|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Howard Chu wrote:
I'm looking at how to utilize some of the APIs in this draft http://tools.ietf.org/html/draft-ietf-kitten-gssapi-naming-exts-06with SASL. My preference was to provide SASL versions of gss_inquire_name() and gss_get_name_attribute(), so that apps using SASL don't need to call directly into the underlying GSS API. But alternatively, I could just implement sasl_getprop(SASL_GSS_PEER_NAME) and make the app do the gss calls itself. Any suggestions?Proposed wrappers would be sasl_nameprop_list(sasl_conn_t *conn, char **propnames) -> return the list of available attributes using gss_inquire() sasl_nameprop_request(sasl_conn_t *conn, const char *propname, int *authenticated, int *complete, void **value, unsigned *value_length, char **display_value, int *more) -> iterate thru gss_get_name_attribute().This would require adding the corresponding entry points to the sasl_server_plug_t.
After thinking a bit more about this, I think this is sensible. You would also need to bump the SASL plugin version number (in saslplug.h): #define SASL_SERVER_PLUG_VERSION ...