archive-org.com » ORG » J » JOSEFSSON.ORG

Total: 236

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • GNU Simple Authentication and Security Layer 1.7.0
    only SASL Mechanism Options These options modify the behaviour of the callbacks see Callback Functions in the library The default is to query the user on the terminal n anonymous token STRING Token for anonymous authentication usually mail address ANONYMOUS only a authentication id STRING Identity of credential owner z authorization id STRING Identity to request service for disable cleartext validate Disable cleartext validate hook forcing server to prompt for password enable cram md5 validate Validate CRAM MD5 challenge and response interactively hostname STRING Set the name of the server with the requested service p password STRING Password for authentication insecure for non testing purposes passcode NUMBER Passcode for authentication SECURID only quality of protection qop auth qop int qop conf How application payload will be protected qop auth means no protection qop int means integrity protection qop conf means confidentiality Currently only used by DIGEST MD5 where the default is qop int r realm STRING Realm Defaults to hostname service STRING Set the requested service name should be a registered GSSAPI host based service name service name STRING Set the generic server name in case of a replicated server DIGEST MD5 only x maxbuf NUMBER Indicate maximum buffer size DIGEST MD5 only STARTTLS options starttls Force use of STARTTLS The default is to use STARTTLS when available default off no starttls Unconditionally disable STARTTLS default off x509 ca file FILE File containing one or more X 509 Certificate Authorities certificates in PEM format used to verify the certificate received from the server If not specified no verification of the remote server certificate will be done x509 cert file FILE File containing client X 509 certificate in PEM format Used together with x509 key file to specify the certificate key pair x509 key file FILE Private key for the client X 509 certificate in PEM format Used together with x509 key file to specify the certificate key pair priority Cipher priority string Other Options These are some standard parameters q quiet silent Don t produce any diagnostic output v verbose Produce verbose output help Give this help list usage Give a short usage message V version Print program version Next Old Functions Previous Invoking gsasl Up Top Appendix A Protocol Clarifications This appendix contains clarifications to various SASL specification that we felt were necessary to include if for nothing else it may serve as a guide for other implementers that worry about the same issues Use of SASLprep in CRAM MD5 Use of SASLprep in LOGIN Next Use of SASLprep in LOGIN Up Protocol Clarifications A 1 Use of SASLprep in CRAM MD5 The specification as of draft ietf sasl crammd5 04 txt is silent on whether a SASL server implementation applying SASLprep on a password received from an external non SASL specific database i e the passwords are not stored in SASLprep form in the database should set or clear the AllowUnassigned bit The motivation for the AU bit in StringPrep SASLprep is for stored vs query strings It could be argued that in this situation the server can treat the external password either as a stored string from a database or as a query the server uses the string as a query into the fixed HMAC MD5 hash The specification is also unclear on whether clients should set or clear the AllowUnassigned flag In the server GNU SASL applies SASLprep to the password with the AllowUnassigned bit cleared Previous Use of SASLprep in CRAM MD5 Up Protocol Clarifications A 2 Use of SASLprep in LOGIN The non standard mechanism LOGIN presumably does not support non ASCII We suggest that the client should send unprepared UTF 8 and that the server apply SASLprep with the AllowUnassigned bit cleared on the received username and password Next Copying Information Previous Protocol Clarifications Up Top Appendix B Old Functions As GNU SASL is still under heavy development some API functions have been found to be less useful Those old API functions will be supported during a transition period Refer to the NEWS file to find out since when a function has been deprecated gsasl client listmech Function int gsasl client listmech Gsasl ctx char out size t outlen ctx libgsasl handle out output character array outlen input maximum size of output character array on output contains actual length of output array Write SASL names separated by space of mechanisms supported by the libgsasl client to the output array To find out how large the output array must be call this function with a NULL out parameter Return value Returns GSASL OK if successful or error code Deprecated Use gsasl client mechlist instead gsasl server listmech Function int gsasl server listmech Gsasl ctx char out size t outlen ctx libgsasl handle out output character array outlen input maximum size of output character array on output contains actual length of output array Write SASL names separated by space of mechanisms supported by the libgsasl server to the output array To find out how large the output array must be call this function with a NULL out parameter Return value Returns GSASL OK if successful or error code Deprecated Use gsasl server mechlist instead gsasl client step Function int gsasl client step Gsasl session sctx const char input size t input len char output size t output len sctx libgsasl client handle input input byte array input len size of input byte array output output byte array output len size of output byte array Perform one step of SASL authentication in client This reads data from server specified with input and input len processes it potentially invoking callbacks to the application and writes data to server into variables output and output len The contents of the output buffer is unspecified if this functions returns anything other than GSASL NEEDS MORE Return value Returns GSASL OK if authenticated terminated successfully GSASL NEEDS MORE if more data is needed or error code Deprecated Use gsasl step instead gsasl server step Function int gsasl server step Gsasl session sctx const char input size t input len char output size t output len sctx libgsasl server handle input input byte array input len size of input byte array output output byte array output len size of output byte array Perform one step of SASL authentication in server This reads data from client specified with input and input len processes it potentially invoking callbacks to the application and writes data to client into variables output and output len The contents of the output buffer is unspecified if this functions returns anything other than GSASL NEEDS MORE Return value Returns GSASL OK if authenticated terminated successfully GSASL NEEDS MORE if more data is needed or error code Deprecated Use gsasl step instead gsasl client step base64 Function int gsasl client step base64 Gsasl session sctx const char b64input char b64output size t b64output len sctx libgsasl client handle b64input input base64 encoded byte array b64output output base64 encoded byte array b64output len size of output base64 encoded byte array This is a simple wrapper around gsasl client step that base64 decodes the input and base64 encodes the output Return value See gsasl client step Deprecated Use gsasl step64 instead gsasl server step base64 Function int gsasl server step base64 Gsasl session sctx const char b64input char b64output size t b64output len sctx libgsasl server handle b64input input base64 encoded byte array b64output output base64 encoded byte array b64output len size of output base64 encoded byte array This is a simple wrapper around gsasl server step that base64 decodes the input and base64 encodes the output Return value See gsasl server step Deprecated Use gsasl step64 instead gsasl client finish Function void gsasl client finish Gsasl session sctx sctx libgsasl client handle Destroy a libgsasl client handle The handle must not be used with other libgsasl functions after this call Deprecated Use gsasl finish instead gsasl server finish Function void gsasl server finish Gsasl session sctx sctx libgsasl server handle Destroy a libgsasl server handle The handle must not be used with other libgsasl functions after this call Deprecated Use gsasl finish instead gsasl client ctx get Function Gsasl gsasl client ctx get Gsasl session sctx sctx libgsasl client handle Get the libgsasl handle given a libgsasl client handle Return value Returns the libgsasl handle given a libgsasl client handle Deprecated This function is not useful with the new 0 2 0 API gsasl client application data set Function void gsasl client application data set Gsasl session sctx void application data sctx libgsasl client handle application data opaque pointer to application specific data Store application specific data in the libgsasl client handle The application data can be later for instance inside a callback be retrieved by calling gsasl client application data get It is normally used by the application to maintain state between the main program and the callback Deprecated Use gsasl callback hook set or gsasl session hook set instead gsasl client application data get Function void gsasl client application data get Gsasl session sctx sctx libgsasl client handle Retrieve application specific data from libgsasl client handle The application data is set using gsasl client application data set It is normally used by the application to maintain state between the main program and the callback Return value Returns the application specific data or NULL Deprecated Use gsasl callback hook get or gsasl session hook get instead gsasl server ctx get Function Gsasl gsasl