Common Lisp Package: SASL

README:

FUNCTION

Public

CHOOSE-MECHANISM (AVAILABLE &KEY (CLEARTEXT NIL) (ANONYMOUS NIL))

Choose an SASL mechanism from AVAILABLE. Return the class implementing the mechanism, or nil if no mechanism is suitable. AVAILABLE is a list of strings, naming the mechanisms offered by the server. If CLEARTEXT is true, accept mechanisms that send passwords in clear text or with weak encryption. If ANONYMOUS is true, use mechanisms that acquire anonymous access.

GET-MECHANISM (NAME)

Return the class name for the mechanism called NAME, or nil if not implemented.

Private

IN-LATIN1-P (CHAR)

Return non-nil if CHAR is in the ISO 8859-1 character set.

PARSE-CHALLENGE (CHALLENGE &OPTIONAL (START 0) ACCUMULATED)

Parse CHALLENGE and return it as an alist. Start at index START.

STRING-TO-LATIN1-OR-UTF8 (STRING)

Convert STRING to ISO 8859-1 if possible, else to UTF-8. Return a byte vector.

STRING-TO-UTF8 (STRING)

Convert STRING to UTF-8. Return a vector of unsigned-bytes.

STRING-TO-UTF8-LISP (STRING)

Convert STRING to UTF-8. Return a vector of unsigned-bytes.

Undocumented

GET-PASSWORD (PASSWORD)

RESPONSE (AUTHC-ID AUTHZ-ID REALM PASSWORD DIGEST-URI NONCE CNONCE NC QOP REQUEST)

GENERIC-FUNCTION

Public

CLIENT-STEP (CLIENT SERVER-INPUT)

Perform a step in the SASL authentication. SERVER-INPUT is a byte vector containing the response from the server, or NIL if the client should start the exchange, or the keyword :SUCCESS if the server reported successful authentication. Returns a byte vector to be sent in response to the server, or :SUCCESS if the client should consider authentication successful, or :FAILURE if the client should consider authentication failed. Obeying this result is important, as some mechanisms provide mutual authentication.

Private

Undocumented

RESPONSE-VALUE (C REQUEST)

SLOT-ACCESSOR

Public

AUTHC-ID (OBJECT)

The authentication id. This is the user whose credentials you are providing to the server.

SETFAUTHC-ID (NEW-VALUE OBJECT)

The authentication id. This is the user whose credentials you are providing to the server.

AUTHZ-ID (OBJECT)

The authorization id. This is the user you want to act as. You don't need to provide it unless it is different from the authentication id.

SETFAUTHZ-ID (NEW-VALUE OBJECT)

The authorization id. This is the user you want to act as. You don't need to provide it unless it is different from the authentication id.

HOST (OBJECT)

The hostname of the service.

SETFHOST (NEW-VALUE OBJECT)

The hostname of the service.

PASSWORD (OBJECT)

The password. This is either a string, or a function taking no arguments and returning the password.

SETFPASSWORD (NEW-VALUE OBJECT)

The password. This is either a string, or a function taking no arguments and returning the password.

REALM (OBJECT)

The realm to which the user's account belongs. If it is not specified, the first realm that the server advertises will be chosen. Many servers don't use realms.

SETFREALM (NEW-VALUE OBJECT)

The realm to which the user's account belongs. If it is not specified, the first realm that the server advertises will be chosen. Many servers don't use realms.

SERV-NAME (OBJECT)

The specific server you are connecting to (if different from the hostname).

SETFSERV-NAME (NEW-VALUE OBJECT)

The specific server you are connecting to (if different from the hostname).

SERVICE (OBJECT)

The service name. Common values include "xmpp" and "imap".

SETFSERVICE (NEW-VALUE OBJECT)

The service name. Common values include "xmpp" and "imap".

Undocumented

MECHANISM-NAME (OBJECT)

Private

Undocumented

CNONCE (OBJECT)

SETFCNONCE (NEW-VALUE OBJECT)

DIGEST-URI-VALUE (OBJECT)

SETFDIGEST-URI-VALUE (NEW-VALUE OBJECT)

NONCE (OBJECT)

SETFNONCE (NEW-VALUE OBJECT)

STATE (OBJECT)

SETFSTATE (NEW-VALUE OBJECT)

VARIABLE

Private

MECHANISMS

List of SASL mechanisms in order of preference. Each element is a list describing a mechanism. The first item is the name of the mechanism. The second item is the class implementing it. The remaining items are properties of the mechanism: :CLEARTEXT Password is sent in clear text or with weak encryption :ANONYMOUS Mechanism negotiates anonymous access

CLASS

Public

CLIENT

Abstract base class for SASL clients using various mechanisms.

DIGEST-MD5

Client-side implementation of the SASL DIGEST-MD5 mechanism, as specified in RFC 2831.

PLAIN

Client-side implementation of the SASL PLAIN mechanism, as specified in RFC 2595, section 6.