GSmtp::SaslServer Class Reference

A class for implementing the server-side SASL challenge/response concept. More...

#include <gsasl.h>

List of all members.

Public Member Functions

 SaslServer (const Secrets &, bool ignored, bool force_one_mechanism)
 Constructor.
 ~SaslServer ()
 Destructor.
bool active () const
 Returns true if the constructor's "secrets" object was valid.
std::string mechanisms (char sep= ' ') const
 Returns a list of supported, standard mechanisms that can be advertised to the client.
bool init (const std::string &mechanism)
 Initialiser.
std::string mechanism () const
 Returns the mechanism, as passed to the last init() call to return true.
bool mustChallenge () const
 Returns true if the mechanism must start with a non-empty server challenge.
std::string initialChallenge () const
 Returns the initial server challenge.
std::string apply (const std::string &response, bool &done)
 Applies the client response and returns the next challenge.
bool authenticated () const
 Returns true if authenticated sucessfully.
std::string id () const
 Returns the authenticated or trusted identity.
bool trusted (GNet::Address) const
 Returns true if a trusted client that does not need to authenticate.

Classes

class  Secrets
 An interface used by GSmtp::SaslServer to obtain authentication secrets. More...


Detailed Description

A class for implementing the server-side SASL challenge/response concept.

SASL is described in RFC4422, and the SMTP extension for authentication is described in RFC2554.

Common SASL mechanisms are:

Usage:

 SaslServer sasl( secrets ) ;
 client.advertise( sasl.mechanisms() ) ;
 if( sasl.init(client.preferredMechanism()) )
 {
   client.send( sasl.initialChallenge() ) ;
   for(;;)
   {
     std::string reply = client.receive() ;
     bool done = false ;
     std::string challenge = sasl.apply( reply , done ) ;
     if( done ) break ;
     client.send( challenge ) ;
   }
   bool ok = sasl.authenticated() ;
 }

See also:
GSmtp::SaslClient, RFC2554, RFC4422

Definition at line 91 of file gsasl.h.


Constructor & Destructor Documentation

GSmtp::SaslServer::SaslServer ( const Secrets secrets,
bool  ignored,
bool  force_one_mechanism 
)

Constructor.

The secrets reference is kept.

If the 'force' flag is true then the list of mechanisms returned by mechanisms() will never be empty, even if no authentication is possible.

Definition at line 230 of file gsasl_native.cpp.

GSmtp::SaslServer::~SaslServer (  ) 

Destructor.

Definition at line 240 of file gsasl_native.cpp.


Member Function Documentation

bool GSmtp::SaslServer::active (  )  const

Returns true if the constructor's "secrets" object was valid.

See also Secrets::valid().

Definition at line 235 of file gsasl_native.cpp.

References GSmtp::SaslServerImp::m_secrets, and GSmtp::Valid::valid().

Referenced by GSmtp::ServerProtocol::ServerProtocol(), and GPop::AuthImp::valid().

std::string GSmtp::SaslServer::mechanisms ( char  sep = ' '  )  const

Returns a list of supported, standard mechanisms that can be advertised to the client.

Mechanisms (eg. APOP) may still be accepted by init() even though they are not advertised.

Definition at line 214 of file gsasl_native.cpp.

References GSmtp::SaslServerImp::mechanisms().

Referenced by GPop::AuthImp::mechanisms().

bool GSmtp::SaslServer::init ( const std::string &  mechanism  ) 

Initialiser.

Returns true if a supported mechanism. May be used more than once.

Definition at line 250 of file gsasl_native.cpp.

References G_DEBUG, GSmtp::SaslServerImp::init(), and GSmtp::SaslServerImp::m_mechanism.

Referenced by GPop::AuthImp::AuthImp(), and GPop::AuthImp::init().

std::string GSmtp::SaslServer::mechanism (  )  const

Returns the mechanism, as passed to the last init() call to return true.

Definition at line 219 of file gsasl_native.cpp.

References GSmtp::SaslServerImp::m_mechanism.

bool GSmtp::SaslServer::mustChallenge (  )  const

Returns true if the mechanism must start with a non-empty server challenge.

Returns false for the "LOGIN" mechanism since the initial challenge ("username:") is not essential.

Definition at line 245 of file gsasl_native.cpp.

References GSmtp::SaslServerImp::m_mechanism.

std::string GSmtp::SaslServer::initialChallenge (  )  const

Returns the initial server challenge.

May return an empty string.

Definition at line 257 of file gsasl_native.cpp.

References GSmtp::SaslServerImp::m_challenge, and GSmtp::SaslServerImp::m_mechanism.

Referenced by GPop::AuthImp::challenge().

std::string GSmtp::SaslServer::apply ( const std::string &  response,
bool &  done 
)

bool GSmtp::SaslServer::authenticated (  )  const

Returns true if authenticated sucessfully.

Precondition: apply() returned empty

Definition at line 340 of file gsasl_native.cpp.

References GSmtp::SaslServerImp::m_authenticated.

Referenced by GPop::AuthImp::authenticated().

std::string GSmtp::SaslServer::id (  )  const

Returns the authenticated or trusted identity.

Returns the empty string if not authenticated and not trusted.

Definition at line 345 of file gsasl_native.cpp.

References GSmtp::SaslServerImp::m_authenticated, GSmtp::SaslServerImp::m_id, and GSmtp::SaslServerImp::m_trustee.

Referenced by GPop::AuthImp::id().

bool GSmtp::SaslServer::trusted ( GNet::Address  a  )  const

Returns true if a trusted client that does not need to authenticate.

Definition at line 224 of file gsasl_native.cpp.

References GNet::Address::displayString(), G_DEBUG, and GSmtp::SaslServerImp::trusted().


The documentation for this class was generated from the following files:

Generated on Fri Apr 18 15:56:14 2008 for E-MailRelay by  doxygen 1.5.5