KDE 3.5 API Reference kio
KDESasl Class Reference
This library can create responses for SASL authentication for a given challenge and a given secret. More...
#include <kdesasl.h>
Public Member Functions | |
| virtual QCString | chooseMethod (const QStrIList aMethods) |
| bool | clientStarts () const |
| bool | dialogComplete (int numCalls) const |
| QByteArray | getBinaryResponse (const QByteArray &aChallenge=QByteArray(), bool aBase64=true) |
| QCString | getResponse (const QByteArray &aChallenge=QByteArray(), bool aBase64=true) |
| bool | isClearTextMethod () const |
| KDESasl (const QString &aUser, const QString &aPass, const QString &aProtocol) | |
| KDESasl (const KURL &aUrl) | |
| QCString | method () const |
| virtual void | setMethod (const QCString &aMethod) |
| virtual | ~KDESasl () |
Protected Member Functions | |
| virtual QByteArray | getCramMd5Response (const QByteArray &aChallenge) |
| virtual QByteArray | getDigestMd5Response (const QByteArray &aChallenge) |
| virtual QByteArray | getLoginResponse () |
| virtual QByteArray | getPlainResponse () |
Detailed Description
This library can create responses for SASL authentication for a given challenge and a given secret.This way of authentication is common for SMTP, POP3, IMAP and LDAP.
SASL is one way strong encryption and therefore useful for authentication, but not for secret information transfer. It is possibly to prove with SASL to know a shared secret like a password. It is not possible with SASL to transfer any other information in an encrypted way. For that purpose OpenPGP or SSL are useful.
Currently PLAIN (RFC 2595), LOGIN (not really a SASL mechanism, but used like that in IMAP and SMTP), CRAM-MD5 (RFC 2195) and DIGEST-MD5 (RFC 2831) authentication are supported. PLAIN and LOGIN transmit the credentials in the clear (apart from a possible base64 encoding).
For KDE 3.2, the API has been extended to allow transparent use of all currently supported SASL mechanisms. Example:
KDESasl sasl( myUser, myPass, myProtocol ); if ( !sasl.chooseMethod( myMechanismsSupportedByServer ) ) return false; // couldn't agree on a method int numResponses = 0; if ( sasl.clientStarts() ) { // check whether we're supposed to start the dialog ++numResponses; mySendAuthCommand( sasl.method(), sasl.getResponse() ); } else { mySendAuthCommand( sasl.method() ); } for ( ; !sasl.dialogComplete( numResponses ) ; ++numResponses ) { QByteArray challenge = myRecvChallenge(); mySendResponse( sasl.getResponse( challenge ) ); } return myCheckSuccess();
- Version:
- Id
- kdesasl.h 465272 2005-09-29 09:47:40Z mueller
Definition at line 72 of file kdesasl.h.
Constructor & Destructor Documentation
| KDESasl::KDESasl | ( | const KURL & | aUrl | ) |
Construct a sasl object and initialize it with the username and password passed via the url.
Definition at line 30 of file kdesasl.cpp.
This is a conveniece function and differs from the above function only by what arguments it accepts.
Definition at line 38 of file kdesasl.cpp.
| KDESasl::~KDESasl | ( | ) | [virtual] |
Definition at line 47 of file kdesasl.cpp.
Member Function Documentation
- Returns:
- the most secure method from the given methods and use it for further operations.
Definition at line 50 of file kdesasl.cpp.
| bool KDESasl::clientStarts | ( | ) | const |
Returns true if the client is supposed to initiate the challenge-respinse dialog with an initial response (which most protocols can transfer alongside the authentication command as an optional second parameter).
This method relieves the sasl user from knowing details about the mechanism. If true, use getResponse() with a null challenge.
- Since:
- 3.2
Definition at line 271 of file kdesasl.cpp.
| bool KDESasl::dialogComplete | ( | int | numCalls | ) | const |
- Parameters:
-
numCalls number of times getResponse() has been called.
- Returns:
- whether the challenge/response dialog has completed
- Since:
- 3.2
Definition at line 275 of file kdesasl.cpp.
| QByteArray KDESasl::getBinaryResponse | ( | const QByteArray & | aChallenge = QByteArray(), |
|
| bool | aBase64 = true | |||
| ) |
Create a response as above but place it in a QByteArray.
Definition at line 242 of file kdesasl.cpp.
| QByteArray KDESasl::getCramMd5Response | ( | const QByteArray & | aChallenge | ) | [protected, virtual] |
| QByteArray KDESasl::getDigestMd5Response | ( | const QByteArray & | aChallenge | ) | [protected, virtual] |
| QByteArray KDESasl::getLoginResponse | ( | ) | [protected, virtual] |
| QByteArray KDESasl::getPlainResponse | ( | ) | [protected, virtual] |
| QCString KDESasl::getResponse | ( | const QByteArray & | aChallenge = QByteArray(), |
|
| bool | aBase64 = true | |||
| ) |
Creates a response using the formerly chosen SASL method.
For LOGIN authentication you have to call this function twice. KDESasl realizes on its own, if you are calling it for the first or for the second time.
- Parameters:
-
aChallenge is the challenge sent to create a response for aBase64 specifies, whether the authentication protocol uses base64 encoding. The challenge is decoded from base64 and the response is encoded base64 if set to true.
Definition at line 261 of file kdesasl.cpp.
| bool KDESasl::isClearTextMethod | ( | ) | const |
- Returns:
- whether the currently selected mechanism results in cleartext passwords being sent over the network and thus should be used only under TLS/SSL cover or for legacy servers.
- Since:
- 3.2
Definition at line 283 of file kdesasl.cpp.
| QCString KDESasl::method | ( | ) | const |
| void KDESasl::setMethod | ( | const QCString & | aMethod | ) | [virtual] |
The documentation for this class was generated from the following files:
