sasl_server_new(16 May 2001) sasl_server_new(16 May 2001)
sasl_server_new - Create a new server authentication object
int sasl_server_new(const char *service,
const char *serverFQDN,
const char *user_realm,
const char *iplocalport,
const char *ipremoteport,
const sasl_callback_t *callbacks,
sasl_conn_t ** pconn);
sasl_server_new() creates a new SASL context. This context will be used
for all SASL calls for one connection. It handles both authentication
and integrity/encyption layers after authentication.
service is the registered name of the service (usually the protocol
name) using SASL (e.g. "imap").
serverFQDN is the fully qualified server domain name. NULL means use
gethostname(). This is useful for multi-homed servers.
user_realm is the domain of the user agent. This is usually not neces-
sary (NULL is default)
iplocalport is the IP and port of the local side of the connection, or
NULL. If iplocalport is NULL it will disable mechanisms that require
IP address information. This strings must be in one of the following
formats: "a.b.c.d;port" (IPv4), "e:f:g:h:i:j:k:l;port" (IPv6), or
ipremoteport is the IP and port of the remote side of the connection,
or NULL (see iplocalport)
secflags are security flags (see below)
pconn is a pointer to the conection context allocated by the library.
This structure will be used for all future SASL calls for this connec-
Security flags that may be passed to sasl_server_new() include
Don't permit mechanisms susceptible to simple passive attack
(e.g., PLAIN, LOGIN)
Protection from active (non-dictionary) attacks during authen-
tication exchange. Authenticates server.
Don't permit mechanisms susceptible to passive dictionary
Require forward secrecy between sessions. (breaking one won't
help break next)
Require mechanisms which pass client credentials, and allow
mechanisms which can pass credentials to do so.
sasl_server_new() returns an integer which corresponds to one of the
SASL error codes. SASL_OK is the only one that indicates success. All
others indicate errors and should either be handled or the authentica-
tion session should be quit.
sasl(3), sasl_errors(3), sasl_server_init(3), sasl_server_start(3),
SASL man pages SASL sasl_server_new(16 May 2001)