diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-12-11 09:34:22 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-12-12 08:35:15 +0100 |
commit | 626fb21cfbe449add5aa5b66831f53256bcc13df (patch) | |
tree | de1ee710f1e6eaef43160c955d86127e8fdd2cb3 | |
parent | dbd6a98e657020b92cd16fcdd15388aa41eb61b3 (diff) | |
download | gnutls-626fb21cfbe449add5aa5b66831f53256bcc13df.tar.gz |
srp/psk: update recommendations for usernames [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/psk.c | 11 | ||||
-rw-r--r-- | lib/srp.c | 18 |
2 files changed, 17 insertions, 12 deletions
@@ -83,9 +83,9 @@ gnutls_psk_allocate_client_credentials(gnutls_psk_client_credentials_t * * This function sets the username and password, in a * gnutls_psk_client_credentials_t type. Those will be used in * PSK authentication. @username should be an ASCII string or UTF-8 - * strings prepared using the "SASLprep" profile of "stringprep". The - * key can be either in raw byte format or in Hex format (without the - * 0x prefix). + * string. In case of a UTF-8 string it is recommended to be following + * the PRECIS framework for usernames (rfc8265). The key can be either + * in raw byte format or in Hex format (without the 0x prefix). * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise * an error code is returned. @@ -296,8 +296,9 @@ gnutls_psk_set_server_credentials_function(gnutls_psk_server_credentials_t * gnutls_datum_t* key); * * The @username and @key->data must be allocated using gnutls_malloc(). - * @username should be ASCII strings or UTF-8 strings prepared using - * the "SASLprep" profile of "stringprep". + * The @username should be an ASCII string or UTF-8 + * string. In case of a UTF-8 string it is recommended to be following + * the PRECIS framework for usernames (rfc8265). * * The callback function will be called once per handshake. * @@ -459,10 +459,11 @@ gnutls_srp_allocate_client_credentials(gnutls_srp_client_credentials_t * * * This function sets the username and password, in a * #gnutls_srp_client_credentials_t type. Those will be used in - * SRP authentication. @username and @password should be ASCII - * strings or UTF-8 strings prepared using the "SASLprep" profile of - * "stringprep". - * + * SRP authentication. @username should be an ASCII string or UTF-8 + * string. In case of a UTF-8 string it is recommended to be following + * the PRECIS framework for usernames (rfc8265). The password can + * be in ASCII format, or normalized using gnutls_utf8_password_normalize(). + * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, or an * error code. **/ @@ -671,9 +672,12 @@ gnutls_srp_set_server_credentials_function(gnutls_srp_server_credentials_t * int (*callback)(gnutls_session_t, char** username, char**password); * * The @username and @password must be allocated using - * gnutls_malloc(). @username and @password should be ASCII strings - * or UTF-8 strings prepared using the "SASLprep" profile of - * "stringprep". + * gnutls_malloc(). + * + * The @username should be an ASCII string or UTF-8 + * string. In case of a UTF-8 string it is recommended to be following + * the PRECIS framework for usernames (rfc8265). The password can + * be in ASCII format, or normalized using gnutls_utf8_password_normalize(). * * The callback function will be called once per handshake before the * initial hello message is sent. |