[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gsasl branch, master, updated. gsasl-1-4-1-87-gb8a426b
|
From: |
Simon Josefsson |
|
Subject: |
[SCM] GNU gsasl branch, master, updated. gsasl-1-4-1-87-gb8a426b |
|
Date: |
Tue, 30 Mar 2010 10:09:05 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gsasl".
http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=b8a426bb344f8717357c2793f0e6ee7f8a0dd102
The branch, master has been updated
via b8a426bb344f8717357c2793f0e6ee7f8a0dd102 (commit)
via 67485407fa16b459ea0fcd61f8f40b1501debbd5 (commit)
via ec4c9d3b53f2c1bac4b6ac327262d06252699f53 (commit)
from a7825de9b86a28f27d53046d08ec64be31b77b62 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b8a426bb344f8717357c2793f0e6ee7f8a0dd102
Author: Simon Josefsson <address@hidden>
Date: Tue Mar 30 11:51:40 2010 +0200
Doc fix.
commit 67485407fa16b459ea0fcd61f8f40b1501debbd5
Author: Simon Josefsson <address@hidden>
Date: Tue Mar 30 00:53:19 2010 +0200
Improve error message.
commit ec4c9d3b53f2c1bac4b6ac327262d06252699f53
Author: Simon Josefsson <address@hidden>
Date: Tue Mar 30 00:49:06 2010 +0200
Don't overwrite return value.
-----------------------------------------------------------------------
Summary of changes:
lib/gs2/client.c | 12 +++--
lib/src/gsasl.h | 131 +++++++++++++++++++++++++++++++++++++++++++++++++++---
src/imap.c | 5 +-
3 files changed, 134 insertions(+), 14 deletions(-)
diff --git a/lib/gs2/client.c b/lib/gs2/client.c
index b7b6498..0f88792 100644
--- a/lib/gs2/client.c
+++ b/lib/gs2/client.c
@@ -215,9 +215,11 @@ _gsasl_gs2_client_step (Gsasl_session * sctx,
if (state->step == 0)
{
- maj_stat = gss_decapsulate_token (&bufdesc2, state->mech_oid,
- &bufdesc);
- if (GSS_ERROR (maj_stat))
+ OM_uint32 maj_stat2;
+
+ maj_stat2 = gss_decapsulate_token (&bufdesc2, state->mech_oid,
+ &bufdesc);
+ if (GSS_ERROR (maj_stat2))
return GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR;
*output_len = state->cb.application_data.length + bufdesc.length;
@@ -232,8 +234,8 @@ _gsasl_gs2_client_step (Gsasl_session * sctx,
memcpy (*output + state->cb.application_data.length,
bufdesc.value, bufdesc.length);
- maj_stat = gss_release_buffer (&min_stat, &bufdesc2);
- if (GSS_ERROR (maj_stat))
+ maj_stat2 = gss_release_buffer (&min_stat, &bufdesc2);
+ if (GSS_ERROR (maj_stat2))
return GSASL_GSSAPI_RELEASE_BUFFER_ERROR;
}
else
diff --git a/lib/src/gsasl.h b/lib/src/gsasl.h
index 65c0701..c3ef3fc 100644
--- a/lib/src/gsasl.h
+++ b/lib/src/gsasl.h
@@ -109,7 +109,57 @@ extern "C"
};
extern GSASL_API const char *GSASL_VALID_MECHANISM_CHARACTERS;
- /* Error codes */
+ /**
+ * Gsasl_rc:
+ * @GSASL_OK: Successful return code, guaranteed to be always 0.
+ * @GSASL_NEEDS_MORE: Mechanism expects another round-trip.
+ * @GSASL_UNKNOWN_MECHANISM: Application requested an unknown mechanism.
+ * @GSASL_MECHANISM_CALLED_TOO_MANY_TIMES: Application requested too
+ * many round trips from mechanism.
+ * @GSASL_MALLOC_ERROR: Memory allocation failed.
+ * @GSASL_BASE64_ERROR: Base64 encoding/decoding failed.
+ * @GSASL_CRYPTO_ERROR: Cryptographic error.
+ * @GSASL_SASLPREP_ERROR: Failed to prepare internationalized string.