server ctx get Gsasl session sctx sctx libgsasl server handle Get the libgsasl handle given a libgsasl server handle Return value Returns the libgsasl handle given a libgsasl server handle Deprecated This function is not useful with the new 0 2 0 API gsasl server application data set Function void gsasl server application data set Gsasl session sctx void application data sctx libgsasl server handle application data opaque pointer to application specific data Store application specific data in the libgsasl server handle The application data can be later for instance inside a callback be retrieved by calling gsasl server application data get It is normally used by the application to maintain state between the main program and the callback Deprecated Use gsasl callback hook set or gsasl session hook set instead gsasl server application data get Function void gsasl server application data get Gsasl session sctx sctx libgsasl server handle Retrieve application specific data from libgsasl server handle The application data is set using gsasl server application data set It is normally used by the application to maintain state between the main program and the callback Return value Returns the application specific data or NULL Deprecated Use gsasl callback hook get or gsasl session hook get instead gsasl randomize Function int gsasl randomize int strong char data size t datalen strong 0 iff operation should not block non 0 for very strong randomness data output array to be filled with random data datalen size of output array Store cryptographically random data of given size in the provided buffer Return value Returns GSASL OK iff successful Deprecated Use gsasl random or gsasl nonce instead gsasl ctx get Function Gsasl gsasl ctx get Gsasl session sctx sctx libgsasl session handle Get the libgsasl handle given a libgsasl session handle Return value Returns the libgsasl handle given a libgsasl session handle Deprecated This function is not useful with the new 0 2 0 API gsasl encode inline Function int gsasl encode inline Gsasl session sctx const char input size t input len char output size t output len sctx libgsasl session handle input input byte array input len size of input byte array output output byte array output len size of output byte array Encode data according to negotiated SASL mechanism This might mean that data is integrity or privacy protected Return value Returns GSASL OK if encoding was successful otherwise an error code Deprecated Use gsasl encode instead Since 0 2 0 gsasl decode inline Function int gsasl decode inline Gsasl session sctx const char input size t input len char output size t output len sctx libgsasl session handle input input byte array input len size of input byte array output output byte array output len size of output byte array Decode data according to negotiated SASL mechanism This might mean that data is integrity or privacy protected Return value Returns GSASL OK if encoding was successful otherwise an error code Deprecated Use gsasl decode instead Since 0 2 0 gsasl application data set Function void gsasl application data set Gsasl ctx void appdata ctx libgsasl handle appdata opaque pointer to application specific data Store application specific data in the libgsasl handle The application data can be later for instance inside a callback be retrieved by calling gsasl application data get It is normally used by the application to maintain state between the main program and the callback Deprecated Use gsasl callback hook set instead gsasl application data get Function void gsasl application data get Gsasl ctx ctx libgsasl handle Retrieve application specific data from libgsasl handle The application data is set using gsasl application data set It is normally used by the application to maintain state between the main program and the callback Return value Returns the application specific data or NULL Deprecated Use gsasl callback hook get instead gsasl appinfo set Function void gsasl appinfo set Gsasl session sctx void appdata sctx libgsasl session handle appdata opaque pointer to application specific data Store application specific data in the libgsasl session handle The application data can be later for instance inside a callback be retrieved by calling gsasl appinfo get It is normally used by the application to maintain state between the main program and the callback Deprecated Use gsasl callback hook set instead gsasl appinfo get Function void gsasl appinfo get Gsasl session sctx sctx libgsasl session handle Retrieve application specific data from libgsasl session handle The application data is set using gsasl appinfo set It is normally used by the application to maintain state between the main program and the callback Return value Returns the application specific data or NULL Deprecated Use gsasl callback hook get instead gsasl server suggest mechanism Function const char gsasl server suggest mechanism Gsasl ctx const char mechlist ctx libgsasl handle mechlist input character array with SASL mechanism names separated by invalid characters e g SPC Get name of best SASL mechanism supported by the libgsasl server which is present in the input string Return value Returns name of best SASL mechanism supported by the libgsasl server which is present in the input string Deprecated This function was never useful since it is the client that chose which mechanism to use gsasl client callback authentication id set Function void gsasl client callback authentication id set Gsasl ctx Gsasl client callback authentication id cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to set the authentication identity The function can be later retrieved using gsasl client callback authentication id get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback authentication id get Function Gsasl client callback authentication id gsasl client callback authentication id get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback authentication id set Return value Returns the callback earlier set by calling gsasl client callback authentication id set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback authorization id set Function void gsasl client callback authorization id set Gsasl ctx Gsasl client callback authorization id cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to set the authorization identity The function can be later retrieved using gsasl client callback authorization id get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback authorization id get Function Gsasl client callback authorization id gsasl client callback authorization id get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback authorization id set Return value Returns the callback earlier set by calling gsasl client callback authorization id set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback password set Function void gsasl client callback password set Gsasl ctx Gsasl client callback password cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to set the password The function can be later retrieved using gsasl client callback password get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback password get Function Gsasl client callback password gsasl client callback password get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback password set Return value Returns the callback earlier set by calling gsasl client callback password set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback passcode set Function void gsasl client callback passcode set Gsasl ctx Gsasl client callback passcode cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to set the passcode The function can be later retrieved using gsasl client callback passcode get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback passcode get Function Gsasl client callback passcode gsasl client callback passcode get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback passcode set Return value Returns the callback earlier set by calling gsasl client callback passcode set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback pin set Function void gsasl client callback pin set Gsasl ctx Gsasl client callback pin cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to chose a new pin possibly suggested by the server for the SECURID mechanism This is not normally invoked but only when the server requests it The function can be later retrieved using gsasl client callback pin get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback pin get Function Gsasl client callback pin gsasl client callback pin get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback pin set Return value Returns the callback earlier set by calling gsasl client callback pin set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback service set Function void gsasl client callback service set Gsasl ctx Gsasl client callback service cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to set the name of the service The service buffer should be a registered GSSAPI host based service name hostname the name of the server Servicename is used by DIGEST MD5 and should be the name of generic server in case of a replicated service The function can be later retrieved using gsasl client callback service get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback service get Function Gsasl client callback service gsasl client callback service get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback service set Return value Returns the callback earlier set by calling gsasl client callback service set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback anonymous set Function void gsasl client callback anonymous set Gsasl ctx Gsasl client callback anonymous cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to set the anonymous token which usually is the users