Imported Debian patch 0.63.0-6
[hcoop/debian/courier-authlib.git] / auth_sasl.html
1 <?xml version="1.0"?>
2 <html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>auth_sasl</title><link rel="stylesheet" href="style.css" type="text/css"/><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"/><link rel="start" href="#auth-sasl" title="auth_sasl"/><link xmlns="" rel="stylesheet" type="text/css" href="manpage.css"/><meta xmlns="" name="MSSmartTagsPreventParsing" content="TRUE"/><link xmlns="" rel="icon" href="icon.gif" type="image/gif"/><!--
3
4 Copyright 1998 - 2007 Double Precision, Inc. See COPYING for distribution
5 information.
6
7 --></head><body><div class="refentry" lang="en" xml:lang="en"><a id="auth-sasl" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>auth_sasl, auth_sasl_ex — <acronym class="acronym">SASL</acronym> implementation</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="literallayout"><p><br clear="none"/>
8 #include &lt;courierauthsasl.h&gt;<br clear="none"/>
9 </p></div><div class="funcsynopsis"><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0"><tr><td rowspan="1" colspan="1"><code class="funcdef">int rc=<b class="fsfunc">auth_sasl</b>(</code></td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">method</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">initialresponse</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char * </td><td rowspan="1" colspan="1"><var class="pdparam">(*conversation_func)</var><code>(</code>const char *, void *)<code>)</code>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">void * </td><td rowspan="1" colspan="1"><var class="pdparam">callback_arg</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char ** </td><td rowspan="1" colspan="1"><var class="pdparam">authtype_ret</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char ** </td><td rowspan="1" colspan="1"><var class="pdparam">authdata_ret</var><code>)</code>;</td></tr></table></div><div class="funcsynopsis"><table border="0" summary="Function synopsis" cellspacing="0" cellpadding="0"><tr><td rowspan="1" colspan="1"><code class="funcdef">int rc=<b class="fsfunc">auth_sasl_ex</b>(</code></td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">method</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">initialresponse</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">const char * </td><td rowspan="1" colspan="1"><var class="pdparam">externalauth</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char * </td><td rowspan="1" colspan="1"><var class="pdparam">(*conversation_func)</var><code>(</code>const char *, void *)<code>)</code>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">void * </td><td rowspan="1" colspan="1"><var class="pdparam">callback_arg</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char ** </td><td rowspan="1" colspan="1"><var class="pdparam">authtype_ret</var>, </td></tr><tr><td rowspan="1" colspan="1"> </td><td rowspan="1" colspan="1">char ** </td><td rowspan="1" colspan="1"><var class="pdparam">authdata_ret</var><code>)</code>;</td></tr></table></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id306513" shape="rect"> </a><h2>DESCRIPTION</h2><p>
10 <code class="function">auth_sasl</code>
11 is a generic <acronym class="acronym">SASL</acronym> server implementation.
12 <em class="parameter"><code>method</code></em> is the requested <acronym class="acronym">SASL</acronym>
13 method.
14 At this time
15 <code class="function">auth_sasl</code>
16 knows how to handle the following SASL methods:</p><div class="itemizedlist"><ul type="disc"><li><p><code class="literal">LOGIN</code></p></li><li><p><code class="literal">PLAIN</code></p></li><li><p><code class="literal">CRAM-MD5</code></p></li><li><p><code class="literal">CRAM-SHA1</code></p></li></ul></div><p>
17 <em class="parameter"><code>initialresponse</code></em>
18 is a base64-encoded initial response provided in the client's
19 <acronym class="acronym">SASL</acronym> request.
20 <em class="parameter"><code>initialresponse</code></em>
21 must be <code class="literal">NULL</code> if an initial response was not included in
22 the client's <acronym class="acronym">SASL</acronym> request.</p><p>
23 <em class="parameter"><code>conversation_func</code></em>
24 is the application-implemented <acronym class="acronym">SASL</acronym>
25 conversation callback function.
26 <em class="parameter"><code>conversation_func</code></em>
27 receives a base64-encoded <acronym class="acronym">SASL</acronym> prompt,
28 and the <em class="parameter"><code>callback_arg</code></em>
29 argument to <code class="function">auth_sasl</code>.
30 <em class="parameter"><code>conversation_func</code></em>
31 must return a buffer containing the base64-encoded reply from the client.
32 <code class="function">auth_sasl</code>
33 will
34 <span class="citerefentry"><span class="refentrytitle">free</span>(3)</span>
35 this buffer when it's done.
36 <em class="parameter"><code>conversation_func</code></em>
37 should return <code class="literal">NULL</code>
38 to abort the <acronym class="acronym">SASL</acronym> conversation.</p><p>
39 <code class="function">auth_sasl_ex</code> is a version of
40 <code class="function">auth_sasl</code> that recognizes the <code class="literal">EXTERNAL</code>
41 <acronym class="acronym">SASL</acronym> method. It takes an extra parameter,
42 <em class="parameter"><code>externalauth</code></em>. This parameter should be set to indicate
43 an login that was authenticated via some other means, such as, perhaps,
44 an <acronym class="acronym">SSL</acronym> certificate, or <code class="literal">NULL</code> if no
45 externally-authenticated identity was established.</p><p>
46 If <em class="parameter"><code>method</code></em> is not <code class="literal">EXTERNAL</code>,
47 <code class="function">auth_sasl_ex</code> is identical to
48 <code class="function">auth_sasl</code>, and <em class="parameter"><code>externalauth</code></em> is
49 ignored. Otherwise, if <em class="parameter"><code>method</code></em> is
50 <code class="literal">EXTERNAL</code> and <em class="parameter"><code>externalauth</code></em> is not
51 <code class="literal">NULL</code>, <code class="function">auth_sasl_ex</code> returns
52 <code class="literal">AUTHSASL_OK</code>, and sets
53 <em class="parameter"><code>*authtype_ret</code></em> and
54 <em class="parameter"><code>*authdata_ret</code></em> accordingly, so that the subsequent
55 invocation of <code class="function">auth_generic</code>() returns authentication
56 information for the login ID specified by
57 <em class="parameter"><code>externalauth</code></em>.</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id306832" shape="rect"> </a><h2>RETURNS</h2><p>
58 If the <acronym class="acronym">SASL</acronym> conversation succesfully completes,
59 <code class="function">auth_sasl</code> or <code class="function">auth_sasl_ex</code>
60 initializes <em class="parameter"><code>*authtype_ret</code></em> and
61 <em class="parameter"><code>*authdata_ret</code></em>.
62 They will be set to a
63 <span class="citerefentry"><span class="refentrytitle">malloc</span>(3)</span>-ed
64 buffers that can be directly passed as arguments to
65 <a class="ulink" href="auth_generic.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">auth_generic</span>(3)</span></a>.
66 It is the application's responsibility to
67 <span class="citerefentry"><span class="refentrytitle">free</span>(3)</span>
68 these buffers when it's done with them.</p><p>
69 <code class="function">auth_sasl</code> or <code class="function">auth_sasl_ex</code>
70 returns
71 <code class="literal">AUTHSASL_OK</code> when the
72 <acronym class="acronym">SASL</acronym> conversation succesfully completes, and
73 <em class="parameter"><code>*authtype_ret</code></em> and
74 <em class="parameter"><code>*authdata_ret</code></em> are succesfully assembled.
75 Any other return indicates an error condition.
76 Right now two error conditions are defined:</p><div class="variablelist"><dl><dt><span class="term"><code class="literal">AUTHSASL_ABORTED</code></span></dt><dd><p>
77 The <acronym class="acronym">SASL</acronym> conversation was aborted by the client.</p></dd><dt><span class="term"><code class="literal">AUTHSASL_ERROR</code></span></dt><dd><p>
78 General error (insufficient memory, or some other reason).
79 Check <code class="varname">errno</code> for any clues.</p></dd></dl></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id351169" shape="rect"> </a><h2>SEE ALSO</h2><p>
80 <a class="ulink" href="authlib.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">authlib</span>(3)</span></a>,
81
82 <a class="ulink" href="auth_generic.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">auth_generic</span>(3)</span></a>.</p></div></div></body></html>