xref: /titanic_51/usr/src/man/man3sasl/sasl_client_step.3sasl (revision 036abaca93ddab92ba33036159c30112ab844810)
te
Copyright (C) 1998-2003, Carnegie Mellon Univeristy. All Rights Reserved.
Portions Copyright (C) 2003, Sun Microsystems,
Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
sasl_client_step 3SASL "28 Aug 2003" "SunOS 5.11" "Simple Authentication Security Layer Library Functions"
NAME
sasl_client_step - acquire an auxiliary property context
SYNOPSIS

cc [ flag ... ] file ... -lsasl [ library ... ]
#include <sasl/sasl.h>

int sasl_client_step(sasl_conn_t *conn, const char *serverin,
 sasl_interact_t **unsigned serverinlen, prompt_need,
 const char **clientout, sasl_interact_t **unsigned *clientoutlen);
DESCRIPTION

Use the sasl_client_step() interface performs a step in the authentication negotiation. sasl_client_step() returns SASL_OK if the complete negotiation is successful. If the negotiation on step is completed successfuly, but at least one more step is required, sasl_client_step() returns SASL_CONTINUE. A client should not assume an authentication negotiaion is successful because the server signaled success through the protocol. For example, if the server signaled OK Authentication succeeded in IMAP, sasl_client_step() should be called one more time with a serverinlen of zero.

If a call to sasl_client_step() returns SASL_INTERACT, the library requires some values before sasl_client_step() can proceed. The prompt_need structure will be filled with the requests. The application should fulfull these requests and call sasl_client_step() again with identical parameters. The prompt_need parameter will be the same pointer as before, but it will have been filled in by the application.

PARAMETERS

conn

The SASL connection context.

serverin

The data given by the server. The data is decoded if the protocol encodes requests sent over the wire.

serverinlen

The length of the serverin.

clientout

clientoutlen

clientout and clientoutlen are created. They contain the initial client response to send to the server. It is the job of the client to send them over the network to the server. Any protocol specific encodingthat is necessary, for example base64 encoding, must be done by the client.

prompt_need

A list of prompts that are needed to continue, if necessary.

RETURN VALUES

sasl_client_step() returns an integer that corresponds to a SASL error code.

ERRORS

SASL_OK

The call to sasl_client_start() was successful. Authentication is complete.

SASL_CONTINUE

The call to sasl_client_start() was successful, but at least one more step is required for authentication.

SASL_INTERACT

The library requires some values before sasl_client_step() can proceed.

All other error codes indicate an error situation that must be handled, or the authentication session should be quit. See sasl_errors(3SASL) for information on SASL error codes.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
Interface StabilityEvolving
MT-LevelSafe
SEE ALSO

sasl_errors(3SASL), attributes(5)