email address The function can be later retrieved using gsasl client callback anonymous get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback anonymous get Function Gsasl client callback anonymous gsasl client callback anonymous get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback anonymous set Return value Returns the callback earlier set by calling gsasl client callback anonymous set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback qop set Function void gsasl client callback qop set Gsasl ctx Gsasl client callback qop cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to determine the qop to use after looking at what the server offered The function can be later retrieved using gsasl client callback qop get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback qop get Function Gsasl client callback qop gsasl client callback qop get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback qop set Return value Returns the callback earlier set by calling gsasl client callback qop set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback maxbuf set Function void gsasl client callback maxbuf set Gsasl ctx Gsasl client callback maxbuf cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to inform the server of the largest buffer the client is able to receive when using the DIGEST MD5 auth int or auth conf Quality of Protection qop If this directive is missing the default value 65536 will be assumed The function can be later retrieved using gsasl client callback maxbuf get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback maxbuf get Function Gsasl client callback maxbuf gsasl client callback maxbuf get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback maxbuf set Return value Returns the callback earlier set by calling gsasl client callback maxbuf set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback realm set Function void gsasl client callback realm set Gsasl ctx Gsasl client callback realm cb ctx libgsasl handle cb callback function Specify the callback function to use in the client to know which realm it belongs to The realm is used by the server to determine which username and password to use The function can be later retrieved using gsasl client callback realm get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl client callback realm get Function Gsasl client callback realm gsasl client callback realm get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl client callback realm set Return value Returns the callback earlier set by calling gsasl client callback realm set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback validate set Function void gsasl server callback validate set Gsasl ctx Gsasl server callback validate cb ctx libgsasl handle cb callback function Specify the callback function to use in the server for deciding if user is authenticated using authentication identity authorization identity and password The function can be later retrieved using gsasl server callback validate get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback validate get Function Gsasl server callback validate gsasl server callback validate get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl server callback validate set Return value Returns the callback earlier set by calling gsasl server callback validate set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback retrieve set Function void gsasl server callback retrieve set Gsasl ctx Gsasl server callback retrieve cb ctx libgsasl handle cb callback function Specify the callback function to use in the server for deciding if user is authenticated using authentication identity authorization identity and password The function can be later retrieved using gsasl server callback retrieve get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback retrieve get Function Gsasl server callback retrieve gsasl server callback retrieve get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl server callback retrieve set Return value Returns the callback earlier set by calling gsasl server callback retrieve set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback cram md5 set Function void gsasl server callback cram md5 set Gsasl ctx Gsasl server callback cram md5 cb ctx libgsasl handle cb callback function Specify the callback function to use in the server for deciding if user is authenticated using CRAM MD5 challenge and response The function can be later retrieved using gsasl server callback cram md5 get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback cram md5 get Function Gsasl server callback cram md5 gsasl server callback cram md5 get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl server callback cram md5 set Return value Returns the callback earlier set by calling gsasl server callback cram md5 set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback digest md5 set Function void gsasl server callback digest md5 set Gsasl ctx Gsasl server callback digest md5 cb ctx libgsasl handle cb callback function Specify the callback function to use in the server for retrieving the secret hash of the username realm and password for use in the DIGEST MD5 mechanism The function can be later retrieved using gsasl server callback digest md5 get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback digest md5 get Function Gsasl server callback digest md5 gsasl server callback digest md5 get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl server callback digest md5 set Return value Return the callback earlier set by calling gsasl server callback digest md5 set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback external set Function void gsasl server callback external set Gsasl ctx Gsasl server callback external cb ctx libgsasl handle cb callback function Specify the callback function to use in the server for deciding if user is authenticated out of band The function can be later retrieved using gsasl server callback external get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback external get Function Gsasl server callback external gsasl server callback external get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl server callback external set Return value Returns the callback earlier set by calling gsasl server callback external set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback anonymous set Function void gsasl server callback anonymous set Gsasl ctx Gsasl server callback anonymous cb ctx libgsasl handle cb callback function Specify the callback function to use in the server for deciding if user is permitted anonymous access The function can be later retrieved using gsasl server callback anonymous get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback anonymous get Function Gsasl server callback anonymous gsasl server callback anonymous get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl server callback anonymous set Return value Returns the callback earlier set by calling gsasl server callback anonymous set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback realm set Function void gsasl server callback realm set Gsasl ctx Gsasl server callback realm cb ctx libgsasl handle cb callback function Specify the callback function to use in the server to know which realm it serves The realm is used by the user to determine which username and password to use The function can be later retrieved using gsasl server callback realm get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback realm get Function Gsasl server callback realm gsasl server callback realm get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl server callback realm set Return value Returns the callback earlier set by calling gsasl server callback realm set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback qop set Function void gsasl server callback qop set Gsasl ctx Gsasl server callback qop cb ctx libgsasl handle cb callback function Specify the callback function to use in the server to know which quality of protection it accepts The quality of protection eventually used is selected by the client though It is currently used by the DIGEST MD5 mechanism The function can be later retrieved using gsasl server callback qop get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback qop get Function Gsasl server callback qop gsasl server callback qop get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl server callback qop set Return value Returns the callback earlier set by calling gsasl server callback qop set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback maxbuf set Function void gsasl server callback maxbuf set Gsasl ctx Gsasl server callback maxbuf cb ctx libgsasl handle cb callback function Specify the callback function to use in the server to inform the client of the largest buffer the server is able to receive when using the DIGEST MD5 auth int or auth conf Quality of Protection qop If this directive is missing the default value 65536 will be assumed The function can be later retrieved using gsasl server callback maxbuf get Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback maxbuf get Function Gsasl server callback maxbuf gsasl server callback maxbuf get Gsasl ctx ctx libgsasl handle Get the callback earlier set by calling gsasl server callback maxbuf set Return value Returns the callback earlier set by calling gsasl server callback maxbuf set Deprecated This function is part of the old callback interface The new interface uses gsasl callback set to set the application callback and uses gsasl callback or gsasl property get to invoke the callback for certain properties gsasl server callback cipher set Function void gsasl server callback cipher set Gsasl ctx Gsasl server callback cipher cb ctx libgsasl handle cb callback function Specify the callback function to use

