#include <QtCrypto>
|
virtual SASL::AuthCondition | authCondition () const =0 |
|
virtual QString | authzid () const =0 |
|
virtual SASL::Params | clientParams () const =0 |
|
virtual int | encoded () const =0 |
|
virtual bool | haveClientInit () const =0 |
|
virtual QString | mech () const =0 |
|
virtual QStringList | mechlist () const =0 |
|
virtual void | nextStep (const QByteArray &from_net)=0 |
|
virtual QStringList | realmlist () const =0 |
|
virtual void | reset ()=0 |
|
virtual Result | result () const =0 |
|
| SASLContext (Provider *p) |
|
virtual void | serverFirstStep (const QString &mech, const QByteArray *clientInit)=0 |
|
virtual void | setClientParams (const QString *user, const QString *authzid, const SecureArray *pass, const QString *realm)=0 |
|
virtual void | setConstraints (SASL::AuthFlags f, int minSSF, int maxSSF)=0 |
|
virtual void | setup (const QString &service, const QString &host, const HostPort *local, const HostPort *remote, const QString &ext_id, int ext_ssf)=0 |
|
virtual int | ssf () const =0 |
|
virtual void | startClient (const QStringList &mechlist, bool allowClientSendFirst)=0 |
|
virtual void | startServer (const QString &realm, bool disableServerSendLast)=0 |
|
virtual QByteArray | stepData () const =0 |
|
virtual QByteArray | to_app ()=0 |
|
virtual QByteArray | to_net ()=0 |
|
virtual void | tryAgain ()=0 |
|
virtual void | update (const QByteArray &from_net, const QByteArray &from_app)=0 |
|
virtual QString | username () const =0 |
|
virtual bool | waitForResultsReady (int msecs)=0 |
|
SASL provider.
- Note
- This class is part of the provider plugin interface and should not be used directly by applications. You probably want SASL instead.
◆ Result
Result of a SASL operation.
Enumerator |
---|
Success | Operation completed.
|
Error | Operation failed.
|
Params | Parameters are needed to complete authentication.
|
AuthCheck | Client login can be inspected (server only)
|
Continue | More steps needed to complete authentication.
|
◆ SASLContext()
QCA::SASLContext::SASLContext |
( |
Provider * |
p | ) |
|
|
inline |
Standard constructor.
- Parameters
-
p | the Provider associated with this context |
◆ reset()
virtual void QCA::SASLContext::reset |
( |
| ) |
|
|
pure virtual |
Reset the object to its initial state.
◆ setup()
virtual void QCA::SASLContext::setup |
( |
const QString & |
service, |
|
|
const QString & |
host, |
|
|
const HostPort * |
local, |
|
|
const HostPort * |
remote, |
|
|
const QString & |
ext_id, |
|
|
int |
ext_ssf |
|
) |
| |
|
pure virtual |
Configure a new session.
This function will be called before any other configuration functions.
- Parameters
-
service | the name of the network service being provided by this application, which can be used by the SASL system for policy control. Examples: "imap", "xmpp" |
host | the hostname that the application is interacting with or as |
local | pointer to a HostPort representing the local end of a network socket, or 0 if this information is unknown or not available |
remote | pointer to a HostPort representing the peer end of a network socket, or 0 if this information is unknown or not available |
ext_id | the id to be used for SASL EXTERNAL (client only) |
ext_ssf | the SSF of the external authentication channel (client only) |
◆ setConstraints()
virtual void QCA::SASLContext::setConstraints |
( |
SASL::AuthFlags |
f, |
|
|
int |
minSSF, |
|
|
int |
maxSSF |
|
) |
| |
|
pure virtual |
Set the constraints of the session using SSF values.
This function will be called before startClient() or startServer().
- Parameters
-
f | the flags to use |
minSSF | the minimum strength factor that is acceptable |
maxSSF | the maximum strength factor that is acceptable |
◆ startClient()
virtual void QCA::SASLContext::startClient |
( |
const QStringList & |
mechlist, |
|
|
bool |
allowClientSendFirst |
|
) |
| |
|
pure virtual |
Begins the session in client mode, starting with the authentication.
This function returns immediately, and completion is signaled with the resultsReady() signal.
On completion, result(), mech(), haveClientInit(), and stepData() will be valid. If result() is Success, then the session is now in the connected state.
- Parameters
-
mechlist | the list of mechanisms |
allowClientSendFirst | whether the client sends first (true) or the server sends first (false) |
◆ startServer()
virtual void QCA::SASLContext::startServer |
( |
const QString & |
realm, |
|
|
bool |
disableServerSendLast |
|
) |
| |
|
pure virtual |
Begins the session in server mode, starting with the authentication.
This function returns immediately, and completion is signaled with the resultsReady() signal.
On completion, result() and mechlist() will be valid. The result() function will return Success or Error. If the result is Success, then serverFirstStep() will be called next.
