46 lines
1.7 KiB
Go
46 lines
1.7 KiB
Go
// Library for Simple Authentication and Security Layer (SASL) defined in RFC 4422.
|
|
package sasl
|
|
|
|
// Note:
|
|
// Most of this code was copied, with some modifications, from net/smtp. It
|
|
// would be better if Go provided a standard package (e.g. crypto/sasl) that
|
|
// could be shared by SMTP, IMAP, and other packages.
|
|
|
|
import (
|
|
"errors"
|
|
)
|
|
|
|
// Common SASL errors.
|
|
var (
|
|
ErrUnexpectedClientResponse = errors.New("sasl: unexpected client response")
|
|
ErrUnexpectedServerChallenge = errors.New("sasl: unexpected server challenge")
|
|
)
|
|
|
|
// Client interface to perform challenge-response authentication.
|
|
type Client interface {
|
|
// Begins SASL authentication with the server. It returns the
|
|
// authentication mechanism name and "initial response" data (if required by
|
|
// the selected mechanism). A non-nil error causes the client to abort the
|
|
// authentication attempt.
|
|
//
|
|
// A nil ir value is different from a zero-length value. The nil value
|
|
// indicates that the selected mechanism does not use an initial response,
|
|
// while a zero-length value indicates an empty initial response, which must
|
|
// be sent to the server.
|
|
Start() (mech string, ir []byte, err error)
|
|
|
|
// Continues challenge-response authentication. A non-nil error causes
|
|
// the client to abort the authentication attempt.
|
|
Next(challenge []byte) (response []byte, err error)
|
|
}
|
|
|
|
// Server interface to perform challenge-response authentication.
|
|
type Server interface {
|
|
// Begins or continues challenge-response authentication. If the client
|
|
// supplies an initial response, response is non-nil.
|
|
//
|
|
// If the authentication is finished, done is set to true. If the
|
|
// authentication has failed, an error is returned.
|
|
Next(response []byte) (challenge []byte, done bool, err error)
|
|
}
|