Interface org.freedesktop.Telepathy.Channel.Type.Authentication.DRAFT

Interface Index (Compact) | Summary | Description | Methods | Signals | Properties | Types

Methods

Respond (ay: Response_Data) nothing

Signals

StateChanged (u: State)
Challenge (ay: Remote_Challenge)
MechanismNegotiated (s: Mechanism_Name)

Properties

PeerIdentity s Read only
State u (Authentication_State) Read only
Challenges aay (Challenge_Data_List) Read only
Mechanism s Read only

Types

Challenge_Data Simple Type ay
Authentication_State Enum u
Authentication_Reject_Reason Enum u
Mechanism_Details Struct (sa{sv})
WARNING: This interface is experimental and is likely to cause havoc to your API/ABI if bindings are generated. Do not include this interface in libraries that care about compatibility.
Changed in 0.17.27. (draft 2)
Objects implementing this interface must also implement:

Description

A channel type for authentication of all types.

Methods

(Permalink)

Respond (ay: Response_Data) → nothing

Parameters

  • Response_Data — ay (Challenge_Data)
    • The string we are sending in response.
Respond to a challenge. An empty string is an "acknowledge" response.

Signals

(Permalink)

StateChanged (u: State)

Parameters

Emitted whenever the State changes.
(Permalink)

Challenge (ay: Remote_Challenge)

Parameters

Emitted whenever a new challenge arrives.
(Permalink)

MechanismNegotiated (s: Mechanism_Name)

Parameters

  • Mechanism_Name — s
    • The name of the new mechanism, as it also appears in Mechanism.
Emitted when the authentication mechanism has been negotiated

Properties

Accessed using the org.freedesktop.DBus.Properties interface.
(Permalink)

PeerIdentity — s

Read only
This is the identity of the remote peer. Either the host name of the server, or string identifier of the remote client. This is useful in different situations, for example in remote authentication we often need to match a certificate with a given identity. In local authentication the DIGEST_MD5 mechanism requires the server's name.
(Permalink)

State — u (Authentication_State)

Read only
The state in which this channel is at regarding authentication.
(Permalink)

Challenges — aay (Challenge_Data_List)

Read only
This is a list of challenges we have recieved. The last item on the list is the most recent challenge.
(Permalink)

Mechanism — s

Read only

The mechanism for this authentication. If a mechanism has yet to be negotiated, this string will be empty.

SASL mechanism names are prefixed with SASL_, TLS names are prefixed with TLS_, and special Tepelathy mechanisms with TP_. Here is a list of valid mechanism names:

SASL_PLAINTEXT
The SASL PLAINTEXT mechanism
SASL_DIGEST_MD5
The SASL DIGEST_MD5 mechanism
TLS_X509
A classic X.509 TLS certificate exchange
TLS_OPENPGP
OpenPGP public key TLS verification mechanism
TLS_SRP
Shared pasword TLS mechanism
TP_PLAINTEXT
Plaintext password mechanism, used for protocol-specific password usage.
TP_SRP_BOOTSTRAP
A special mechanism for bootstrapping trust via SRP followed by a certificate exchange for future continuity checking.

Types

Simple Type (Permalink)

Challenge_Data — ay

A byte array of challenge data
Enum (Permalink)

Authentication_State — u

  • Pending_Mechanism (0)
    • A mechanism is being negotiated. Typically this channel will also implement one or both of the mechanism chooser/advertiser interfaces. Once the negotiation is done, the channel will leave this state.
  • Pending_Authentication (1)
    • The channel is in the authentication process.
  • Authenticated (2)
    • Authentication has succeeded.
  • Failed (3)
    • Authentication has failed.
Enum (Permalink)

Authentication_Reject_Reason — u

  • Aborted (0)
    • The remote peer aborted the authentication.
  • Invalid_Authorization_Id (1)
    • The authorization ID provided by the initiating entity is invalid, either because it is incorrectly formatted or because the initiating entity does not have permissions to authorize that ID.
  • Invalid_Mechanism (2)
    • The mechanism chosen is not supported.
  • Mechanism_Too_Weak (3)
    • The mechanism chosen is too weak.
  • Not_Authorized (4)
    • The credentials are invalid (wrong username or password).
  • Cert_Not_Provided (5)
    • No certificate was provided. Relevant to X.509 authentication.
  • Cert_Untrusted (6)
    • The certificate is signed by an untrusted certifying authority. This error SHOULD NOT be used to represent a self-signed certificate: use the more specific Cert_Self_Signed reason for that.
  • Cert_Expired (7)
    • The certificate has expired.
  • Cert_Not_Activated (8)
    • The certificate's activation date is in the future.
  • Cert_Peer_Mismatch (9)
    • The certificate's common name does not match the peer.
  • Cert_Fingerprint_Mismatch (10)
    • The certificate's common name does not match the preceding fingerprint.
  • Cert_Self_Signed (11)
    • The certificate is self-signed.
  • Other (12)
    • A unspecified error.
Struct (Permalink)

Mechanism_Details — (sa{sv})

A structure that holds a mechanism name and additional data that is specific to an instance. For example a fingerprint of a specific X.509 certificate might be included.
  • Mechanism_Name — s
    • The mechanism, for example TLS_X509. See Mechanism for qualified names.
  • Mechanism_Info — a{sv}
    • Specific information for this mechanism, for example a certificate fingerprint, or and authorization identity.