diff options
Diffstat (limited to 'kio/misc/tdesasl/tdesasl.h')
-rw-r--r-- | kio/misc/tdesasl/tdesasl.h | 169 |
1 files changed, 0 insertions, 169 deletions
diff --git a/kio/misc/tdesasl/tdesasl.h b/kio/misc/tdesasl/tdesasl.h deleted file mode 100644 index 1f68ac688..000000000 --- a/kio/misc/tdesasl/tdesasl.h +++ /dev/null @@ -1,169 +0,0 @@ -/* This file is part of the KDE libraries - Copyright (C) 2001-2002 Michael Häckel <haeckel@kde.org> - $Id$ - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Library General Public - License version 2 as published by the Free Software Foundation. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. - - You should have received a copy of the GNU Library General Public License - along with this library; see the file COPYING.LIB. If not, write to - the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. -*/ - -#ifndef TDESASL_H -#define TDESASL_H - -#include <tqstring.h> - -#include <tdelibs_export.h> - -class KURL; -class TQStrIList; - -/** - * This library can create responses for SASL authentication for a given - * challenge and a given secret. This way of authentication is common for - * SMTP, POP3, IMAP and LDAP. - * - * SASL is one way strong encryption and therefore useful for authentication, - * but not for secret information transfer. - * It is possibly to prove with SASL to know a shared secret like a password. - * It is not possible with SASL to transfer any other information in an - * encrypted way. For that purpose OpenPGP or SSL are useful. - * - * Currently PLAIN (RFC 2595), LOGIN (not really a SASL mechanism, but - * used like that in IMAP and SMTP), CRAM-MD5 (RFC 2195) and - * DIGEST-MD5 (RFC 2831) authentication are supported. PLAIN and - * LOGIN transmit the credentials in the clear (apart from a possible - * base64 encoding). - * - * For KDE 3.2, the API has been extended to allow transparent use of - * all currently supported SASL mechanisms. Example: - * \code - * KDESasl sasl( myUser, myPass, myProtocol ); - * if ( !sasl.chooseMethod( myMechanismsSupportedByServer ) ) - * return false; // couldn't agree on a method - * - * int numResponses = 0; - * if ( sasl.clientStarts() ) { // check whether we're supposed to start the dialog - * ++numResponses; - * mySendAuthCommand( sasl.method(), sasl.getResponse() ); - * } else { - * mySendAuthCommand( sasl.method() ); - * } - * for ( ; !sasl.dialogComplete( numResponses ) ; ++numResponses ) { - * TQByteArray challenge = myRecvChallenge(); - * mySendResponse( sasl.getResponse( challenge ) ); - * } - * return myCheckSuccess(); - * \endcode - * - * @author Michael Häckel <haeckel@kde.org> - * @version $Id$ - */ - -class KIO_EXPORT KDESasl -{ - -public: - /** - * Construct a sasl object and initialize it with the username and password - * passed via the url. - */ - KDESasl(const KURL &aUrl); - /** - * This is a conveniece function and differs from the above function only by - * what arguments it accepts. - */ - KDESasl(const TQString &aUser, const TQString &aPass, const TQString &aProtocol); - /* - * You need to have a virtual destructor! - */ - virtual ~KDESasl(); - /** - * @returns the most secure method from the given methods and use it for - * further operations. - */ - virtual TQCString chooseMethod(const TQStrIList aMethods); - /** - * Explicitely set the SASL method used. - */ - virtual void setMethod(const TQCString &aMethod); - /** - * @return the SASL method used. - * @since 3.2 - */ - TQCString method() const; - /** - * @param numCalls number of times getResponse() has been called. - * @return whether the challenge/response dialog has completed - * - * @since 3.2 - */ - bool dialogComplete( int numCalls ) const; - /** - * @return whether the currently selected mechanism results in - * cleartext passwords being sent over the network and thus should - * be used only under TLS/SSL cover or for legacy servers. - * - * @since 3.2 - */ - bool isClearTextMethod() const; - /** - * Creates a response using the formerly chosen SASL method. - * For LOGIN authentication you have to call this function twice. KDESasl - * realizes on its own, if you are calling it for the first or for the - * second time. - * @param aChallenge is the challenge sent to create a response for - * @param aBase64 specifies, whether the authentication protocol uses base64 - * encoding. The challenge is decoded from base64 and the response is - * encoded base64 if set to true. - */ - TQCString getResponse(const TQByteArray &aChallenge=TQByteArray(), bool aBase64 = true); - /** - * Create a response as above but place it in a QByteArray - */ - TQByteArray getBinaryResponse(const TQByteArray &aChallenge=TQByteArray(), bool aBase64=true); - /** - * Returns true if the client is supposed to initiate the - * challenge-respinse dialog with an initial response (which most - * protocols can transfer alongside the authentication command as an - * optional second parameter). This method relieves the sasl user - * from knowing details about the mechanism. If true, use - * #getResponse() with a null challenge. - * - * @since 3.2 - */ - bool clientStarts() const; -protected: - /** - * PLAIN authentication as described in RFC 2595 - */ - virtual TQByteArray getPlainResponse(); - /** - * LOGIN authentication - */ - virtual TQByteArray getLoginResponse(); - /** - * CRAM-MD5 authentication as described in RFC 2195 - */ - virtual TQByteArray getCramMd5Response(const TQByteArray &aChallenge); - /** - * DIGEST-MD5 authentication as described in RFC 2831 - */ - virtual TQByteArray getDigestMd5Response(const TQByteArray &aChallenge); - -private: - TQString mProtocol, mUser, mPass; - TQCString mMethod; - bool mFirst; -}; - -#endif |