    Original URL path: http://www.josefsson.org/gsasl/manual/gsasl.html (2016-04-30)
    Open archived version from archive


  • Emacs SMTP Library
    information but often it is the same as the server you receive mail from smtpmail smtp server The variable smtpmail smtp server controls the hostname of the server to use It is a string with an IP address or hostname It defaults to the contents of the SMTPSERVER environment variable or if empty the contents of smtpmail default smtp server smtpmail default smtp server The variable smtpmail default smtp server controls the default hostname of the server to use It is a string with an IP address or hostname It must be set before the SMTP library is loaded It has no effect if set after the SMTP library has been loaded or if smtpmail smtp server is defined It is usually set by system administrators in a site wide initialization file The following example illustrates what you could put in emacs to set the SMTP server name Send mail using SMTP via mail example org setq smtpmail smtp server mail example org SMTP is normally used on the registered smtp TCP service port 25 Some environments use SMTP in Mail Submission mode which uses port 587 Using other ports is not uncommon either for security by obscurity purposes port forwarding or otherwise smtpmail smtp service The variable smtpmail smtp service controls the port on the server to contact It is either a string in which case it will be translated into an integer using system calls or an integer The following example illustrates what you could put in emacs to set the SMTP service port Send mail using SMTP on the mail submission port 587 setq smtpmail smtp service 587 Next Queued delivery Previous Emacs Speaks SMTP Up Top 3 Authentication Many environments require SMTP clients to authenticate themselves before they are allowed to route mail via a server The two following variables contains the authentication information needed for this The first variable smtpmail auth credentials instructs the SMTP library to use a SASL authentication step currently only the CRAM MD5 and LOGIN mechanisms are supported and will be selected in that order if the server support both The second variable smtpmail starttls credentials instructs the SMTP library to connect to the server using STARTTLS This means the protocol exchange may be integrity protected and confidential by using TLS and optionally also authentication of the client This feature uses the elisp package starttls el see it for more information on customization which in turn require that at least one of the following external tools are installed The GNUTLS command line tool gnutls cli you can get it from http www gnu org software gnutls This is the recommended tool mainly because it can verify the server certificates The starttls external program you can get it from starttls tar gz from ftp ftp opaopa org pub elisp It is not uncommon to use both these mechanisms e g to use STARTTLS to achieve integrity and confidentiality and then use SASL for client authentication smtpmail auth credentials The variable smtpmail auth

