KDESasl Class Reference
This library can create responses for SASL authentication for a given challenge and a given secret. More...
#include <kdesasl.h>
Public Member Functions | |
KDESasl (const KURL &aUrl) | |
KDESasl (const QString &aUser, const QString &aPass, const QString &aProtocol) | |
virtual QCString | chooseMethod (const QStrIList aMethods) |
virtual void | setMethod (const QCString &aMethod) |
QCString | method () const |
bool | dialogComplete (int numCalls) const |
bool | isClearTextMethod () const |
QCString | getResponse (const QByteArray &aChallenge=QByteArray(), bool aBase64=true) |
QByteArray | getBinaryResponse (const QByteArray &aChallenge=QByteArray(), bool aBase64=true) |
bool | clientStarts () const |
Protected Member Functions | |
virtual QByteArray | getPlainResponse () |
virtual QByteArray | getLoginResponse () |
virtual QByteArray | getCramMd5Response (const QByteArray &aChallenge) |
virtual QByteArray | getDigestMd5Response (const QByteArray &aChallenge) |
Detailed Description
This library can create responses for SASL authentication for a given challenge and a given secret.This way of authentication is common for SMTP, POP3, IMAP and LDAP.
SASL is one way strong encryption and therefore useful for authentication, but not for secret information transfer. It is possibly to prove with SASL to know a shared secret like a password. It is not possible with SASL to transfer any other information in an encrypted way. For that purpose OpenPGP or SSL are useful.
Currently PLAIN (RFC 2595), LOGIN (not really a SASL mechanism, but used like that in IMAP and SMTP), CRAM-MD5 (RFC 2195) and DIGEST-MD5 (RFC 2831) authentication are supported. PLAIN and LOGIN transmit the credentials in the clear (apart from a possible base64 encoding).
For KDE 3.2, the API has been extended to allow transparent use of all currently supported SASL mechanisms. Example:
KDESasl sasl( myUser, myPass, myProtocol ); if ( !sasl.chooseMethod( myMechanismsSupportedByServer ) ) return false; // couldn't agree on a method int numResponses = 0; if ( sasl.clientStarts() ) { // check whether we're supposed to start the dialog ++numResponses; mySendAuthCommand( sasl.method(), sasl.getResponse() ); } else { mySendAuthCommand( sasl.method() ); } for ( ; !sasl.dialogComplete( numResponses ) ; ++numResponses ) { QByteArray challenge = myRecvChallenge(); mySendResponse( sasl.getResponse( challenge ) ); } return myCheckSuccess();
- Author:
- Michael Häckel <haeckel@kde.org>
- Version:
- Id
- kdesasl.h,v 1.13 2003/08/21 09:51:38 coolo Exp
Definition at line 70 of file kdesasl.h.
Constructor & Destructor Documentation
|
Construct a sasl object and initialize it with the username and password passed via the url. Definition at line 30 of file kdesasl.cpp. References KURL::pass(), KURL::protocol(), and KURL::user(). |
|
This is a conveniece function and differs from the above function only by what arguments it accepts. Definition at line 38 of file kdesasl.cpp. |
Member Function Documentation
|
|
|
Explicitely set the SASL method used. Definition at line 60 of file kdesasl.cpp. References QCString::upper(). |
|
Referenced by clientStarts(), dialogComplete(), and isClearTextMethod(). |
|
References method(). |
|
References method(). |
|
Creates a response using the formerly chosen SASL method. For LOGIN authentication you have to call this function twice. KDESasl realizes on its own, if you are calling it for the first or for the second time.
References getBinaryResponse(). |
|
Create a response as above but place it in a QByteArray. Definition at line 242 of file kdesasl.cpp. References KCodecs::base64Decode(), KCodecs::base64Encode(), getCramMd5Response(), getDigestMd5Response(), getLoginResponse(), and getPlainResponse(). Referenced by getResponse(). |
|
Returns true if the client is supposed to initiate the challenge-respinse dialog with an initial response (which most protocols can transfer alongside the authentication command as an optional second parameter). This method relieves the sasl user from knowing details about the mechanism. If true, use getResponse() with a null challenge.
References method(). |
|
PLAIN authentication as described in RFC 2595. Definition at line 65 of file kdesasl.cpp. References QCString::length(), and QString::utf8(). Referenced by getBinaryResponse(). |
|
LOGIN authentication. Definition at line 83 of file kdesasl.cpp. References QString::utf8(). Referenced by getBinaryResponse(). |
|
CRAM-MD5 authentication as described in RFC 2195. Definition at line 91 of file kdesasl.cpp. References KMD5::hexDigest(), KMD5::rawDigest(), KMD5::update(), and QString::utf8(). Referenced by getBinaryResponse(). |
|
DIGEST-MD5 authentication as described in RFC 2831. Definition at line 124 of file kdesasl.cpp. References KCodecs::base64Encode(), KMD5::hexDigest(), QCString::isEmpty(), QString::latin1(), QCString::length(), KMD5::rawDigest(), KMD5::reset(), QCString::setNum(), KMD5::update(), and QString::utf8(). Referenced by getBinaryResponse(). |
The documentation for this class was generated from the following files: