sasl_server_start (3)

Leading comments

Copyright (c) 2001 Carnegie Mellon University.  All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:

1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the following disclaimer in
   the docume...

(The comments found at the beginning of the groff file "man3/sasl_server_start.3".)

NAME

sasl_server_start - Begin an authentication negotiation

SYNOPSIS

#include <sasl/sasl.h>

int sasl_server_start(sasl_conn_t * conn, 
                          const char * mech, 
                          const char * clientin, 
                          unsigned * clientinlen, 
                          const char ** serverout, 
                          unsigned * serveroutlen);

DESCRIPTION

sasl_server_start() begins the authentication with the mechanism specified with mech. This fails if the mechanism is not supported. SASL_OK is returned if the authentication is complete and the user is authenticated. SASL_CONTINUE is returned if one or more steps are still required in the authentication. All other return values indicate failure.

conn is the SASL context for this connection

mech is the mechanism name that the client requested

clientin is the client initial response, NULL if the protocol lacks support for client-send-first or if the other end did not have an initial send. Note that no initial client send is distinct from an initial send of a null string, and the protocol MUST account for this difference.

clientinlen is the length of initial response

serverout is created by the plugin library. It is the initial server response to send to the client. This is allocated/freed by the library and it is the job of the client to send it over the network to the server. Also protocol specific encoding (such as base64 encoding) must needs to be done by the server.

serveroutlen is set to the length of initial server challenge

RETURN VALUE

sasl_server_start returns an integer which corresponds to one of the SASL errorcodes. SASL_OK indicates that authentication is completed successfully. SASL_CONTINUE indicates success and that there are more steps needed in the authentication. All other return codes indicate errors and should either be handled or the authentication session should be quit.

CONFORMING TO

RFC 4422

SEE ALSO

sasl(3), sasl_errors(3), sasl_server_init(3), sasl_server_new(3), sasl_server_step(3)