    Original URL path: http://www.josefsson.org/smtpmail.html (2016-04-30)
    Open archived version from archive

  • Emacs Sieve Manual:
    u Deactivates the currently highlighted script C M Deactivates all scripts r Remove currently highlighted script RET mouse 2 f Bury the server buffer and download the currently highlighted script into a new buffer for editing in Sieve mode see section 2 Sieve Mode o Create a new buffer in another window containing the currently highlighted script for editing in Sieve mode see section 2 Sieve Mode q Bury the Manage Sieve buffer without closing the connection h Displays help in the minibuffer Up Top Contents Index 4 Examples If you are not familiar with Sieve this chapter contains a few simple code snippets that you can cut n paste and modify at will until you feel more comfortable with the Sieve language to write the rules from scratch The following complete Sieve script places all messages with a matching Sender header into the given mailbox Many mailing lists uses this format The first line makes sure your Sieve server understands the fileinto command require fileinto if address sender owner w3 beta xemacs org fileinto INBOX w3 beta A few mailing lists do not use the Sender header but does contain some unique identifier in some other header The following is not a complete script it assumes that fileinto has already been required if header contains Delivered To auc tex sunsite dk fileinto INBOX auc tex At last we have the hopeless mailing lists that does not have any unique identifier and you are forced to match on the To and Cc headers As before this snippet assumes that fileinto has been required if address to cc kerberos mit edu fileinto INBOX kerberos Up Top Contents Index 5 Manage Sieve API The sieve manage el library contains low level functionality for talking to a server with the MANAGESIEVE protocol A number of user visible variables exist which all can be customized in the sieve group M x customize group RET sieve RET sieve manage default user Sets the default username sieve manage default port Sets the default port to use the suggested port number is 2000 sieve manage log If non nil should be a string naming a buffer where a protocol trace is dumped for debugging purposes The API functions include sieve manage open Open connection to managesieve server returning a buffer to be used by all other API functions sieve manage opened Check if a server is open or not sieve manage close Close a server connection sieve manage authenticate Authenticate to the server sieve manage capability Return a list of capabilities the server support sieve manage listscripts List scripts on the server sieve manage havespace Returns non nil iff server have roam for a script of given size sieve manage getscript Download script from server sieve manage putscript Upload script to server sieve manage setactive Indicate which script on the server should be active Up Top Contents Index 6 Standards The Emacs Sieve package implements all or parts of a small but hopefully growing number of RFCs

    Original URL path: http://www.josefsson.org/sieve/sieve.html (2016-04-30)
    Open archived version from archive

  • Sieve support for emacs
    The sieve XEmacs package is available from the usual XEmacs package distribution points 2002 01 10 There is a XEmacs package sieve in XEmacs CVS 2001 11 01 Files added to Oort Gnus CVS development will mostly take place in Gnus 2001 06 30 Version 0 1 released 2001 06 30 CVS temporarily offline Does anyone know how to setup anonymous ssh cvs access If so mail me 2001 03

    Original URL path: http://www.josefsson.org/sieve/ (2016-04-30)
    Open archived version from archive

