1 \input texinfo @c -*-texinfo-*-
8 * SASL: (sasl). The Emacs SASL library.
11 @settitle Emacs SASL Library @value{VERSION}
15 This manual describes the Emacs SASL library.
17 This library provides a common interface to share several authentication
18 mechanisms between applications using different protocols.
35 @sc{sasl} is short for @dfn{Simple Authentication and Security Layer}.
36 This standard is documented in RFC2222. It provides a simple method for
37 adding authentication support to various application protocols.
39 The toplevel interface of this library is inspired by Java @sc{sasl}
40 Application Program Interface. It defines an abstraction over a series
41 of authentication mechanism drivers.
43 There are three data types to be used for carrying a negotiated
44 security layer---a mechanism, a client parameter and an authentication
50 A mechanism (@code{sasl-mechanism} object) is a schema of the @sc{sasl}
51 authentication process.
53 @defvar sasl-mechanisms
54 A list of mechanism names.
57 @defun sasl-find-mechanism mechanisms
59 Retrieve an apropriate authentication mechanism.
60 This function compares MECHANISMS and @code{sasl-mechanisms} then
61 returns apropriate @sc{sasl} mechanism object.
64 (let ((sasl-mechanisms '("CRAM-MD5" "DIGEST-MD5")))
65 (setq mechanism (sasl-find-mechanism server-supported-mechanisms)))
70 @defun sasl-mechanism-name mechanism
71 Return name of mechanism, a string.
74 If you want to write an authentication mechanism driver (@ref{Backend
75 Drivers}), use @code{sasl-make-mechanism} and modify
76 @code{sasl-mechanisms} and @code{sasl-mechanism-alist} correctly.
78 @defun sasl-make-mechanism name steps
79 Allocate an authentication mechanism.
80 This function takes two parameters---name of the mechanism, and a list
81 of authentication functions.
84 (defconst sasl-anonymous-steps
85 '(identity ;no initial response
86 sasl-anonymous-response))
88 (put 'sasl-anonymous 'sasl-mechanism
89 (sasl-make-mechanism "ANONYMOUS" sasl-anonymous-steps))
97 A client (@code{sasl-client} object) initialized with four
98 parameters---a mechanism, a user name, name of the service and name of
101 @defun sasl-make-client mechanism name service server
102 Prepare a client parameter object.
105 @defun sasl-client-mechanism client
106 Return the authentication mechanism driver of CLIENT.
109 @defun sasl-client-name client
110 Return the authorization name of CLIENT, a string.
113 @defun sasl-client-service client
114 Return the service name of CLIENT, a string.
117 @defun sasl-client-server client
118 Return the server name of CLIENT, a string.
121 If you want to specify additional configuration properties, please use
122 @code{sasl-client-set-property}.
124 @defun sasl-client-set-property client property value
125 Add the given property/value to CLIENT.
128 @defun sasl-client-property client property
129 Return the value of the PROPERTY of CLIENT.
132 @defun sasl-client-set-properties client plist
133 Destructively set the properties of CLIENT.
134 The second argument PLIST is the new property list.
137 @defun sasl-client-properties client
138 Return the whole property list of CLIENT configuration.
144 A step (@code{sasl-step} object) is an abstraction of authentication
145 "step" which holds the response value and the next entry point for the
146 authentication process (the latter is not accessible).
148 @defun sasl-step-data step
149 Return the data which STEP holds, a string.
152 @defun sasl-step-set-data step data
153 Store DATA string to STEP.
156 To get the initial response, you should call the function
157 @code{sasl-next-step} with the second argument nil.
160 (setq name (sasl-mechanism-name mechanism))
163 At this point we could send the command which starts a SASL
164 authentication protocol exchange. For example,
169 (if (sasl-step-data step) ;initial response
170 (format "AUTH %s %s\r\n" name (base64-encode-string (sasl-step-data step) t))
171 (format "AUTH %s\r\n" name)))
174 To go on with the authentication process, all you have to do is call
175 @code{sasl-next-step} consecutively.
177 @defun sasl-next-step client step
178 Perform the authentication step.
179 At the first time STEP should be set to nil.
182 @node Backend Drivers
183 @chapter Backend Drivers
192 @chapter Function Index
196 @chapter Variable Index