+ * @GSASL_MECHANISM_PARSE_ERROR: Mechanism could not parse input.
+ * @GSASL_AUTHENTICATION_ERROR: Authentication has failed.
+ * @GSASL_INTEGRITY_ERROR: Application data integrity check failed.
+ * @GSASL_NO_CLIENT_CODE: Library was built with client functionality.
+ * @GSASL_NO_SERVER_CODE: Library was built with server functionality.
+ * @GSASL_NO_CALLBACK: Application did not provide a callback.
+ * @GSASL_NO_ANONYMOUS_TOKEN: Could not get required anonymous token.
+ * @GSASL_NO_AUTHID: Could not get required authentication
+ * identity (username).
+ * @GSASL_NO_AUTHZID: Could not get required authorization identity.
+ * @GSASL_NO_PASSWORD: Could not get required password.
+ * @GSASL_NO_PASSCODE: Could not get required SecurID PIN.
+ * @GSASL_NO_PIN: Could not get required SecurID PIN.
+ * @GSASL_NO_SERVICE: Could not get required service name.
+ * @GSASL_NO_HOSTNAME: Could not get required hostname.
+ * @GSASL_GSSAPI_RELEASE_BUFFER_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_IMPORT_NAME_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_INIT_SEC_CONTEXT_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_ACCEPT_SEC_CONTEXT_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_UNWRAP_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_WRAP_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_ACQUIRE_CRED_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_DISPLAY_NAME_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_UNSUPPORTED_PROTECTION_ERROR: An unsupported
+ * quality-of-protection layer was requeted.
+ * @GSASL_GSSAPI_ENCAPSULATE_TOKEN_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_DECAPSULATE_TOKEN_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR: GSS-API library call error.
+ * @GSASL_GSSAPI_RELEASE_OID_SET_ERROR: GSS-API library call error.
+ * @GSASL_KERBEROS_V5_INIT_ERROR: Init error in KERBEROS_V5.
+ * @GSASL_KERBEROS_V5_INTERNAL_ERROR: General error in KERBEROS_V5.
+ * @GSASL_SHISHI_ERROR: Same as %GSASL_KERBEROS_V5_INTERNAL_ERROR.
+ * @GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE: SecurID mechanism
+ * needs an additional passcode.
+ * @GSASL_SECURID_SERVER_NEED_NEW_PIN: SecurID mechanism
+ * needs an new PIN.
+ *
+ * Error codes for library functions.
+ */
typedef enum
{
GSASL_OK = 0,
@@ -154,9 +204,22 @@ extern "C"
GSASL_GSSAPI_INQUIRE_MECH_FOR_SASLNAME_ERROR = 62,
GSASL_GSSAPI_TEST_OID_SET_MEMBER_ERROR = 63,
GSASL_GSSAPI_RELEASE_OID_SET_ERROR = 64
+ /* When adding new values, note that integers are not necessarily
+ assigned monotonously increasingly. */
} Gsasl_rc;
- /* Quality of Protection types, used by DIGEST-MD5 */
+ /**
+ * Gsasl_qop:
+ * @GSASL_QOP_AUTH: Authentication only.
+ * @GSASL_QOP_AUTH_INT: Authentication and integrity.
+ * @GSASL_QOP_AUTH_CONF: Authentication, integrity and confidentiality.
+ *
+ * Quality of Protection types (DIGEST-MD5 and GSSAPI). The
+ * integrity and confidentiality values is about application data
+ * wrapping. We recommend that you use @GSASL_QOP_AUTH with TLS as
+ * that combination is generally more secure and have better chance
+ * of working than the integrity/confidentiality layers of SASL.
+ */
typedef enum
{
GSASL_QOP_AUTH = 1,
@@ -164,7 +227,19 @@ extern "C"
GSASL_QOP_AUTH_CONF = 4
} Gsasl_qop;
- /* Cipher types, used by DIGEST-MD5 */
+ /**
+ * Gsasl_cipher:
+ * @GSASL_CIPHER_DES: Cipher DES.
+ * @GSASL_CIPHER_3DES: Cipher 3DES.
+ * @GSASL_CIPHER_RC4: Cipher RC4.
+ * @GSASL_CIPHER_RC4_40: Cipher RC4 with 40-bit keys.
