-*- nroff -*-

Copyright (c) 2001 Carnegie Mellon University. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:

1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the
distribution.

3. The name "Carnegie Mellon University" must not be used to
endorse or promote products derived from this software without
prior written permission. For permission or any other legal
details, please contact
Office of Technology Transfer
Carnegie Mellon University
5000 Forbes Avenue
Pittsburgh, PA 15213-3890
(412) 268-4387, fax: (412) 268-7395
tech-transfer@andrew.cmu.edu

4. Redistributions of any form whatsoever must retain the following
acknowledgment:
"This product includes software developed by Computing Services
at Carnegie Mellon University (http://www.cmu.edu/computing/)."

CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

sasl_client_new - Create a new client authentication object

 #include <sasl/sasl.h>  "int sasl_client_new(const char " *service ", "  " const char " *serverFQDN ", "  " const char " *iplocalport ", "  " const char " *ipremoteport ", "  " const sasl_callback_t " *prompt_supp,  " unsigned " flags ", "  " sasl_conn_t ** " pconn ");" 

sasl_client_new() creates a new SASL context. This context will be used for all SASL calls for one connection. It handles both authentication and integrity/encryption layers after authentication.

service is the registered name of the service (usually the protocol name) using SASL (e.g. "imap").

serverFQDN is the fully qualified domain name of the server (e.g. "serverhost.cmu.edu").

iplocalport is the IP and port of the local side of the connection, or NULL. If iplocalport is NULL it will disable mechanisms that require IP address information. This strings must be in one of the following formats: "a.b.c.d;port" (IPv4), "e:f:g:h:i:j:k:l;port" (IPv6), or "e:f:g:h:i:j:a.b.c.d;port" (IPv6)

ipremoteport is the IP and port of the remote side of the connection, or NULL (see iplocalport)

prompt_supp is a list of client interactions supported that is unique to this connection. If this parameter is NULL the global callbacks (specified in sasl_client_init) will be used. See sasl_callback for more information.

flags are connection flags (see below)

pconn is the connection context allocated by the library. This structure will be used for all future SASL calls for this connection.

Connection Flags

Flags that may be passed to sasl_server_new() include

0.8i SASL_SUCCESS_DATA The protocol supports a server-last send

0.8i SASL_NEED_PROXY Force the use of a mechanism that supports an authorization id that is not the authentication id.

sasl_client_new returns an integer which corresponds to one of the following codes. SASL_OK is the only one that indicates success. All others indicate errors and should either be handled or the authentication session should be quit.

0.8i SASL_OK Success

0.8i SASL_BADPARAM Error in config file or passed parameters

0.8i SASL_NOMECH No mechanism meets requested properties

0.8i SASL_NOMEM Not enough memory to complete operation

RFC 4422 sasl(3), sasl_client_init(3), sasl_client_start(3), sasl_client_step(3), sasl_setprop(3)