source: trunk/third/cyrus-sasl/man/sasl_client_new.3 @ 17977

Revision 17977, 4.9 KB checked in by ghudson, 22 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r17976, which included commits to RCS files with non-trunk default branches.
Line 
1.\" -*- nroff -*-
2.\"
3.\" Copyright (c) 2001 Carnegie Mellon University.  All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\"
9.\" 1. Redistributions of source code must retain the above copyright
10.\"    notice, this list of conditions and the following disclaimer.
11.\"
12.\" 2. Redistributions in binary form must reproduce the above copyright
13.\"    notice, this list of conditions and the following disclaimer in
14.\"    the documentation and/or other materials provided with the
15.\"    distribution.
16.\"
17.\" 3. The name "Carnegie Mellon University" must not be used to
18.\"    endorse or promote products derived from this software without
19.\"    prior written permission. For permission or any other legal
20.\"    details, please contact 
21.\"      Office of Technology Transfer
22.\"      Carnegie Mellon University
23.\"      5000 Forbes Avenue
24.\"      Pittsburgh, PA  15213-3890
25.\"      (412) 268-4387, fax: (412) 268-7395
26.\"      tech-transfer@andrew.cmu.edu
27.\"
28.\" 4. Redistributions of any form whatsoever must retain the following
29.\"    acknowledgment:
30.\"    "This product includes software developed by Computing Services
31.\"     at Carnegie Mellon University (http://www.cmu.edu/computing/)."
32.\"
33.\" CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
34.\" THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
35.\" AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
36.\" FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
37.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
38.\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
39.\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
40.\"
41.TH sasl_client_new "21 June 2001" SASL "SASL man pages"
42.SH NAME
43sasl_client_new \- Create a new client authentication object
44
45
46.SH SYNOPSIS
47.nf
48.B #include <sasl/sasl.h>
49.sp
50.BI "int sasl_client_new(const char " *service ", "
51.BI "                    const char " *serverFQDN ", "
52.BI "                    const char " *iplocalport ", "
53.BI "                    const char " *ipremoteport ", "
54.BI "                    const sasl_callback_t " *prompt_supp,
55.BI "                    unsigned " secflags ", "
56.BI "                    sasl_conn_t ** " pconn ");"
57
58.fi
59.SH DESCRIPTION
60
61.B sasl_client_new()
62creates a new SASL context. This context will be used for all SASL calls for one connection. It handles both authentication and integrity/encyption layers after authentication.
63.PP
64.I service
65is the registered name of the service (usually the protocol name) using SASL (e.g. "imap").
66.PP
67.I serverFQDN
68is the fully qualified domain name of the server (e.g. "serverhost.cmu.edu").
69.PP
70.I iplocalport
71is the IP and port of the local side of the connection, or NULL.  If
72iplocalport is NULL it will disable mechanisms that require IP address
73information.  This strings must be in one of the following formats:
74"a.b.c.d;port" (IPv4), "e:f:g:h:i:j:k:l;port" (IPv6),
75or "e:f:g:h:i:j:a.b.c.d;port" (IPv6)
76.PP
77.I ipremoteport
78is the IP and port of the remote side of the connection, or NULL (see
79iplocalport)
80.PP
81.I prompt_supp
82is a list of client interactions supported that is unique to this connection. If this parameter is NULL the global callbacks (specified in sasl_client_init) will be used. See sasl_callback for more information.
83.PP
84.I secflags
85are security flags (see below)
86.PP
87.I pconn
88is the conection context allocated by the library. This structure will be used for all future SASL calls for this connection.
89.PP
90.B Security Flags
91.PP
92Security flags that may be passed to
93.B sasl_server_new()
94include
95.TP 0.8i
96.B SASL_SEC_NOPLAINTEXT
97Don't permit mechanisms susceptible to simple passive attack (e.g., PLAIN, LOGIN)
98.TP 0.8i
99.B SASL_SEC_NOACTIVE
100Protection from active (non-dictionary) attacks during authentication exchange. Authenticates server.
101.TP 0.8i
102.B SASL_SEC_NODICTIONARY
103Don't permit mechanisms susceptible to passive dictionary attack
104.TP 0.8i
105.B SASL_SEC_FORWARD_SECURITY
106Require forward secrecy between sessions. (breaking one won't help break next)
107.TP 0.8i
108.B SASL_SEC_NOANONYMOUS
109Don't permit mechanisms that allow anonymous login
110.TP 0.8i
111.B SASL_SEC_PASS_CREDENTIALS
112Require mechanisms which pass client credentials, and allow mechanisms which can pass credentials to do so.
113.TP 0.8i
114.B SASL_SEC_MAXIMUM
115All of the above.
116
117.SH "RETURN VALUE"
118
119sasl_client_new returns an integer which corresponds to one of the
120following codes. SASL_OK is the only one that indicates success. All
121others indicate errors and should either be handled or the
122authentication session should be quit.
123
124.SH ERRORS
125.TP 0.8i
126.B SASL_OK
127Success
128.TP 0.8i
129.B SASL_BADPARAM
130Error in config file or passed parameters
131.TP 0.8i
132.B SASL_NOMECH
133No mechanism meets requested properties
134.TP 0.8i
135.B SASL_NOMEM
136Not enough memory to complete operation
137
138.SH "CONFORMING TO"
139RFC 2222
140.SH "SEE ALSO"
141sasl(3), sasl_client_init(3), sasl_client_start(3), sasl_client_step(3), sasl_setprop(3)
Note: See TracBrowser for help on using the repository browser.