Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

sasl_server_new(3) [redhat man page]

sasl_server_new(16 May 2001)											      sasl_server_new(16 May 2001)

NAME

       sasl_server_new - Create a new server authentication object

SYNOPSIS

       #include <sasl/sasl.h>

       int sasl_server_new(const char *service,
		       const char *serverFQDN,
		       const char *user_realm,
		       const char *iplocalport,
		       const char *ipremoteport,
		       const sasl_callback_t *callbacks,
		       unsigned secflags,
		       sasl_conn_t ** pconn);

DESCRIPTION

       sasl_server_new()  creates a new SASL context. This context will be used for all SASL calls for one connection. It handles both authentica-
       tion and integrity/encyption layers after authentication.

       service is the registered name of the service (usually the protocol name) using SASL (e.g. "imap").

       serverFQDN is the fully qualified server domain name.  NULL means use gethostname().  This is useful for multi-homed servers.

       user_realm is the domain of the user agent. This is usually not necessary (NULL is default)

       iplocalport is the IP and port of the local side of the connection, or NULL.  If iplocalport  is  NULL  it  will  disable  mechanisms  that
       require	IP  address  information.   This  strings  must  be in one of the following formats: "a.b.c.d;port" (IPv4), "e:f:g:h:i:j:k:l;port"
       (IPv6), or "e:f:g:h:i:j:a.b.c.d;port" (IPv6)

       ipremoteport is the IP and port of the remote side of the connection, or NULL (see iplocalport)

       secflags are security flags (see below)

       pconn is a pointer to the conection context allocated by the library. This structure will be used for all future SASL calls for	this  con-
       nection.

       Security Flags

       Security flags that may be passed to sasl_server_new() include

       NOPLAINTEXT
	       Don't permit mechanisms susceptible to simple passive attack (e.g., PLAIN, LOGIN)

       NOACTIVE
	       Protection from active (non-dictionary) attacks during authentication exchange.	Authenticates server.

       NODICTIONARY
	       Don't permit mechanisms susceptible to passive dictionary attack

       FORWARD_SECURITY
	       Require forward secrecy between sessions. (breaking one won't help break next)

       PASS_CREDENTIALS
	       Require mechanisms which pass client credentials, and allow mechanisms which can pass credentials to do so.

RETURN VALUE

       sasl_server_new()  returns an integer which corresponds to one of the SASL error codes. SASL_OK is the only one that indicates success. All
       others indicate errors and should either be handled or the authentication session should be quit.

CONFORMING TO

       RFC 2222

SEE ALSO

       sasl(3), sasl_errors(3), sasl_server_init(3), sasl_server_start(3), sasl_server_step(3), sasl_setprop(3)

SASL man pages							       SASL					      sasl_server_new(16 May 2001)

Check Out this Related Man Page

sasl_server_new(3)						  SASL man pages						sasl_server_new(3)

NAME

       sasl_server_new - Create a new server authentication object

SYNOPSIS

       #include <sasl/sasl.h>

       int sasl_server_new(const char *service,
		       const char *serverFQDN,
		       const char *user_realm,
		       const char *iplocalport,
		       const char *ipremoteport,
		       const sasl_callback_t *callbacks,
		       unsigned flags,
		       sasl_conn_t ** pconn);

DESCRIPTION

       sasl_server_new()  creates a new SASL context. This context will be used for all SASL calls for one connection. It handles both authentica-
       tion and integrity/encryption layers after authentication.

       service is the registered name of the service (usually the protocol name) using SASL (e.g. "imap").

       serverFQDN is the fully qualified server domain name.  NULL means use gethostname().  This is useful for multi-homed servers.

       user_realm is the domain of the user agent. This is usually not necessary (NULL is default)

       iplocalport is the IP and port of the local side of the connection, or NULL.  If iplocalport  is  NULL  it  will  disable  mechanisms  that
       require	IP  address  information.   This  strings  must  be in one of the following formats: "a.b.c.d;port" (IPv4), "e:f:g:h:i:j:k:l;port"
       (IPv6), or "e:f:g:h:i:j:a.b.c.d;port" (IPv6)

       ipremoteport is the IP and port of the remote side of the connection, or NULL (see iplocalport)

       flags are connection flags (see below)

       pconn is a pointer to the connection context allocated by the library. This structure will be used for all future SASL calls for this  con-
       nection.

       Connection Flags

       SASL_SUCCESS_DATA
	       The protocol supports a server-last send

       SASL_NEED_PROXY
	       Force the use of a mechanism that supports an authorization id that is not the authentication id.

RETURN VALUE

       sasl_server_new()  returns an integer which corresponds to one of the SASL error codes. SASL_OK is the only one that indicates success. All
       others indicate errors and should either be handled or the authentication session should be quit.

CONFORMING TO

       RFC 4422

SEE ALSO

       sasl(3), sasl_errors(3), sasl_server_init(3), sasl_server_start(3), sasl_server_step(3), sasl_setprop(3)

SASL
								    16 May 2001 						sasl_server_new(3)
Man Page