KDESasl Class Reference
This library can create responses for SASL authentication for a given challenge and a given secret. More...
#include <kdesasl.h>
Public Member Functions | |
KDESasl (const KURL &aUrl) | |
KDESasl (const QString &aUser, const QString &aPass, const QString &aProtocol) | |
virtual QCString | chooseMethod (const QStrIList aMethods) |
virtual void | setMethod (const QCString &aMethod) |
QCString | method () const |
bool | dialogComplete (int numCalls) const |
bool | isClearTextMethod () const |
QCString | getResponse (const QByteArray &aChallenge=QByteArray(), bool aBase64=true) |
QByteArray | getBinaryResponse (const QByteArray &aChallenge=QByteArray(), bool aBase64=true) |
bool | clientStarts () const |
Protected Member Functions | |
virtual QByteArray | getPlainResponse () |
virtual QByteArray | getLoginResponse () |
virtual QByteArray | getCramMd5Response (const QByteArray &aChallenge) |
virtual QByteArray | getDigestMd5Response (const QByteArray &aChallenge) |
Detailed Description
This library can create responses for SASL authentication for a given challenge and a given secret.This way of authentication is common for SMTP, POP3, IMAP and LDAP.
SASL is one way strong encryption and therefore useful for authentication, but not for secret information transfer. It is possibly to prove with SASL to know a shared secret like a password. It is not possible with SASL to transfer any other information in an encrypted way. For that purpose OpenPGP or SSL are useful.
Currently PLAIN (RFC 2595), LOGIN (not really a SASL mechanism, but used like that in IMAP and SMTP), CRAM-MD5 (RFC 2195) and DIGEST-MD5 (RFC 2831) authentication are supported. PLAIN and LOGIN transmit the credentials in the clear (apart from a possible base64 encoding).
For KDE 3.2, the API has been extended to allow transparent use of all currently supported SASL mechanisms. Example:
KDESasl sasl( myUser, myPass, myProtocol ); if ( !sasl.chooseMethod( myMechanismsSupportedByServer ) ) return false; // couldn't agree on a method int numResponses = 0; if ( sasl.clientStarts() ) { // check whether we're supposed to start the dialog ++numResponses; mySendAuthCommand( sasl.method(), sasl.getResponse() ); } else { mySendAuthCommand( sasl.method() ); } for ( ; !sasl.dialogComplete( numResponses ) ; ++numResponses ) { QByteArray challenge = myRecvChallenge(); mySendResponse( sasl.getResponse( challenge ) ); } return myCheckSuccess();
- Author:
- Michael Häckel <haeckel@kde.org>
- Version:
- Id
- kdesasl.h,v 1.13 2003/08/21 09:51:38 coolo Exp
Definition at line 70 of file kdesasl.h.
Constructor & Destructor Documentation
|
Construct a sasl object and initialize it with the username and password passed via the url.
Definition at line 30 of file kdesasl.cpp. References KDESasl(), KURL::pass(), KURL::protocol(), and KURL::user(). Referenced by KDESasl(). |
|
This is a conveniece function and differs from the above function only by what arguments it accepts.
Definition at line 38 of file kdesasl.cpp. References KDESasl(). |
Member Function Documentation
|
Definition at line 50 of file kdesasl.cpp. References chooseMethod(). Referenced by chooseMethod(). |
|
Explicitely set the SASL method used.
Definition at line 60 of file kdesasl.cpp. References setMethod(), and QCString::upper(). Referenced by setMethod(). |
|
Definition at line 267 of file kdesasl.cpp. Referenced by clientStarts(), dialogComplete(), and isClearTextMethod(). |
|
Definition at line 275 of file kdesasl.cpp. References dialogComplete(), and method(). Referenced by dialogComplete(). |
|
Definition at line 283 of file kdesasl.cpp. References method(). |
|
Creates a response using the formerly chosen SASL method. For LOGIN authentication you have to call this function twice. KDESasl realizes on its own, if you are calling it for the first or for the second time.
Definition at line 261 of file kdesasl.cpp. References getBinaryResponse(), and getResponse(). Referenced by getResponse(). |
|
Create a response as above but place it in a QByteArray.
Definition at line 242 of file kdesasl.cpp. References getBinaryResponse(), getCramMd5Response(), getDigestMd5Response(), getLoginResponse(), and getPlainResponse(). Referenced by getBinaryResponse(), and getResponse(). |
|
Returns true if the client is supposed to initiate the challenge-respinse dialog with an initial response (which most protocols can transfer alongside the authentication command as an optional second parameter). This method relieves the sasl user from knowing details about the mechanism. If true, use #getResponse() with a null challenge.
Definition at line 271 of file kdesasl.cpp. References method(). |
|
PLAIN authentication as described in RFC 2595.
Definition at line 65 of file kdesasl.cpp. References QCString::length(), and QString::utf8(). Referenced by getBinaryResponse(). |
|
LOGIN authentication.
Definition at line 83 of file kdesasl.cpp. References QString::utf8(). Referenced by getBinaryResponse(). |
|
CRAM-MD5 authentication as described in RFC 2195.
Definition at line 91 of file kdesasl.cpp. References getCramMd5Response(), KMD5::hexDigest(), KMD5::rawDigest(), KMD5::update(), and QString::utf8(). Referenced by getBinaryResponse(), and getCramMd5Response(). |
|
DIGEST-MD5 authentication as described in RFC 2831.
Definition at line 124 of file kdesasl.cpp. References getDigestMd5Response(), KMD5::hexDigest(), QCString::isEmpty(), QString::latin1(), QCString::length(), KMD5::rawDigest(), KMD5::reset(), QCString::setNum(), KMD5::update(), and QString::utf8(). Referenced by getBinaryResponse(), and getDigestMd5Response(). |
The documentation for this class was generated from the following files: