2 <html xmlns=
"http://www.w3.org/1999/xhtml"><head><meta http-equiv=
"Content-Type" content=
"text/html; charset=UTF-8"/><title>auth_sasl
</title><link rel=
"stylesheet" type=
"text/css" href=
"style.css"/><meta name=
"generator" content=
"DocBook XSL Stylesheets V1.78.1"/><link rel=
"home" href=
"#auth-sasl" title=
"auth_sasl"/><link xmlns=
"" rel=
"stylesheet" type=
"text/css" href=
"manpage.css"/><meta xmlns=
"" name=
"MSSmartTagsPreventParsing" content=
"TRUE"/><link xmlns=
"" rel=
"icon" href=
"icon.gif" type=
"image/gif"/><!--
4 Copyright 1998 - 2009 Double Precision, Inc. See COPYING for distribution
7 --></head><body><div class=
"refentry"><a id=
"auth-sasl" shape=
"rect"> </a><div class=
"titlepage"/><div class=
"refnamediv"><h2>Name
</h2><p>auth_sasl, auth_sasl_ex —
<acronym class=
"acronym">SASL
</acronym> implementation
</p></div><div class=
"refsynopsisdiv"><h2>Synopsis
</h2><div class=
"literallayout"><p><br clear=
"none"/>
8 #include
<courierauthsasl.h
><br clear=
"none"/>
9 </p></div><div class=
"funcsynopsis"><table border=
"0" class=
"funcprototype-table" summary=
"Function synopsis" style=
"cellspacing: 0; cellpadding: 0;"><tr><td rowspan=
"1" colspan=
"1"><code class=
"funcdef">int rc=
<strong>auth_sasl
</strong>(
</code></td><td rowspan=
"1" colspan=
"1">const char *
<var class=
"pdparam">method
</var>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">const char *
<var class=
"pdparam">initialresponse
</var>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">char *
<var class=
"pdparam">(*conversation_func)
</var><code>(
</code>const char *, void *)
<code>)
</code>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">void *
<var class=
"pdparam">callback_arg
</var>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">char **
<var class=
"pdparam">authtype_ret
</var>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">char **
<var class=
"pdparam">authdata_ret
</var><code>)
</code>;
</td></tr></table><div class=
"funcprototype-spacer"> </div></div><div class=
"funcsynopsis"><table border=
"0" class=
"funcprototype-table" summary=
"Function synopsis" style=
"cellspacing: 0; cellpadding: 0;"><tr><td rowspan=
"1" colspan=
"1"><code class=
"funcdef">int rc=
<strong>auth_sasl_ex
</strong>(
</code></td><td rowspan=
"1" colspan=
"1">const char *
<var class=
"pdparam">method
</var>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">const char *
<var class=
"pdparam">initialresponse
</var>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">const char *
<var class=
"pdparam">externalauth
</var>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">char *
<var class=
"pdparam">(*conversation_func)
</var><code>(
</code>const char *, void *)
<code>)
</code>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">void *
<var class=
"pdparam">callback_arg
</var>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">char **
<var class=
"pdparam">authtype_ret
</var>,
</td></tr><tr><td rowspan=
"1" colspan=
"1"> </td><td rowspan=
"1" colspan=
"1">char **
<var class=
"pdparam">authdata_ret
</var><code>)
</code>;
</td></tr></table><div class=
"funcprototype-spacer"> </div></div></div><div class=
"refsect1"><a id=
"idm247890112096" shape=
"rect"> </a><h2>DESCRIPTION
</h2><p>
10 <code class=
"function">auth_sasl
</code>
11 is a generic
<acronym class=
"acronym">SASL
</acronym> server implementation.
12 <em class=
"parameter"><code>method
</code></em> is the requested
<acronym class=
"acronym">SASL
</acronym>
15 <code class=
"function">auth_sasl
</code>
16 knows how to handle the following SASL methods:
</p><div class=
"itemizedlist"><ul class=
"itemizedlist" style=
"list-style-type: disc; "><li class=
"listitem"><p><code class=
"literal">LOGIN
</code></p></li><li class=
"listitem"><p><code class=
"literal">PLAIN
</code></p></li><li class=
"listitem"><p><code class=
"literal">CRAM-MD5
</code></p></li><li class=
"listitem"><p><code class=
"literal">CRAM-SHA1
</code></p></li></ul></div><p>
17 <em class=
"parameter"><code>initialresponse
</code></em>
18 is a base64-encoded initial response provided in the client's
19 <acronym class=
"acronym">SASL
</acronym> request.
20 <em class=
"parameter"><code>initialresponse
</code></em>
21 must be
<code class=
"literal">NULL
</code> if an initial response was not included in
22 the client's
<acronym class=
"acronym">SASL
</acronym> request.
</p><p>
23 <em class=
"parameter"><code>conversation_func
</code></em>
24 is the application-implemented
<acronym class=
"acronym">SASL
</acronym>
25 conversation callback function.
26 <em class=
"parameter"><code>conversation_func
</code></em>
27 receives a base64-encoded
<acronym class=
"acronym">SASL
</acronym> prompt,
28 and the
<em class=
"parameter"><code>callback_arg
</code></em>
29 argument to
<code class=
"function">auth_sasl
</code>.
30 <em class=
"parameter"><code>conversation_func
</code></em>
31 must return a buffer containing the base64-encoded reply from the client.
32 <code class=
"function">auth_sasl
</code>
34 <span class=
"citerefentry"><span class=
"refentrytitle">free
</span>(
3)
</span>
35 this buffer when it's done.
36 <em class=
"parameter"><code>conversation_func
</code></em>
37 should return
<code class=
"literal">NULL
</code>
38 to abort the
<acronym class=
"acronym">SASL
</acronym> conversation.
</p><p>
39 <code class=
"function">auth_sasl_ex
</code> is a version of
40 <code class=
"function">auth_sasl
</code> that recognizes the
<code class=
"literal">EXTERNAL
</code>
41 <acronym class=
"acronym">SASL
</acronym> method. It takes an extra parameter,
42 <em class=
"parameter"><code>externalauth
</code></em>. This parameter should be set to indicate
43 an login that was authenticated via some other means, such as, perhaps,
44 an
<acronym class=
"acronym">SSL
</acronym> certificate, or
<code class=
"literal">NULL
</code> if no
45 externally-authenticated identity was established.
</p><p>
46 If
<em class=
"parameter"><code>method
</code></em> is not
<code class=
"literal">EXTERNAL
</code>,
47 <code class=
"function">auth_sasl_ex
</code> is identical to
48 <code class=
"function">auth_sasl
</code>, and
<em class=
"parameter"><code>externalauth
</code></em> is
49 ignored. Otherwise, if
<em class=
"parameter"><code>method
</code></em> is
50 <code class=
"literal">EXTERNAL
</code> and
<em class=
"parameter"><code>externalauth
</code></em> is not
51 <code class=
"literal">NULL
</code>,
<code class=
"function">auth_sasl_ex
</code> returns
52 <code class=
"literal">AUTHSASL_OK
</code>, and sets
53 <em class=
"parameter"><code>*authtype_ret
</code></em> and
54 <em class=
"parameter"><code>*authdata_ret
</code></em> accordingly, so that the subsequent
55 invocation of
<code class=
"function">auth_generic
</code>() returns authentication
56 information for the login ID specified by
57 <em class=
"parameter"><code>externalauth
</code></em>.
</p></div><div class=
"refsect1"><a id=
"idm247890163856" shape=
"rect"> </a><h2>RETURNS
</h2><p>
58 If the
<acronym class=
"acronym">SASL
</acronym> conversation succesfully completes,
59 <code class=
"function">auth_sasl
</code> or
<code class=
"function">auth_sasl_ex
</code>
60 initializes
<em class=
"parameter"><code>*authtype_ret
</code></em> and
61 <em class=
"parameter"><code>*authdata_ret
</code></em>.
63 <span class=
"citerefentry"><span class=
"refentrytitle">malloc
</span>(
3)
</span>-ed
64 buffers that can be directly passed as arguments to
65 <a class=
"ulink" href=
"auth_generic.html" target=
"_top" shape=
"rect"><span class=
"citerefentry"><span class=
"refentrytitle">auth_generic
</span>(
3)
</span></a>.
66 It is the application's responsibility to
67 <span class=
"citerefentry"><span class=
"refentrytitle">free
</span>(
3)
</span>
68 these buffers when it's done with them.
</p><p>
69 <code class=
"function">auth_sasl
</code> or
<code class=
"function">auth_sasl_ex
</code>
71 <code class=
"literal">AUTHSASL_OK
</code> when the
72 <acronym class=
"acronym">SASL
</acronym> conversation succesfully completes, and
73 <em class=
"parameter"><code>*authtype_ret
</code></em> and
74 <em class=
"parameter"><code>*authdata_ret
</code></em> are succesfully assembled.
75 Any other return indicates an error condition.
76 Right now two error conditions are defined:
</p><div class=
"variablelist"><dl class=
"variablelist"><dt><span class=
"term"><code class=
"literal">AUTHSASL_ABORTED
</code></span></dt><dd><p>
77 The
<acronym class=
"acronym">SASL
</acronym> conversation was aborted by the client.
</p></dd><dt><span class=
"term"><code class=
"literal">AUTHSASL_ERROR
</code></span></dt><dd><p>
78 General error (insufficient memory, or some other reason).
79 Check
<code class=
"varname">errno
</code> for any clues.
</p></dd></dl></div></div><div class=
"refsect1"><a id=
"idm247890146720" shape=
"rect"> </a><h2>SEE ALSO
</h2><p>
80 <a class=
"ulink" href=
"authlib.html" target=
"_top" shape=
"rect"><span class=
"citerefentry"><span class=
"refentrytitle">authlib
</span>(
3)
</span></a>,
82 <a class=
"ulink" href=
"auth_generic.html" target=
"_top" shape=
"rect"><span class=
"citerefentry"><span class=
"refentrytitle">auth_generic
</span>(
3)
</span></a>.
</p></div></div></body></html>