Classes | Public Member Functions | List of all members
GAuth::SaslServer Class Referenceabstract

A class for implementing the server-side SASL challenge/response concept. More...

#include <gsaslserver.h>

Inheritance diagram for GAuth::SaslServer:
GAuth::SaslServerBasic GAuth::SaslServerPam

Classes

class  Secrets
 An interface used by GAuth::SaslServer to obtain authentication secrets. More...
 

Public Member Functions

virtual ~SaslServer ()
 Destructor. More...
 
virtual bool requiresEncryption () const =0
 Returns true if the implementation requires that the challenge/response dialog should only take place over an encrypted transport. More...
 
virtual bool active () const =0
 Returns true if the constructor's "secrets" object was valid. More...
 
virtual std::string mechanisms (char sep= ' ') const =0
 Returns a list of supported, standard mechanisms that can be advertised to the client. More...
 
virtual bool init (const std::string &mechanism)=0
 Initialiser. More...
 
virtual std::string mechanism () const =0
 Returns the mechanism, as passed to the last init() call to return true. More...
 
virtual bool mustChallenge () const =0
 Returns true if the mechanism must start with a non-empty server challenge. More...
 
virtual std::string initialChallenge () const =0
 Returns the initial server challenge. More...
 
virtual std::string apply (const std::string &response, bool &done)=0
 Applies the client response and returns the next challenge. More...
 
virtual bool authenticated () const =0
 Returns true if authenticated sucessfully. More...
 
virtual std::string id () const =0
 Returns the authenticated or trusted identity. More...
 
virtual bool trusted (GNet::Address) const =0
 Returns true if a trusted client that does not need to authenticate. More...
 

Detailed Description

A class for implementing the server-side SASL challenge/response concept.

SASL is described in RFC4422, and the SMTP extension for authentication is described in RFC2554.

Common SASL mechanisms are:

Usage:

SaslServer sasl( secrets ) ;
client.advertise( sasl.mechanisms() ) ;
if( sasl.init(client.preferredMechanism()) )
{
client.send( sasl.initialChallenge() ) ;
for(;;)
{
std::string reply = client.receive() ;
bool done = false ;
std::string challenge = sasl.apply( reply , done ) ;
if( done ) break ;
client.send( challenge ) ;
}
bool ok = sasl.authenticated() ;
}
See also
GAuth::SaslClient, RFC2554, RFC4422

Definition at line 77 of file gsaslserver.h.

Constructor & Destructor Documentation

GAuth::SaslServer::~SaslServer ( )
virtual

Destructor.

Definition at line 26 of file gsaslserver.cpp.

Member Function Documentation

virtual bool GAuth::SaslServer::active ( ) const
pure virtual

Returns true if the constructor's "secrets" object was valid.

See also Secrets::valid().

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual std::string GAuth::SaslServer::apply ( const std::string &  response,
bool &  done 
)
pure virtual

Applies the client response and returns the next challenge.

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual bool GAuth::SaslServer::authenticated ( ) const
pure virtual

Returns true if authenticated sucessfully.

Precondition: apply() returned empty

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual std::string GAuth::SaslServer::id ( ) const
pure virtual

Returns the authenticated or trusted identity.

Returns the empty string if not authenticated and not trusted.

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual bool GAuth::SaslServer::init ( const std::string &  mechanism)
pure virtual

Initialiser.

Returns true if a supported mechanism. May be used more than once.

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual std::string GAuth::SaslServer::initialChallenge ( ) const
pure virtual

Returns the initial server challenge.

May return an empty string.

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual std::string GAuth::SaslServer::mechanism ( ) const
pure virtual

Returns the mechanism, as passed to the last init() call to return true.

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual std::string GAuth::SaslServer::mechanisms ( char  sep = ' ') const
pure virtual

Returns a list of supported, standard mechanisms that can be advertised to the client.

Mechanisms (eg. APOP) may still be accepted by init() even though they are not advertised.

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual bool GAuth::SaslServer::mustChallenge ( ) const
pure virtual

Returns true if the mechanism must start with a non-empty server challenge.

Returns false for the "LOGIN" mechanism since the initial challenge ("username:") is not essential.

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual bool GAuth::SaslServer::requiresEncryption ( ) const
pure virtual

Returns true if the implementation requires that the challenge/response dialog should only take place over an encrypted transport.

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

virtual bool GAuth::SaslServer::trusted ( GNet::Address  ) const
pure virtual

Returns true if a trusted client that does not need to authenticate.

Implemented in GAuth::SaslServerPam, and GAuth::SaslServerBasic.

The documentation for this class was generated from the following files:
Generated on Thu Jan 11 2018 00:25:33 for E-MailRelay by   doxygen 1.8.8