Commit | Line | Data |
---|---|---|
d9898ee8 | 1 | <?xml version="1.0"?> |
8d138742 | 2 | <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>auth_sasl</title><link rel="stylesheet" href="style.css" type="text/css"/><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"/><link rel="start" href="#auth-sasl" title="auth_sasl"/><link xmlns="" rel="stylesheet" type="text/css" href="manpage.css"/><meta xmlns="" name="MSSmartTagsPreventParsing" content="TRUE"/><link xmlns="" rel="icon" href="icon.gif" type="image/gif"/><!-- |
d9898ee8 | 3 | |
4 | Copyright 1998 - 2007 Double Precision, Inc. See COPYING for distribution | |
5 | information. | |
6 | ||
8d138742 | 7 | --></head><body><div class="refentry" lang="en" xml:lang="en"><a id="auth-sasl" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>auth_sasl, auth_sasl_ex — <acronym class="acronym">SASL</acronym> implementation</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="literallayout"><p><br clear="none"/> |
d9898ee8 | 8 | #include <courierauthsasl.h><br clear="none"/> |
8d138742 | 9 | </p></div><div class="funcsynopsis"><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0"><tr><td rowspan="1" colspan="1"><code class="funcdef">int rc=<b class="fsfunc">auth_sasl</b>(</code></td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">method</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">initialresponse</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char * </td><td rowspan="1" colspan="1"><var class="pdparam">(*conversation_func)</var><code>(</code>const char *, void *)<code>)</code>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">void * </td><td rowspan="1" colspan="1"><var class="pdparam">callback_arg</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char ** </td><td rowspan="1" colspan="1"><var class="pdparam">authtype_ret</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char ** </td><td rowspan="1" colspan="1"><var class="pdparam">authdata_ret</var><code>)</code>;</td></tr></table></div><div class="funcsynopsis"><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0"><tr><td rowspan="1" colspan="1"><code class="funcdef">int rc=<b class="fsfunc">auth_sasl_ex</b>(</code></td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">method</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">initialresponse</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">externalauth</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char * </td><td rowspan="1" colspan="1"><var class="pdparam">(*conversation_func)</var><code>(</code>const char *, void *)<code>)</code>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">void * </td><td rowspan="1" colspan="1"><var class="pdparam">callback_arg</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char ** </td><td rowspan="1" colspan="1"><var class="pdparam">authtype_ret</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char ** </td><td rowspan="1" colspan="1"><var class="pdparam">authdata_ret</var><code>)</code>;</td></tr></table></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id306513" shape="rect"> </a><h2>DESCRIPTION</h2><p> |
d9898ee8 | 10 | <code class="function">auth_sasl</code> |
11 | is a generic <acronym class="acronym">SASL</acronym> server implementation. | |
12 | <em class="parameter"><code>method</code></em> is the requested <acronym class="acronym">SASL</acronym> | |
13 | method. | |
14 | At this time | |
15 | <code class="function">auth_sasl</code> | |
16 | knows how to handle the following SASL methods:</p><div class="itemizedlist"><ul type="disc"><li><p><code class="literal">LOGIN</code></p></li><li><p><code class="literal">PLAIN</code></p></li><li><p><code class="literal">CRAM-MD5</code></p></li><li><p><code class="literal">CRAM-SHA1</code></p></li></ul></div><p> | |
17 | <em class="parameter"><code>initialresponse</code></em> | |
18 | is a base64-encoded initial response provided in the client's | |
19 | <acronym class="acronym">SASL</acronym> request. | |
20 | <em class="parameter"><code>initialresponse</code></em> | |
21 | must be <code class="literal">NULL</code> if an initial response was not included in | |
22 | the client's <acronym class="acronym">SASL</acronym> request.</p><p> | |
23 | <em class="parameter"><code>conversation_func</code></em> | |
24 | is the application-implemented <acronym class="acronym">SASL</acronym> | |
25 | conversation callback function. | |
26 | <em class="parameter"><code>conversation_func</code></em> | |
27 | receives a base64-encoded <acronym class="acronym">SASL</acronym> prompt, | |
28 | and the <em class="parameter"><code>callback_arg</code></em> | |
