SASL_CHECKPASS(3SASL) Simple Authentication Security Layer Library Functions SASL_CHECKPASS(3SASL)

sasl_checkpass - check a plaintext password

cc [ flag ... ] file ... -lsasl   [ library ... ]
#include <sasl/sasl.h>
int sasl_checkpass(sasl_conn_t *conn, const char *user, unsigned userlen,

const char *pass, unsigned passlen);

The sasl_checkpass() interface checks a plaintext password. The sasl_checkpass() interface is used for protocols that had a login method before SASL, for example, the LOGIN command in IMAP. The password is checked with the pwcheck_method.

The sasl_checkpass() interface is a server interface. You cannot use it to check passwords from a client.

The sasl_checkpass() interface checks the posible repositories until it succeeds or there are no more repositories. If sasl_server_userdb_checkpass_t is registered, sasl_checkpass() tries it first.

Use the pwcheck_method SASL option to specify which pwcheck methods to use.

The sasl_checkpass() interface supports the transition of passwords if the SASL option auto_transition is on.

If user is NULL, check is plaintext passwords are enabled.


The sasl_conn_t for which the request is being made


Plaintext password to check


The length of pass


User to query in current user_domain


The length of username.

sasl_checkpass() returns an integer that corresponds to a SASL error code.


Indicates that the authentication is complete

All other error codes indicate an error situation that must be handled, or the authentication session should be quit. See sasl_errors(3SASL) for information on SASL error codes.

See attributes(7) for descriptions of the following attributes:

Interface Stability Evolving
MT-Level Safe

sasl_errors(3SASL), attributes(7)

October 14, 2003 OmniOS