Apply "Multiple changes"

api.rst

@@ -775,8 +775,8 @@ The authentication function type has the following declaration:
 
     ::
 
-        #define SANE_MAX_USERNAME_LEN   256
-        #define SANE_MAX_PASSWORD_LEN   256
+        #define SANE_MAX_USERNAME_LEN   128
+        #define SANE_MAX_PASSWORD_LEN   128
 
         typedef void (*SANE_Authorization_Callback)
             (SANE_String_Const resource,

conf.py

@@ -20,7 +20,7 @@ import os
 project = 'SANE Standard'
 copyright = ''
 author = ''
-version = 'Version 1.01'
+version = 'Version 1.02'
 release = version
 
 # -- General configuration ---------------------------------------------------
@@ -53,7 +53,7 @@ numfig_format = {
     'section': '%s'
 }
 
-today_fmt = 'November 12, 2000'
+today_fmt = 'November 14, 2000'
 
 highlight_language = 'c'
 

net.rst

@@ -198,7 +198,7 @@ authentication calls.
 In the reply, :data:`status` indicates the completion
 status. If the value is anything other than
 :macro:`SANE_STATUS_SUCCESS`, the remainder of the reply has
-undefined values. [2]_ The :data:`version_code` argument
+undefined values. [1]_ The :data:`version_code` argument
 returns the SANE version-code that the network daemon supports. See the
 comments in the previous paragraph on the meaning of the build-revision
 in this version code.
@@ -527,12 +527,24 @@ returned in the :data:`resource` argument of the RPC reply
 that required this authorization call. The :data:`username`
 and :data:`password` are the name of the user that is
 accessing the resource and the password for the specified resource/user
-pair. [1]_
+pair.
+
+Since the password is not encrypted during network transmission, it is
+recommended to use the following extension:
+
+If the server adds the string ``$MD5$`` to the resource-name followed
+by a random string not longer then 128 bytes, the client may answer
+with the MD5 digest of the concatenation of the password and the
+random string. To differentiate between the MD5 digest and a strange
+password the client prepends the MD5 digest with the string ``$MD5$``.
 
 In the reply, :data:`dummy` is completely unused. Note that
 there is no direct failure indication. This is unnecessary since a net
 client will retry the RPC that resulted in the authorization request
-until that call succeeds (or until the request is cancelled).
+until that call succeeds (or until the request is cancelled). The RPC
+that resulted in the authorization request continues after the reply
+from the client and may fail with :macro:`SANE_STATUS_ACCESS_DENIED`.
+
 
 .. index:: SANE_NET_EXIT
 
@@ -545,9 +557,5 @@ the connection between the client and the server that was established by
 the :data:`SANE_NET_INIT` call will be closed.
 
 .. [1]
-   The sane network daemon should be careful not to leak information in
-   the undefined portion of the reply.
-
-.. [2]
    The username and password should be encrypted before network
    transmission but currently they are always in plain text.