sasl_client_new(3) [redhat man page]
sasl_client_new(21 June 2001) sasl_client_new(21 June 2001) NAME
sasl_client_new - Create a new client authentication object SYNOPSIS
#include <sasl/sasl.h> int sasl_client_new(const char *service, const char *serverFQDN, const char *iplocalport, const char *ipremoteport, const sasl_callback_t *prompt_supp, unsigned secflags, sasl_conn_t ** pconn); DESCRIPTION
sasl_client_new() creates a new SASL context. This context will be used for all SASL calls for one connection. It handles both authentica- tion and integrity/encyption layers after authentication. service is the registered name of the service (usually the protocol name) using SASL (e.g. "imap"). serverFQDN is the fully qualified domain name of the server (e.g. "serverhost.cmu.edu"). iplocalport is the IP and port of the local side of the connection, or NULL. If iplocalport is NULL it will disable mechanisms that require IP address information. This strings must be in one of the following formats: "a.b.c.d;port" (IPv4), "e:f:g:h:i:j:k:l;port" (IPv6), or "e:f:g:h:i:j:a.b.c.d;port" (IPv6) ipremoteport is the IP and port of the remote side of the connection, or NULL (see iplocalport) prompt_supp is a list of client interactions supported that is unique to this connection. If this parameter is NULL the global callbacks (specified in sasl_client_init) will be used. See sasl_callback for more information. secflags are security flags (see below) pconn is the conection context allocated by the library. This structure will be used for all future SASL calls for this connection. Security Flags Security flags that may be passed to sasl_server_new() include SASL_SEC_NOPLAINTEXT Don't permit mechanisms susceptible to simple passive attack (e.g., PLAIN, LOGIN) SASL_SEC_NOACTIVE Protection from active (non-dictionary) attacks during authentication exchange. Authenticates server. SASL_SEC_NODICTIONARY Don't permit mechanisms susceptible to passive dictionary attack SASL_SEC_FORWARD_SECURITY Require forward secrecy between sessions. (breaking one won't help break next) SASL_SEC_NOANONYMOUS Don't permit mechanisms that allow anonymous login SASL_SEC_PASS_CREDENTIALS Require mechanisms which pass client credentials, and allow mechanisms which can pass credentials to do so. SASL_SEC_MAXIMUM All of the above. RETURN VALUE
sasl_client_new returns an integer which corresponds to one of the following codes. SASL_OK is the only one that indicates success. All others indicate errors and should either be handled or the authentication session should be quit. ERRORS
SASL_OK Success SASL_BADPARAM Error in config file or passed parameters SASL_NOMECH No mechanism meets requested properties SASL_NOMEM Not enough memory to complete operation CONFORMING TO
RFC 2222 SEE ALSO
sasl(3), sasl_client_init(3), sasl_client_start(3), sasl_client_step(3), sasl_setprop(3) SASL man pages SASL sasl_client_new(21 June 2001)
Check Out this Related Man Page
sasl_client_new(3SASL) Simple Authentication Security Layer Library Functions sasl_client_new(3SASL) NAME
sasl_client_new - create a new client authentication object SYNOPSIS
cc [ flag ... ] file ... -lsasl [ library ... ] #include <sasl/sasl.h> int sasl_client_new(const char *service, const char *serverFQDN, const char *iplocalport, const char *ipremoteport, const sasl_callback_t *prompt_supp, unsigned flags, sasl_conn_t **pconn); DESCRIPTION
Use the sasl_client_new() interface to create a new SASL context. This SASL context will be used for all SASL calls for one connection. The context handles both authentication and the integrity and encryption layers after authentication. PARAMETERS
service The registered name of the service that uses SASL, usually the protocol name, for example, IMAP. serverFQDN The fully qualified domain name of the server, for example, serverhost.cmu.edu. iplocalport The IP and port of the local side of the connection, or NULL. If iplocalport is NULL, mechanisms that require IP address information are disabled. The iplocalport string must be in one of the following formats: o a.b.c.d:port (IPv6) o [e:f:g:h:i:j:k:l]:port (IPv6) o [e:f:g:h:i:j:a.b.c.d]:port (IPv6) o a.b.c.d;port (IPv4) o e:f:g:h:i:j:k:l;port (IPv6) o e:f:g:h:i:j:a.b.c.d;port (IPv6) ipremoteport The IP and port of the remote side of the connection, or NULL. prompt_supp A list of the client interactions supported that are unique to this connection. If this parameter is NULL, the global call- backs specified in sasl_client_init(3SASL) are used. flags Usage flags. For clients, the flag SASL_NEED_PROXY is available. pconn The connection context allocated by the library. The pconn structure is used for all future SASL calls for this connection. RETURN VALUES
sasl_client_new() returns an integer that corresponds to a SASL error code. ERRORS
SASL_OK The call to sasl_client_new() was successful. SASL_NOMECH No mechanishm meets the requested properties. SASL_BADPARAM There is an error in the configuration file or passed parameters. SASL_NOMEM There is not enough memory to complete the operation. All other error codes indicate an error situation that must be handled, or the authentication session should be quit. See sasl_errors(3SASL) for information on SASL error codes. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWlibsasl | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ |MT-Level |Safe | +-----------------------------+-----------------------------+ SEE ALSO
sasl_client_init(3SASL), sasl_errors(3SASL), attributes(5) SunOS 5.10 27 Aug 2003 sasl_client_new(3SASL)