sasl_get/setprop() propnum assignments

Nicolas Williams Nicolas.Williams at sun.com
Tue Dec 13 12:02:06 EST 2005


On Mon, Dec 12, 2005 at 11:42:59PM +0000, Alexey Melnikov wrote:
> Nicolas Williams wrote:
> >So, I'd like to allocate:
> >
> >/*
> >* GSS-API credential handle for sasl_client_step() or sasl_server_step().
> >* The application is responsible for releasing this credential handle.
> >*/
> >#define		SASL_GSS_CREDS		18
> >
> >This goes along with SASL_DELEGATEDCREDS.
> > 
> >
> Ok, I will deal with this on Friday (or later :-)).

:)

Add two more:

/*
 * GSS name (gss_name_t) of the peer, as output by gss_inquire_context()
 * or gss_accept_sec_context().
 */
#define			SASL_GSS_PEER_NAME	19

/*
 * Local GSS name (gss_name_t) as output by gss_inquire_context().  This
 * is particularly useful for servers that respond to multiple names.
 */
#define			SASL_GSS_LOCAL_NAME	20


> >BTW, the description of SASL_DELEGATEDCREDS should say who is
> >responsible for releasing the credentials (probably the plug-in, when
> >the sasl_conn_t is disposed of).
> > 
> >
> By default all properties are "controlled" by the authentication plugin.

Well, I can see that for properties whose values are produced by a
plug-in, like SASL_DELEGATEDCREDS or SASL_GSS_PEER_NAME (see above).

But for props whose values are given by applications, like
SASL_GSS_CREDS, I think the app should be responsible for releasing
said values.

Nico
-- 


More information about the Cyrus-sasl mailing list