  • Index of /gnutls4win
    sig 2015 08 11 20 46 236 gsasl 1 5 0 zip 2015 08 11 20 46 8 6M gsasl 1 5 0 zip sig 2015 08 11 20 46 236 gss 0 1 1 zip 2015 08 11 20 46 7 6M gss 1 0 0 zip 2015 08 11 20 46 8 0M gss 1 0 0 zip sig 2015 08 11 20 46 236 gss 1 0 1 zip 2015 08 11 20 46 8 0M gss 1 0 1 zip sig 2015 08 11 20 46 236 libgcrypt 1 4 4 zip 2015 08 11 20 46 1 5M libgcrypt 1 4 4 zip sig 2015 08 11 20 46 236 libgcrypt 1 4 5 zip 2015 08 11 20 46 1 5M libgcrypt 1 4 5 zip sig 2015 08 11 20 46 236 libgcrypt 1 4 6 zip 2015 08 11 20 46 1 5M libgcrypt 1 4 6 zip sig 2015 08 11 20 46 236 libgpg error 1 7 zip 2015 08 11 20 46 118K libgpg error 1 7 zip sig 2015 08 11 20 46 236 libgpg error 1 8 zip 2015 08 11 20 46 116K libgpg error 1 8 zip sig 2015 08 11 20 46 236 libidn 1 12 zip 2015 08 11 20 46 418K libidn 1 12 zip sig 2015 08 11 20 46 236 libidn 1 13 zip 2015 08 11 20 46 421K libidn 1 14 zip 2015 08 11 20 46 421K libidn 1 15 zip 2015 08 11 20 46 422K libidn 1 15 zip sig 2015 08 11 20 46 236 libidn 1 16 zip 2015 08 11 20 46 424K libidn 1 16 zip sig 2015 08 11 20 46 236 libidn 1 18 zip 2015 08 11 20 46 424K libidn 1 18 zip sig 2015 08 11 20 46 236 libidn 1 19 zip 2015 08 11 20 46 423K libidn 1 19 zip sig 2015 08 11 20 46 236 libntlm 1 1 zip 2015 08 11 20 46 54K libntlm 1 1 zip sig 2015 08 11 20 46 236 libntlm 1 2 zip 2015 08 11 20 46 54K libntlm 1 2 zip sig 2015 08 11 20 46 236 libssh2 1 0 zip 2015 08 11 20 46 1 7M libssh2 1 1 zip 2015 08 11 20 46 1 7M libssh2 1 2 1 zip 2015 08 11 20 46 1 7M libssh2 1 2 1 zip sig 2015 08 11 20 46 236 libssh2 1 2 2 zip 2015 08 11 20 46 1 8M libssh2 1 2 2 zip sig 2015 08 11 20 46 236 libssh2 1 2 3 zip 2015 08 11 20 46 1 8M libssh2 1 2 3 zip sig 2015 08 11 20 46 236 libssh2 1 2 4 zip 2015 08 11 20 46 1 8M libssh2 1 2 4 zip sig 2015 08 11 20 46 236 libssh2 1 2 5 zip 2015 08 11 20 46 1 8M libssh2 1 2 5 zip sig 2015 08 11 20 46 236 libssh2 1 2 6 zip 2015 08 11 20 46 1 8M libssh2 1 2 6 zip sig 2015 08 11 20 46 236 libssh2 1 2 7 zip 2015 08 11 20 46 1 8M libssh2 1 2 7 zip sig 2015 08 11 20 46 236 libssh2 1 2 zip 2015 08 11 20 46 1 7M libssh2 1 2 zip sig 2015 08 11 20 46 236 libtasn1 1 8 zip 2015 08 11 20 46 277K libtasn1 2 1 zip 2015 08 11 20 46 277K libtasn1 2 1 zip sig 2015 08 11 20 46 236 libtasn1 2 2 zip 2015 08 11 20 46 277K libtasn1 2 2 zip sig 2015 08 11 20 46 236 libtasn1 2 3 zip 2015 08 11 20 46 261K libtasn1 2 3 zip sig 2015 08 11 20 46 236 libtasn1 2 4 zip 2015 08 11 20 46 262K libtasn1 2 4 zip sig 2015 08 11 20 46 236 libtasn1 2 5 zip 2015 08 11 20 46 260K libtasn1 2 5 zip sig 2015 08 11 20 46 236 libtasn1 2 6 zip 2015 08 11 20 46 261K libtasn1 2 6 zip sig 2015 08 11 20 46 236 libtasn1 2 7 zip 2015 08 11 20 46 261K libtasn1 2 7 zip sig 2015 08 11 20 46 236 libtasn1 2 8 zip 2015 08 11 20 46 265K libtasn1 2 8 zip sig 2015 08 11 20 46 236 mingw32 gnutls 2 2 5 1 all deb 2015 08 11 20 46 4 1M mingw32 gnutls 2 4 0 1 all deb 2015 08 11 20 46 4 8M mingw32 gnutls 2 4 1 1 all deb 2015 08 11 20 46 4 8M mingw32 gnutls 2 4 2 1 all deb 2015 08 11 20 46 5 0M mingw32 gnutls 2 5 5 1 all deb 2015 08 11 20 46 4 8M mingw32 gnutls 2 5 9 1 all deb 2015 08 11 20 46 4 4M mingw32 gnutls 2 6 0 1 all deb 2015 08 11 20 46 4 4M mingw32 gnutls 2 6 1 1 all deb 2015 08 11 20 46 4 4M mingw32 gnutls 2 6 2 1 all deb 2015 08 11 20 46 4 4M mingw32 gnutls 2 6 3 1 all deb 2015 08 11 20 46 4 4M mingw32 gnutls 2 6 4 1 all deb 2015 08 11 20 46 4 5M mingw32 gnutls 2 6 5 1 all deb 2015 08 11 20 46 4 5M mingw32 gnutls 2 6 6 1 all deb 2015 08 11 20 46 4 5M mingw32 gnutls 2 8 0 1 all deb 2015 08 11 20 46 4 7M mingw32 gnutls 2 8 1 1 all deb 2015 08 11 20 46 4 7M mingw32 gnutls 2 8 2 1 all deb 2015

