Home Man
Search
Today's Posts
Register

Linux & Unix Commands - Search Man Pages

RedHat 9 (Linux i386) - man page for sasl_server_new (redhat section 3)

sasl_server_new(16 May 2001)					     sasl_server_new(16 May 2001)

NAME
       sasl_server_new - Create a new server authentication object

SYNOPSIS
       #include <sasl/sasl.h>

       int sasl_server_new(const char *service,
		       const char *serverFQDN,
		       const char *user_realm,
		       const char *iplocalport,
		       const char *ipremoteport,
		       const sasl_callback_t *callbacks,
		       unsigned secflags,
		       sasl_conn_t ** pconn);

DESCRIPTION
       sasl_server_new() creates a new SASL context. This context will be used for all SASL calls
       for one connection. It handles both authentication and  integrity/encyption  layers  after
       authentication.

       service is the registered name of the service (usually the protocol name) using SASL (e.g.
       "imap").

       serverFQDN is the fully qualified server domain name.  NULL means use gethostname().  This
       is useful for multi-homed servers.

       user_realm  is  the  domain  of	the  user  agent.  This is usually not necessary (NULL is
       default)

       iplocalport is the IP and port of the local side of the connection, or NULL.  If  iplocal-
       port is NULL it will disable mechanisms that require IP address information.  This strings
       must be in one of the following	formats:  "a.b.c.d;port"  (IPv4),  "e:f:g:h:i:j:k:l;port"
       (IPv6), or "e:f:g:h:i:j:a.b.c.d;port" (IPv6)

       ipremoteport  is  the IP and port of the remote side of the connection, or NULL (see iplo-
       calport)

       secflags are security flags (see below)

       pconn is a pointer to the conection context allocated by the library. This structure  will
       be used for all future SASL calls for this connection.

       Security Flags

       Security flags that may be passed to sasl_server_new() include

       NOPLAINTEXT
	       Don't permit mechanisms susceptible to simple passive attack (e.g., PLAIN, LOGIN)

       NOACTIVE
	       Protection  from  active  (non-dictionary) attacks during authentication exchange.
	       Authenticates server.

       NODICTIONARY
	       Don't permit mechanisms susceptible to passive dictionary attack

       FORWARD_SECURITY
	       Require forward secrecy between sessions. (breaking one won't help break next)

       PASS_CREDENTIALS
	       Require mechanisms which pass client credentials, and allow mechanisms  which  can
	       pass credentials to do so.

RETURN VALUE
       sasl_server_new()  returns  an  integer	which corresponds to one of the SASL error codes.
       SASL_OK is the only one that indicates success. All  others  indicate  errors  and  should
       either be handled or the authentication session should be quit.

CONFORMING TO
       RFC 2222

SEE ALSO
       sasl(3),  sasl_errors(3),  sasl_server_init(3), sasl_server_start(3), sasl_server_step(3),
       sasl_setprop(3)

SASL man pages				       SASL		     sasl_server_new(16 May 2001)


All times are GMT -4. The time now is 08:52 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
UNIX.COM Login
Username:
Password:  
Show Password