+ * @GSASL_CIPHER_RC4_56: Cipher RC4 with 56-bit keys.
+ * @GSASL_CIPHER_AES: Cipher AES.
+ *
+ * Encryption types (DIGEST-MD5) for confidentiality services of
+ * application data. We recommend that you use TLS instead as it is
+ * generally more secure and have better chance of working.
+ */
typedef enum
{
GSASL_CIPHER_DES = 1,
@@ -175,17 +250,61 @@ extern "C"
GSASL_CIPHER_AES = 32
} Gsasl_cipher;
- /* SASLprep flags, see gsasl_saslprep(). */
+ /**
+ * Gsasl_saslprep_flags:
+ * @GSASL_ALLOW_UNASSIGNED: Allow unassigned code points.
+ *
+ * Flags for the SASLprep function, see gsasl_saslprep(). For
+ * background, see the GNU Libidn documentation.
+ */
typedef enum
{
GSASL_ALLOW_UNASSIGNED = 1
} Gsasl_saslprep_flags;
- /* Library handles */
+ /**
+ * Gsasl:
+ *
+ * Handle to global library context.
+ */
typedef struct Gsasl Gsasl;
+
+ /**
+ * Gsasl_session:
+ *
+ * Handle to SASL session context.
+ */
typedef struct Gsasl_session Gsasl_session;
- /* Callback/property types. */
+ /**
+ * Gsasl_property:
+ * @GSASL_AUTHID: Authentication identity (username).
+ * @GSASL_AUTHZID: Authorization identity.
+ * @GSASL_PASSWORD: Password.
+ * @GSASL_ANONYMOUS_TOKEN: Anonymous identifier.
+ * @GSASL_SERVICE: Service name
+ * @GSASL_HOSTNAME: Host name.
+ * @GSASL_GSSAPI_DISPLAY_NAME: GSS-API credential principal name.
+ * @GSASL_PASSCODE: SecurID passcode.
+ * @GSASL_SUGGESTED_PIN: SecurID suggested PIN.
+ * @GSASL_PIN: SecurID PIN.
+ * @GSASL_REALM: User realm.
+ * @GSASL_DIGEST_MD5_HASHED_PASSWORD: Pre-computed hashed DIGEST-MD5
+ * password, to avoid storing passwords in the clear.
+ * @GSASL_QOPS: Set of quality-of-protection values.
+ * @GSASL_QOP: Quality-of-protection value.
+ * @GSASL_SCRAM_ITER: Number of iterations in password-to-key hashing.
+ * @GSASL_SCRAM_SALT: Salt for password-to-key hashing.
+ * @GSASL_SCRAM_SALTED_PASSWORD: Pre-computed salted SCRAM key,
+ * to avoid re-computation and storing passwords in the clear.
+ * @GSASL_VALIDATE_SIMPLE: Request for simple validation.
+ * @GSASL_VALIDATE_EXTERNAL: Request for validation of EXTERNAL.
+ * @GSASL_VALIDATE_ANONYMOUS: Request for validation of ANONYMOUS.
+ * @GSASL_VALIDATE_GSSAPI: Request for validation of GSSAPI/GS2.
+ * @GSASL_VALIDATE_SECURID: Reqest for validation of SecurID.
+ *
+ * Callback/property types.
+ */
typedef enum
{
/* Information properties, e.g., username. */
diff --git a/src/imap.c b/src/imap.c
index 06bd055..f4ccecd 100644
--- a/src/imap.c
+++ b/src/imap.c
@@ -1,5 +1,5 @@
/* imap.c --- Implement IMAP profile of SASL login.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Simon
Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Simon
Josefsson
*
* This file is part of GNU SASL.
*
@@ -149,8 +149,7 @@ imap_step_recv (char **data)
{
if (p[0] != '+' || p[1] != ' ')
{
- fprintf (stderr, _("error: Server did not return expected SASL "
- "data (it must begin with '+ '):\n%s\n"), p);
+ fprintf (stderr, _("error: server did not return a token\n"));
return 0;
}
hooks/post-receive
--
GNU gsasl
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gsasl branch, master, updated. gsasl-1-4-1-87-gb8a426b,
Simon Josefsson <=