    Original URL path: http://www.josefsson.org/gnutls4win/ (2016-04-30)
    Open archived version from archive

  • Wireless Router with a 3G/UMTS/HSDPA dongle
    1 12 2 brcm47xx ipk Installing zlib 1 2 3 5 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages zlib 1 2 3 5 brcm47xx ipk Configuring libusb Configuring zlib Configuring usbutils Connecting to www linux usb org 216 34 181 97 80 100 429k 00 00 00 ETA Done root caramel You will definitely need the kmod usb serial package and one or more of the USB HCI modules kmod usb2 EHCI kmod usb uhci UHCI or kmod usb ohci OHCI For the brcm 2 4 image the kmod usb uhci will normally work but for our brcm47xx image I m installing them all to be ready for all kind of USB devices root caramel opkg install kmod usb serial kmod usb2 kmod usb uhci kmod usb ohci Installing kmod usb serial 2 6 32 10 1 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages kmod usb serial 2 6 32 10 1 brcm47xx ipk Installing kmod usb core 2 6 32 10 1 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages kmod usb core 2 6 32 10 1 brcm47xx ipk Installing kmod nls base 2 6 32 10 1 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages kmod nls base 2 6 32 10 1 brcm47xx ipk Installing kmod usb2 2 6 32 10 1 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages kmod usb2 2 6 32 10 1 brcm47xx ipk Installing kmod usb uhci 2 6 32 10 1 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages kmod usb uhci 2 6 32 10 1 brcm47xx ipk Installing kmod usb ohci 2 6 32 10 1 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages kmod usb ohci 2 6 32 10 1 brcm47xx ipk Configuring kmod nls base Configuring kmod usb core Configuring kmod usb ohci Configuring kmod usb2 Configuring kmod usb serial Configuring kmod usb uhci root caramel At this point I reboot the device to have USB be initialized properly For me USB did not initialize correctly without a reboot If everything works you should see something like the output below If you didn t install the lsusb tool try cat proc bus usb devices instead root caramel lsusb Bus 004 Device 001 ID 1d6b 0001 Linux Foundation 1 1 root hub Bus 003 Device 002 ID 12d1 1003 Huawei Technologies Co Ltd E220 HSDPA Modem E230 E270 HSDPA HSUPA Modem Bus 003 Device 001 ID 1d6b 0001 Linux Foundation 1 1 root hub Bus 002 Device 001 ID 1d6b 0001 Linux Foundation 1 1 root hub Bus 001 Device 001 ID 1d6b 0002 Linux Foundation 2 0 root hub root caramel You will likely need to configure the usbserial driver to claim the serial device and then reboot the router Here is how to do it root caramel cat etc modules d 60 usb serial usbserial vendor 0x12d1 product 0x1003 maxSize 4096 root caramel reboot If you are using some other device than the E220 you will need to modify the USB vendor product IDs as appropriate Reboot the box and if you are lucky you should see something like this in the kernel log USB Serial support registered for generic usbserial generic 3 1 1 0 generic converter detected usb 3 1 generic converter now attached to ttyUSB0 usbserial generic 3 1 1 1 generic converter detected usb 3 1 generic converter now attached to ttyUSB1 usbserial generic 3 1 1 2 generic converter detected usb 3 1 generic converter now attached to ttyUSB2 usbcore registered new interface driver usbserial generic usbserial USB Serial Driver core If that doesn t happen you may need a tool that nudges the modem into revealing its serial ports by default it is a storage device I believe the E220 will reveal its serial ports automatically after a few minutes so if you have the patience to wait you should not need this step If you decide to speed things up the package huaweiaktbbo helps here Don t forget to run opkg update first root caramel opkg install huaweiaktbbo Installing huaweiaktbbo 1 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages huaweiaktbbo 1 brcm47xx ipk Configuring huaweiaktbbo root caramel The tool is used as follows root caramel huaweiAktBbo Searching modem found supported modem Modem poked root caramel To run this command automatically after each reboot you can add a small init d script as follows instead of D press Control D root caramel cat etc init d huaweiAktBbo bin sh etc rc common Written by Simon Josefsson 2009 03 05 Released into the public domain START 70 start huaweiAktBbo D root caramel chmod x etc init d huaweiAktBbo root caramel etc init d huaweiAktBbo enable The next step is to get dial up PPP working The comgt package contains several useful 3G UMTS scripts root caramel opkg install comgt Installing comgt 0 32 1 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages comgt 0 32 1 brcm47xx ipk Installing chat 2 4 4 5 to root Downloading http downloads openwrt org backfire 10 03 brcm47xx packages chat 2 4 4 5 brcm47xx ipk Configuring chat Configuring comgt root caramel The next step is to configure a network interface for the 3G UMTS HSDPA interface I ended up modifying the wan section of etc config network to read as follows WAN configuration config interface wan option ifname ppp0 option proto 3g option device dev usb tts 0 option apn bredband tre se option pincode 1234 You will need to modify the apn and pincode settings as appropriate Now the command ifup wan should work and will print something like this root caramel ifup wan Trying to set PIN PIN set successfully root caramel Use logread to inspect the pppd debug messages which could look like this Dec 22 22 01 50

