SASL_CLIENT_START(3SASL) Simple Authentication Security Layer Library Functions SASL_CLIENT_START(3SASL)

sasl_client_start - perform a step in the authentication negotiation

cc [ flag ... ] file ... -lsasl   [ library ... ]
#include <sasl/sasl.h>
int sasl_client_start(sasl_conn_t *conn, const char *mechlist,

sasl_interact_t **prompt_need, const char **clientout,
unsigned *clientoutlen, const char **mech);

Use the sasl_client_start() interface to select a mechanism for authentication and start the authentication session. The mechlist parameter holds the list of mechanisms that the client might like to use. The mechanisms in the list are not necessarily supported by the client, nor are the mechanisms necessarily valid. SASL determines which of the mechanisms to use based upon the security preferences specified earlier. The list of mechanisms is typically a list of mechanisms that the server supports, acquired from a capability request.

If SASL_INTERACT is returned, the library needs some values to be filled in before it can proceed. The prompt_need structure is filled in with requests. The application fullfills these requests and calls sasl_client_start() again with identical parameters. The prompt_need parameter is the same pointer as before, but it is filled in by the application.


The SASL connection context.


A list of mechanism that the server has available. Punctuation is ignored.


A list of prompts that are needed to continue, if necessary.


clientout and clientoutlen are created. They contain the initial client response to send to the server. It is the job of the client to send them over the network to the server. Any protocol specific encodingthat is necessary, for example base64 encoding, must be done by the client.

If the protocol lacks client-send-first capability, then set clientout to NULL. If there is no initial client-send, then *clientout will be set to NULL on return.


Contains the name of the chosen SASL mechanism, upon success.

sasl_client_start() returns an integer that corresponds to a SASL error code.


The call to sasl_client_start() was successful, and more steps are needed in the authentication.

All other error codes indicate an error situation that must be handled, or the authentication session should be quit. See sasl_errors(3SASL) for information on SASL error codes.

See attributes(7) for descriptions of the following attributes:

Interface Stability Evolving
MT-Level Safe

sasl_errors(3SASL), attributes(7)

May 13, 2017 OmniOS