X-Git-Url: http://git.hcoop.net/hcoop/debian/courier-authlib.git/blobdiff_plain/d9898ee81388d1eff40cf71e85d9ce9b5c1401fe..781cfcb8fd50934c470e0dabf79d32ab333dec68:/auth_sasl.html diff --git a/auth_sasl.html b/auth_sasl.html index 315d5c6..2826e10 100644 --- a/auth_sasl.html +++ b/auth_sasl.html @@ -1,12 +1,12 @@ -auth_sasl

Name

auth_sasl — SASL implementation

Synopsis


+-->

Name

auth_sasl, auth_sasl_ex — SASL implementation

Synopsis


#include <courierauthsasl.h>
-

int rc=auth_sasl(const char * method,
 const char * initialresponse,
 char *(* conversation_func,
 void * callback_arg,
 char ** authtype_ret,
 char ** authdata_ret);

DESCRIPTION

+

int rc=auth_sasl(const char * method,
 const char * initialresponse,
 char * (*conversation_func)(const char *, void *)),
 void * callback_arg,
 char ** authtype_ret,
 char ** authdata_ret);
int rc=auth_sasl_ex(const char * method,
 const char * initialresponse,
 const char * externalauth,
 char * (*conversation_func)(const char *, void *)),
 void * callback_arg,
 char ** authtype_ret,
 char ** authdata_ret);

DESCRIPTION

auth_sasl is a generic SASL server implementation. method is the requested SASL @@ -35,19 +35,38 @@ will this buffer when it's done. conversation_func should return NULL -to abort the SASL conversation.

RETURNS

+to abort the SASL conversation.

+auth_sasl_ex is a version of +auth_sasl that recognizes the EXTERNAL +SASL method. It takes an extra parameter, +externalauth. This parameter should be set to indicate +an login that was authenticated via some other means, such as, perhaps, +an SSL certificate, or NULL if no +externally-authenticated identity was established.

+If method is not EXTERNAL, +auth_sasl_ex is identical to +auth_sasl, and externalauth is +ignored. Otherwise, if method is +EXTERNAL and externalauth is not +NULL, auth_sasl_ex returns +AUTHSASL_OK, and sets +*authtype_ret and +*authdata_ret accordingly, so that the subsequent +invocation of auth_generic() returns authentication +information for the login ID specified by +externalauth.

RETURNS

If the SASL conversation succesfully completes, -auth_sasl +auth_sasl or auth_sasl_ex initializes *authtype_ret and *authdata_ret. They will be set to a malloc(3)-ed buffers that can be directly passed as arguments to -auth_generic(3). +auth_generic(3). It is the application's responsibility to free(3) these buffers when it's done with them.

-auth_sasl +auth_sasl or auth_sasl_ex returns AUTHSASL_OK when the SASL conversation succesfully completes, and @@ -57,7 +76,7 @@ Any other return indicates an error condition. Right now two error conditions are defined:

AUTHSASL_ABORTED

The SASL conversation was aborted by the client.

AUTHSASL_ERROR

General error (insufficient memory, or some other reason). -Check errno for any clues.

SEE ALSO

-authlib(3), +Check errno for any clues.

SEE ALSO

+authlib(3), -auth_generic(3).

+auth_generic(3).