man pages section 3: Networking Library Functions

Exit Print View

Updated: July 2014
 
 

sasl_authorize_t(3SASL)

Name

sasl_authorize_t - the SASL authorization callback

Synopsis

cc [ flag ... ] file ... –lsasl   [ library ... ]
#include <sasl/sasl.h>

int sasl_authorize_t(sasl_conn_t *conn, const char *requested_user,
     unsigned alen, const char* auth_identity, unsigned rlen,
     const char *def_realm, unsigned urlen, struct propctx *propctx);

Description

sasl_authorize_t() is a typedef function prototype that defines the interface associated with the SASL_CB_PROXY_POLICY callback.

Use the sasl_authorize_t() interface to check whether the authorized user auth_identity can act as the user requested_user. For example, the user root may want to authenticate with root's credentials but as the user tmartin, with all of tmartin's rights, not root's. A server application should be very careful when it determines which users may proxy as other users.

Parameters

conn

The SASL connection context.

requested_user

The identity or username to authorize. requested_user is null-terminated.

rlen

The length of requested_user.

auth_identity

The identity associated with the secret. auth_identity is null-terminated.

alen

The length of auth_identity.

default_realm

The default user realm as passed to sasl_server_new(3SASL).

ulren

The length of the default realm

propctx

Auxiliary properties

Return Values

Like other SASL callback functions, sasl_authorize_t() returns an integer that corresponds to a SASL error code. See <sasl.h> for a complete list of SASL error codes.

Errors

SASL_OK

The call to sasl_authorize_t() was successful.

See sasl_errors(3SASL) for information on SASL error codes.

Attributes

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/library/security/libsasl
Interface Stability
Committed
MT-Level
MT–Safe

See also

sasl_errors(3SASL), sasl_server_new(3SASL), attributes(5)