From 39898842ca2de6c119ba8cc108a772f0df9b47ec Mon Sep 17 00:00:00 2001
From: Jochen Eisinger <jochen@penguin-breeder.org>
Date: Mon, 20 Nov 2000 18:49:26 +0000
Subject: [PATCH] Multiple changes

- net.tex:
  - clarified definition of SANE_NET_AUTHORIZE
  - added definition of MD5 authorization
- sane.tex:
  - upgraded to version 1.02
  - changed definition of SANE_MAX_USERNAME_LEN & SANE_MAX_PASSWORD_LEN
    to 128 chars
---
 net.tex  | 17 +++++++++++++----
 sane.tex |  8 ++++----
 2 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/net.tex b/net.tex
index 9e6b8bd..028ca19 100644
--- a/net.tex
+++ b/net.tex
@@ -420,14 +420,23 @@ authorized.  This argument should be set to the string returned in the
 \code{resource} argument of the RPC reply that required this
 authorization call.  The \code{username} and \code{password} are the
 name of the user that is accessing the resource and the password for
-the specified resource/user pair.\footnote{The username and password
-  should be encrypted before network transmission but currently they
-  are always in plain text.}
+the specified resource/user pair.
+
+Since the password is not encrypted during network transmission, it is
+recommended to use the following extension:
+
+If the server adds the string `\code{\$MD5\$}' to the resource-name followed
+by a random string not longer then 128 bytes, the client may answer with the
+MD5 digest of the concatenation of the password and the random string. To
+differentiate between the MD5 digest and a strange password the client prepends
+the MD5 digest with the string `\code{\$MD5\$}'.
 
 In the reply, \code{dummy} is completely unused.  Note that there is
 no direct failure indication.  This is unnecessary since a net client
 will retry the RPC that resulted in the authorization request until
-that call succeeds (or until the request is cancelled).
+that call succeeds (or until the request is cancelled). The RPC that resulted
+in the authorization request continues after the reply from the client and may
+fail with \code{SANE\_STATUS\_ACCESS\_DENIED}.
 
 
 \subsection{\code{\defn{SANE\_NET\_EXIT}}}
diff --git a/sane.tex b/sane.tex
index e7f6fa5..bf78cc8 100644
--- a/sane.tex
+++ b/sane.tex
@@ -12,9 +12,9 @@
 \setlength{\marginparsep}{0pt}
 \addtolength{\topmargin}{-0.75in}
 
-\title{\huge SANE Standard Version 1.01}
+\title{\huge SANE Standard Version 1.02}
 \author{}
-\date{November 12, 2000} 
+\date{November 14, 2000} 
 
 \makeindex
 
@@ -1089,8 +1089,8 @@ The authentication function type has the following declaration:
 \begin{quote}\index{SANE\_Authorization\_Callback}
   \index{domain}\index{username}\index{password}
 \begin{verbatim}
-#define SANE_MAX_USERNAME_LEN   256
-#define SANE_MAX_PASSWORD_LEN   256
+#define SANE_MAX_USERNAME_LEN   128
+#define SANE_MAX_PASSWORD_LEN   128
 
 typedef void (*SANE_Authorization_Callback)
     (SANE_String_Const resource,