Howard Chu wrote:
I'm looking at how to utilize some of the APIs in this draft
http://tools.ietf.org/html/draft-ietf-kitten-gssapi-naming-exts-06
with SASL. My preference was to provide SASL versions of
gss_inquire_name() and gss_get_name_attribute(), so that apps using
SASL don't need to call directly into the underlying GSS API. But
alternatively, I could just implement sasl_getprop(SASL_GSS_PEER_NAME)
and make the app do the gss calls itself. Any suggestions?
Proposed wrappers would be
sasl_nameprop_list(sasl_conn_t *conn, char **propnames)
-> return the list of available attributes using gss_inquire()
sasl_nameprop_request(sasl_conn_t *conn,
const char *propname,
int *authenticated,
int *complete,
void **value,
unsigned *value_length,
char **display_value,
int *more)
-> iterate thru gss_get_name_attribute().
This would require adding the corresponding entry points to the
sasl_server_plug_t.
After thinking a bit more about this, I think this is sensible.
You would also need to bump the SASL plugin version number (in saslplug.h):
#define SASL_SERVER_PLUG_VERSION ...
