module Net::IMAP::SASL::GS2Header

Originally defined for the GS2 mechanism family in RFC5801, several different mechanisms start with a GS2 header:

Classes that include this module must implement #authzid.

Constants

RFC5801_SASLNAME

Matches RFC5801 §4 saslname. The output from gs2_saslname_encode matches this Regexp.

Public Instance Methods

gs2_authzid click to toggle source

The RFC5801 §4 gs2-authzid header, when #authzid is not empty.

If #authzid is empty or nil, an empty string is returned.

# File lib/net/imap/sasl/gs2_header.rb, line 59
def gs2_authzid
  return "" if authzid.nil? || authzid == ""
  "a=#{gs2_saslname_encode(authzid)}"
end
gs2_cb_flag click to toggle source

The RFC5801 §4 gs2-cb-flag:

n

The client doesn’t support channel binding.

y

The client does support channel binding but thinks the server does not.

p

The client requires channel binding. The selected channel binding follows “p=”.

The default always returns “n”. A mechanism that supports channel binding must override this method.

# File lib/net/imap/sasl/gs2_header.rb, line 53
def gs2_cb_flag; "n" end
gs2_header click to toggle source

The RFC5801 §4 gs2-header, which prefixes the initial_client_response.

Note: the actual GS2 header includes an optional flag to indicate that the GSS mechanism is not “standard”, but since all of the SASL mechanisms using GS2 are “standard”, we don’t include that flag. A class for a nonstandard GSSAPI mechanism should prefix with “F,”.

# File lib/net/imap/sasl/gs2_header.rb, line 37
def gs2_header
  "#{gs2_cb_flag},#{gs2_authzid},"
end
gs2_saslname_encode(str) click to toggle source

Encodes str to match RFC5801_SASLNAME.

# File lib/net/imap/sasl/gs2_header.rb, line 67
def gs2_saslname_encode(str)
  str = str.encode("UTF-8")
  # Regexp#match raises "invalid byte sequence" for invalid UTF-8
  NO_NULL_CHARS.match str or
    raise ArgumentError, "invalid saslname: %p" % [str]
  str
    .gsub(?=, "=3D")
    .gsub(?,, "=2C")
end