module Netsys_sasl_types:sig..end
typecb =[ `GSSAPI of string
| `None
| `SASL_none_but_advertise
| `SASL_require of string * string ]
Possible channel bindings:
`None: this is the default`SASL_none_but_advertise: the client supports channel binding and
advertises this. For this time, the SCRAM protocol is run without
channel binding, though. (Only available in the SASL profile.)`SASL_require(type,data): Require channel binding. E.g. type="tls-unique",
and data is set to the channel identifier (RFC 5929).
(Only available in the SASL profile.)`GSSAPI data: use this channel binding for GSS-APIThis type is shared by SASL and GSSAPI providers.
typeserver_state =[ `Auth_error of string | `Emit | `OK | `Restart of string | `Wait ]
The state of the server session:
`Wait: it is waited for the client response.`Emit: a new server challenge can be emitted.`OK: the authentication protocol succeeded`Auth_error: authentication error (it is unspecified which;
the string may be used for logging)`Restart session_id: this state can be entered after getting
the first client response. It means that the saved session
session_id may be restarted by calling
server_process_response_restart with the client response.typeclient_state =[ `Auth_error of string | `Emit | `OK | `Stale | `Wait ]
The state of the client session:
`Wait: it is waited for the server challenge.`Emit: a new client response can be emitted.`OK: the authentication protocol succeeded`Auth_error: authentication error (it is unspecified which);
the string may be used for logging)`Stale: The client session is refused as too old. The password,
though, is correct. Otherwise this is the same as `Emit, i.e.
the authentication process can continue.module type SASL_MECHANISM =sig..end