29 | argument to <code class="function">auth_sasl</code>. | |
30 | <em class="parameter"><code>conversation_func</code></em> | |
31 | must return a buffer containing the base64-encoded reply from the client. | |
32 | <code class="function">auth_sasl</code> | |
33 | will | |
34 | <span class="citerefentry"><span class="refentrytitle">free</span>(3)</span> | |
35 | this buffer when it's done. | |
36 | <em class="parameter"><code>conversation_func</code></em> | |
37 | should return <code class="literal">NULL</code> | |
8d138742 CE |
38 | to abort the <acronym class="acronym">SASL</acronym> conversation.</p><p> |
39 | <code class="function">auth_sasl_ex</code> is a version of | |
40 | <code class="function">auth_sasl</code> that recognizes the <code class="literal">EXTERNAL</code> | |
41 | <acronym class="acronym">SASL</acronym> method. It takes an extra parameter, | |
42 | <em class="parameter"><code>externalauth</code></em>. This parameter should be set to indicate | |
43 | an login that was authenticated via some other means, such as, perhaps, | |
44 | an <acronym class="acronym">SSL</acronym> certificate, or <code class="literal">NULL</code> if no | |
45 | externally-authenticated identity was established.</p><p> | |
46 | If <em class="parameter"><code>method</code></em> is not <code class="literal">EXTERNAL</code>, | |
47 | <code class="function">auth_sasl_ex</code> is identical to | |
48 | <code class="function">auth_sasl</code>, and <em class="parameter"><code>externalauth</code></em> is | |
49 | ignored. Otherwise, if <em class="parameter"><code>method</code></em> is | |
50 | <code class="literal">EXTERNAL</code> and <em class="parameter"><code>externalauth</code></em> is not | |
51 | <code class="literal">NULL</code>, <code class="function">auth_sasl_ex</code> returns | |
52 | <code class="literal">AUTHSASL_OK</code>, and sets | |
53 | <em class="parameter"><code>*authtype_ret</code></em> and | |
54 | <em class="parameter"><code>*authdata_ret</code></em> accordingly, so that the subsequent | |
55 | invocation of <code class="function">auth_generic</code>() returns authentication | |
56 | information for the login ID specified by | |
57 | <em class="parameter"><code>externalauth</code></em>.</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id306832" shape="rect"> </a><h2>RETURNS</h2><p> | |
d9898ee8 | 58 | If the <acronym class="acronym">SASL</acronym> conversation succesfully completes, |
8d138742 | 59 | <code class="function">auth_sasl</code> or <code class="function">auth_sasl_ex</code> |
d9898ee8 | 60 | initializes <em class="parameter"><code>*authtype_ret</code></em> and |
61 | <em class="parameter"><code>*authdata_ret</code></em>. | |
62 | They will be set to a | |
63 | <span class="citerefentry"><span class="refentrytitle">malloc</span>(3)</span>-ed | |
64 | buffers that can be directly passed as arguments to | |
8d138742 | 65 | <a class="ulink" href="auth_generic.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">auth_generic</span>(3)</span></a>. |
d9898ee8 | 66 | It is the application's responsibility to |
67 | <span class="citerefentry"><span class="refentrytitle">free</span>(3)</span> | |
68 | these buffers when it's done with them.</p><p> | |
8d138742 | 69 | <code class="function">auth_sasl</code> or <code class="function">auth_sasl_ex</code> |
d9898ee8 | 70 | returns |
71 | <code class="literal">AUTHSASL_OK</code> when the | |
72 | <acronym class="acronym">SASL</acronym> conversation succesfully completes, and | |
73 | <em class="parameter"><code>*authtype_ret</code></em> and | |
74 | <em class="parameter"><code>*authdata_ret</code></em> are succesfully assembled. | |
75 | Any other return indicates an error condition. | |
76 | Right now two error conditions are defined:</p><div class="variablelist"><dl><dt><span class="term"><code class="literal">AUTHSASL_ABORTED</code></span></dt><dd><p> | |
77 | The <acronym class="acronym">SASL</acronym> conversation was aborted by the client.</p></dd><dt><span class="term"><code class="literal">AUTHSASL_ERROR</code></span></dt><dd><p> | |
78 | General error (insufficient memory, or some other reason). | |
8d138742 CE |
79 | Check <code class="varname">errno</code> for any clues.</p></dd></dl></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id351169" shape="rect"> </a><h2>SEE ALSO</h2><p> |
80 | <a class="ulink" href="authlib.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">authlib</span>(3)</span></a>, | |
d9898ee8 | 81 | |
8d138742 | 82 | <a class="ulink" href="auth_generic.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">auth_generic</span>(3)</span></a>.</p></div></div></body></html> |