- Parameters
-
realm | the realm to authenticate in |
disableServerSendLast | whether the client sends first (true) or the server sends first (false) |
◆ serverFirstStep()
virtual void QCA::SASLContext::serverFirstStep |
( |
const QString & |
mech, |
|
|
const QByteArray * |
clientInit |
|
) |
| |
|
pure virtual |
Finishes server startup.
This function returns immediately, and completion is signaled with the resultsReady() signal.
On completion, result() and stepData() will be valid. If result() is Success, then the session is now in the connected state.
- Parameters
-
mech | the mechanism to use |
clientInit | initial data from the client, or 0 if there is no such data |
◆ nextStep()
virtual void QCA::SASLContext::nextStep |
( |
const QByteArray & |
from_net | ) |
|
|
pure virtual |
Perform another step of the SASL authentication.
This function returns immediately, and completion is signaled with the resultsReady() signal.
On completion, result() and stepData() will be valid.
- Parameters
-
from_net | the data from the "other side" of the protocol to be used for the next step. |
◆ tryAgain()
virtual void QCA::SASLContext::tryAgain |
( |
| ) |
|
|
pure virtual |
Attempt the most recent operation again.
This is used if the result() of an operation is Params or AuthCheck.
This function returns immediately, and completion is signaled with the resultsReady() signal.
On completion, result() and stepData() will be valid.
◆ update()
virtual void QCA::SASLContext::update |
( |
const QByteArray & |
from_net, |
|
|
const QByteArray & |
from_app |
|
) |
| |
|
pure virtual |
Performs one iteration of the SASL security layer processing.
This function returns immediately, and completion is signaled with the resultsReady() signal.
On completion, result(), to_net(), encoded(), and to_app() will be valid. The result() function will return Success or Error.
- Parameters
-
from_net | the data from the "other side" of the protocol |
from_app | the data from the application of the protocol |
◆ waitForResultsReady()
virtual bool QCA::SASLContext::waitForResultsReady |
( |
int |
msecs | ) |
|
|
pure virtual |
◆ result()
virtual Result QCA::SASLContext::result |
( |
| ) |
const |
|
pure virtual |
Returns the result code of an operation.
◆ mechlist()
virtual QStringList QCA::SASLContext::mechlist |
( |
| ) |
const |
|
pure virtual |
Returns the mechanism list (server mode only)
◆ mech()
virtual QString QCA::SASLContext::mech |
( |
| ) |
const |
|
pure virtual |
Returns the mechanism selected.
◆ haveClientInit()
virtual bool QCA::SASLContext::haveClientInit |
( |
| ) |
const |
|
pure virtual |
Returns true if the client has initialization data.
◆ stepData()
virtual QByteArray QCA::SASLContext::stepData |
( |
| ) |
const |
|
pure virtual |
Returns an authentication payload for to be transmitted over the network.
◆ to_net()
virtual QByteArray QCA::SASLContext::to_net |
( |
| ) |
|
|
pure virtual |
Returns data that should be sent across the network (for the security layer)
◆ encoded()
virtual int QCA::SASLContext::encoded |
( |
| ) |
const |
|
pure virtual |
Returns the number of bytes of plaintext data that is encoded inside of to_net()
◆ to_app()
virtual QByteArray QCA::SASLContext::to_app |
( |
| ) |
|
|
pure virtual |
Returns data that is decoded from the network and should be processed by the application.
◆ ssf()
virtual int QCA::SASLContext::ssf |
( |
| ) |
const |
|
pure virtual |
Returns the SSF of the active SASL session.
This is only valid after authentication success.
◆ authCondition()
Returns the reason for failure, if the authentication was not successful.
This is only valid after authentication failure.
◆ clientParams()
virtual SASL::Params QCA::SASLContext::clientParams |
( |
| ) |
const |
|
pure virtual |
Returns the needed/optional client parameters.
This is only valid after receiving the Params result code.
◆ setClientParams()
virtual void QCA::SASLContext::setClientParams |
( |
const QString * |
user, |
|
|
const QString * |
authzid, |
|
|
const SecureArray * |
pass, |
|
|
const QString * |
realm |
|
) |
| |
|
pure virtual |
Set some of the client parameters (pass 0 to not set a field)
- Parameters
-
user | the user name |
authzid | the authorization name / role |
pass | the password |
realm | the realm to authenticate in |
◆ realmlist()
virtual QStringList QCA::SASLContext::realmlist |
( |
| ) |
const |
|
pure virtual |
Returns the realm list (client mode only)
This is only valid after receiving the Params result code and SASL::Params::canSendRealm is set to true.
◆ username()
virtual QString QCA::SASLContext::username |
( |
| ) |
const |
|
pure virtual |
Returns the username attempting to authenticate (server mode only)
This is only valid after receiving the AuthCheck result code.
◆ authzid()
virtual QString QCA::SASLContext::authzid |
( |
| ) |
const |
|
pure virtual |
Returns the authzid attempting to authorize (server mode only)
This is only valid after receiving the AuthCheck result code.
◆ resultsReady
void QCA::SASLContext::resultsReady |
( |
| ) |
|
|
signal |
The documentation for this class was generated from the following file: