Setting the SASL Negotiation Sequence (Developer's Guide to Oracle Solaris Security)

Developer's Guide to Oracle Solaris Security

Previous: Memory Allocation in SASL Plug-ins
Next: Chapter??8 Introduction to the Oracle Solaris Cryptographic Framework

Setting the SASL Negotiation Sequence

A plug-in mechanism can set the order in which a client and server conduct a SASL conversation through the following flags:

SASL_FEAT_WANT_CLIENT_FIRST – The client side begins the interchange.
SASL_FEAT_WANT_SERVER_LAST – The server sends the final data to the client.

If neither flag is set, the mechanism plug-in sets the order internally. In this case, the mechanism must check both the client and server for data that needs to be sent. Note that the situation where the client sends first is only possible when the protocol permits an initial response.

The case in which the server sends last requires that the plug-in set *serverout when the step function returns SASL_OK. Those mechanisms that never have the server send last must set *serverout to NULL. Those mechanisms that always have the server send last need to point *serverout to the success data.

Previous: Memory Allocation in SASL Plug-ins
Next: Chapter??8 Introduction to the Oracle Solaris Cryptographic Framework