    Original URL path: http://www.josefsson.org/openwrt/dongle.html (2016-04-30)
    Open archived version from archive

  • Wireless Home Network
    SSH agent Disable password based login using root OpenWrt sed i e s on off etc config dropbear Alternatively edit etc config dropbear to look like config dropbear option PasswordAuth off option Port 22 At this point you can print the ssh host key fingerprint using root OpenWrt dropbearkey y f etc dropbear dropbear rsa host key Public key portion is ssh rsa AAAA root OpenWrt Fingerprint md5 To use the web interface you may want to set a root password root OpenWrt passwd Changing password for root New password Retype password Password for root changed by root root OpenWrt If you do not set a root password you will need to manually disable the telnet server as follows root OpenWrt etc init d telnet disable After you have made your changes try the new configuration by rebooting both devices root OpenWrt etc config reboot You should now be able to login as root using SSH Try it from your machine The SSH fingerprint should match what was printed by dropbearkey earlier jas mocca ssh l root 192 168 1 15 The authenticity of host 192 168 1 15 192 168 1 15 can t be established RSA key fingerprint is Are you sure you want to continue connecting yes no yes Warning Permanently added 192 168 1 15 RSA to the list of known hosts BusyBox v1 15 3 2010 04 06 04 14 37 CEST built in shell ash Enter help for a list of built in commands W I R E L E S S F R E E D O M Backfire 10 03 r20728 1 3 shot Kahlua In a shot glass layer Kahlua 1 3 shot Bailey s on the bottom then Bailey s 1 3 shot Vodka then Vodka root caramel Setup wireless Wireless is disabled by default and you will have to modify etc config wireless to configure it A simple setup that use insecure WEP would be config wifi device wl0 option type broadcom option channel 5 config wifi iface option device wl0 option network lan option mode ap option ssid YourNetworkName option encryption wep option key DEADBEEF A better setup that still use shared secrets but the more secure PSK2 would be config wifi device wl0 option type broadcom option channel 5 config wifi iface option device wl0 option network lan option mode ap option ssid YourNetworkName option encryption psk2 option key DEADBEEFDEADBEEFDEADBEEFDEADBEEF Remember your security is never better than your password As you may recall the point of this exercise was to set up two routers with WDS and PSK2 For discussion let s say the MAC address of box 1 is 12 34 56 78 89 ab and the MAC address of box 2 is cd ef 01 23 45 67 You can use ifconfig on each of the routers to find out the MAC address On the first box my etc config wireless file looks like etc config wireless configuration for device 12 34 56 78 89

    Original URL path: http://www.josefsson.org/openwrt/wlan.html (2016-04-30)
    Open archived version from archive

  • Index of /dns
    Digest SHA1 2 00 tar gz 2015 08 11 20 46 33K HTML Parser 3 25 tar gz 2015 08 11 20 46 68K HTML Tagset 3 03 tar gz 2015 08 11 20 46 6 5K MIME Base64 2 12 tar gz 2015 08 11 20 46 11K Math Pari 2 010201 tar gz 2015 08 11 20 46 78K Net DNS 0 12 tar gz 2015 08 11 20 46 57K Net DNS 0 19 DNSSEC 0 5 tar gz 2015 08 11 20 46 101K PyChart 1 11 tar gz 2015 08 11 20 46 62K Sort Versions 1 2 tar gz 2015 08 11 20 46 3 2K Tie EncryptedHash 1 1 tar gz 2015 08 11 20 46 10K URI 1 17 tar gz 2015 08 11 20 46 80K alla dns shtml 2015 08 11 20 46 253 alla operatorer shtml 2015 08 11 20 46 276 comitnet txt 2015 08 11 20 46 45K dns get zone pl 2015 08 11 20 46 1 0K dns get zones sh 2015 08 11 20 46 193 dnssurvey dns se 2015 08 11 20 46 1 9K dnssurvey pl 2015 08 11 20 46 29K header shtml 2015 08 11 20 46 759 index shtml 2015 08 11 20 46 1 9K libwww perl 5 62 tar gz 2015 08 11 20 46 176K perl DBD Pg 0 91 2 i386 rpm 2015 08 11 20 46 33K perl DBI 1 13 2 i386 rpm 2015 08 11 20 46 234K perl Digest MD5 2 13 1 i386 rpm 2015 08 11 20 46 32K perl HTML Parser 3 25 2 i386 rpm 2015 08 11 20 46 87K perl HTML Tagset 3 03 3 i386 rpm 2015 08 11 20 46 13K perl MIME

    Original URL path: http://www.josefsson.org/dns/ (2016-04-30)
    Open archived version from archive



  •