xref: /titanic_50/usr/src/man/man3sasl/sasl_client_start.3sasl (revision 7b07063d906859b2be1e88791f801b3c96e432f6)
te
Copyright (C) 1998-2003, Carnegie Mellon Univeristy. All Rights Reserved.
Portions Copyright (C) 2003, Sun Microsystems,
Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
SASL_CLIENT_START 3SASL "Aug 26, 2003"
NAME
sasl_client_start - perform a step in the authentication negotiation
SYNOPSIS

cc [ flag ... ] file ... -lsasl [ library ... ]
#include <sasl/sasl.h>

int sasl_client_start(sasl_conn_t *conn, const char *mechlist,
 sasl_interact_t **prompt_need, const char **clientout,
 unsigned *clientoutlen, const char **mech);
DESCRIPTION

Use the sasl_client_start() interface to select a mechanism for authentication and start the authentication session. The mechlist parameter holds the list of mechanisms that the client might like to use. The mechanisms in the list are not necessarily supported by the client, nor are the mechanisms necessarily valid. SASL determines which of the mechanisms to use based upon the security preferences specified earlier. The list of mechanisms is typically a list of mechanisms that the server supports, acquired from a capability request.

If SASL_INTERACT is returned, the library needs some values to be filled in before it can proceed. The prompt_need structure is filled in with requests. The application fullfills these requests and calls sasl_client_start() again with identical parameters. The prompt_need parameter is the same pointer as before, but it is filled in by the application.

PARAMETERS
conn

The SASL connection context.

mechlist

A list of mechanism that the server has available. Punctuation is ignored.

prompt_need

A list of prompts that are needed to continue, if necessary.

clientout

clientoutlen

clientout and clientoutlen are created. They contain the initial client response to send to the server. It is the job of the client to send them over the network to the server. Any protocol specific encodingthat is necessary, for example base64 encoding, must be done by the client. If the protocol lacks client-send-first capability, then set clientout to NULL. If there is no initial client-send, then *clientout will be set to NULL on return.

mech

Contains the name of the chosen SASL mechanism, upon success.

RETURN VALUES

sasl_client_start() returns an integer that corresponds to a SASL error code.

ERRORS
SASL_CONTINUE

The call to sasl_client_start() was successful, and more steps are needed in the authentication.

All other error codes indicate an error situation that must be handled, or the authentication session should be quit. See sasl_errors(3SASL) for information on SASL error codes.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE
Availablity SUNWlibsasl
Interface Stability Evolving
MT-Level Safe
SEE ALSO

sasl_errors(3SASL), attributes(5)