source-git / gnutls

Clone
Source Code
GIT

Blame doc/functions/gnutls_srp_set_server_credentials_function

c8 c8s master
  1.   a14c967536cad86300a8d3b5984dc4aa50b5c642
  2.   doc
  3.   functions
  4.   gnutls_srp_set_server_credentials_function
Blob History Raw
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
@deftypefun {void} {gnutls_srp_set_server_credentials_function} (gnutls_srp_server_credentials_t         @var{cred}, gnutls_srp_server_credentials_function         * @var{func})
Packit Service 4684c1 
@var{cred}: is a @code{gnutls_srp_server_credentials_t}  type.
Packit Service 4684c1
Packit Service 4684c1 
@var{func}: is the callback function
Packit Service 4684c1
Packit Service 4684c1 
This function can be used to set a callback to retrieve the user's
Packit Service 4684c1 
SRP credentials.  The callback's function form is:
Packit Service 4684c1
Packit Service 4684c1 
int (*callback)(gnutls_session_t, const char* username,
Packit Service 4684c1 
gnutls_datum_t *salt, gnutls_datum_t *verifier, gnutls_datum_t *generator,
Packit Service 4684c1 
gnutls_datum_t *prime);
Packit Service 4684c1
Packit Service 4684c1 
 @code{username} contains the actual username.
Packit Service 4684c1 
The  @code{salt} ,  @code{verifier} ,  @code{generator} and  @code{prime} must be filled
Packit Service 4684c1 
in using the @code{gnutls_malloc()} . For convenience  @code{prime} and  @code{generator} may also be one of the static parameters defined in gnutls.h.
Packit Service 4684c1
Packit Service 4684c1 
Initially, the data field is NULL in every @code{gnutls_datum_t}
Packit Service 4684c1 
structure that the callback has to fill in. When the
Packit Service 4684c1 
callback is done GnuTLS deallocates all of those buffers
Packit Service 4684c1 
which are non-NULL, regardless of the return value.
Packit Service 4684c1
Packit Service 4684c1 
In order to prevent attackers from guessing valid usernames,
Packit Service 4684c1 
if a user does not exist, g and n values should be filled in
Packit Service 4684c1 
using a random user's parameters. In that case the callback must
Packit Service 4684c1 
return the special value (1).
Packit Service 4684c1 
See @code{gnutls_srp_set_server_fake_salt_seed}  too.
Packit Service 4684c1 
If this is not required for your application, return a negative
Packit Service 4684c1 
number from the callback to abort the handshake.
Packit Service 4684c1
Packit Service 4684c1 
The callback function will only be called once per handshake.
Packit Service 4684c1 
The callback function should return 0 on success, while
Packit Service 4684c1 
-1 indicates an error.
Packit Service 4684c1 
@end deftypefun

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation