int gsasl_base64_to (const char *in, size_t inlen, |
| 469 | char **out, size_t * outlen); |
| 470 | extern GSASL_API int gsasl_base64_from (const char *in, size_t inlen, |
| 471 | char **out, size_t * outlen); |
| 472 | extern GSASL_API int gsasl_nonce (char *data, size_t datalen); |
| 473 | extern GSASL_API int gsasl_random (char *data, size_t datalen); |
| 474 | extern GSASL_API int gsasl_md5 (const char *in, size_t inlen, |
| 475 | char *out[16]); |
| 476 | extern GSASL_API int gsasl_hmac_md5 (const char *key, size_t keylen, |
| 477 | const char *in, size_t inlen, |
| 478 | char *outhash[16]); |
| 479 | extern GSASL_API int gsasl_sha1 (const char *in, size_t inlen, |
| 480 | char *out[20]); |
| 481 | extern GSASL_API int gsasl_hmac_sha1 (const char *key, size_t keylen, |
| 482 | const char *in, size_t inlen, |
| 483 | char *outhash[20]); |
| 484 | extern GSASL_API void gsasl_free (void *ptr); |
| 485 | |
| 486 | /* Get the mechanism API. */ |
| 487 | #include <gsasl-mech.h> |
| 488 | |
| 489 | #ifndef GSASL_NO_OBSOLETE |
| 490 | /* For compatibility with earlier versions. */ |
| 491 | #include <gsasl-compat.h> |
| 492 | #endif |
| 493 | |
| 494 | #ifdef __cplusplus |
| 495 | } |
| 496 | #endif |
| 497 | |
| 498 | #endif /* GSASL_H */ |
| 499 |
Generated while processing ClickHouse/contrib/libgsasl/anonymous/client.c
Generated on 2020-Jan-04 from project ClickHouse revision 19.17.6
Powered by 
Code Browser 2.1
Generator usage only permitted with license.