.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.43)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "Authen::SASL 3pm"
.TH Authen::SASL 3pm "2023-09-24" "perl v5.36.0" "User Contributed Perl Documentation"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
Authen::SASL \- SASL Authentication framework
.SH "VERSION"
.IX Header "VERSION"
version 2.1700
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& use Authen::SASL;
\&
\& $sasl = Authen::SASL\->new(
\&   mechanism => \*(AqCRAM\-MD5 PLAIN ANONYMOUS\*(Aq,
\&   callback => {
\&     pass => \e&fetch_password,
\&     user => $user,
\&   }
\& );
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
\&\s-1SASL\s0 is a generic mechanism for authentication used by several
network protocols. \fBAuthen::SASL\fR provides an implementation
framework that all protocols should be able to share.
.PP
The framework allows different implementations of the connection
class to be plugged in. At the time of writing there were two such
plugins.
.IP "Authen::SASL::Perl" 4
.IX Item "Authen::SASL::Perl"
This module implements several mechanisms and is implemented
entirely in Perl.
.IP "Authen::SASL::XS" 4
.IX Item "Authen::SASL::XS"
This module uses the Cyrus \s-1SASL\s0 C\-library (both version 1 and 2
are supported).
.IP "Authen::SASL::Cyrus" 4
.IX Item "Authen::SASL::Cyrus"
This module is the predecessor to Authen::SASL::XS.
.Sp
Until version 2.16, Authen::SASL::Cyrus was loaded as an alternative
to Authen::SASL::XS.
.PP
By default Authen::SASL tries to load Authen::SASL::XS first,
followed by Authen::SASL::Perl on failure. If you want to change the
order or want to specifically use one implementation only simply do
.PP
.Vb 1
\& use Authen::SASL qw(Perl);
.Ve
.PP
or if you have another plugin module that supports the Authen::SASL \s-1API\s0
.PP
.Vb 1
\& use Authen::SASL qw(My::SASL::Plugin);
.Ve
.SS "\s-1CONTRUCTOR\s0"
.IX Subsection "CONTRUCTOR"
.IP "new ( \s-1OPTIONS\s0 )" 4
.IX Item "new ( OPTIONS )"
The constructor may be called with or without arguments. Passing arguments is
just a short cut to calling the \f(CW\*(C`mechanism\*(C'\fR and \f(CW\*(C`callback\*(C'\fR methods.
.RS 4
.IP "callback => { \s-1NAME\s0 => \s-1VALUE, NAME\s0 => \s-1VALUE, ...\s0 }" 4
.IX Item "callback => { NAME => VALUE, NAME => VALUE, ... }"
Set the callbacks.
See the callback method for details.
.IP "mechanism => \s-1NAMES\s0" 4
.IX Item "mechanism => NAMES"
.PD 0
.IP "mech => \s-1NAMES\s0" 4
.IX Item "mech => NAMES"
.PD
Set the list of mechanisms to choose from.
See the mechanism method for details.
.IP "debug => \s-1VALUE\s0" 4
.IX Item "debug => VALUE"
Set the debug level bit-value to \f(CW\*(C`VALUE\*(C'\fR
.Sp
Debug output will be sent to \f(CW\*(C`STDERR\*(C'\fR. The
bits of this value are:
.Sp
.Vb 4
\& 1   Show debug messages in the Perl modules for the mechanisms.
\&     (Currently only used in GSSAPI)
\& 4   With security layers in place show information on packages read.
\& 8   With security layers in place show information on packages written.
.Ve
.Sp
The default value is 0.
.RE
.RS 4
.RE
.SS "\s-1METHODS\s0"
.IX Subsection "METHODS"
.IP "mechanism ( )" 4
.IX Item "mechanism ( )"
Returns the current list of mechanisms
.IP "mechanism ( \s-1NAMES\s0 )" 4
.IX Item "mechanism ( NAMES )"
Set the list of mechanisms to choose from. \f(CW\*(C`NAMES\*(C'\fR should be a space separated string
of the names.
.IP "callback ( \s-1NAME\s0 )" 4
.IX Item "callback ( NAME )"
Returns the current callback associated with \f(CW\*(C`NAME\*(C'\fR.
.IP "callback ( \s-1NAME\s0 => \s-1VALUE, NAME\s0 => \s-1VALUE, ...\s0 )" 4
.IX Item "callback ( NAME => VALUE, NAME => VALUE, ... )"
Sets the given callbacks to the given values
.IP "client_new ( \s-1SERVICE, HOST, SECURITY\s0 )" 4
.IX Item "client_new ( SERVICE, HOST, SECURITY )"
Creates and returns a new connection object for a client-side connection.
.IP "server_new ( \s-1SERVICE, HOST, OPTIONS\s0 )" 4
.IX Item "server_new ( SERVICE, HOST, OPTIONS )"
Creates and returns a new connection object for a server-side connection.
.IP "error ( )" 4
.IX Item "error ( )"
Returns any error from the last connection
.SH "The Connection Class"
.IX Header "The Connection Class"
.IP "server_start ( \s-1CHALLENGE\s0 )" 4
.IX Item "server_start ( CHALLENGE )"
server_start begins the authentication using the chosen mechanism.
If the mechanism is not supported by the installed \s-1SASL\s0 it fails.
Because for some mechanisms the client has to start the negotiation,
you can give the client challenge as a parameter.
.IP "server_step ( \s-1CHALLENGE\s0 )" 4
.IX Item "server_step ( CHALLENGE )"
server_step performs the next step in the negotiation process. The
first parameter you give is the clients challenge/response.
.IP "client_start ( )" 4
.IX Item "client_start ( )"
The initial step to be performed. Returns the initial value to pass to the server
or an empty list on error.
.IP "client_step ( \s-1CHALLENGE\s0 )" 4
.IX Item "client_step ( CHALLENGE )"
This method is called when a response from the server requires it. \s-1CHALLENGE\s0
is the value from the server. Returns the next value to pass to the server or an
empty list on error.
.IP "need_step ( )" 4
.IX Item "need_step ( )"
Returns true if the selected mechanism requires another step before completion
(error or success).
.IP "answer ( \s-1NAME\s0 )" 4
.IX Item "answer ( NAME )"
The method will return the value returned from the last call to the callback \s-1NAME\s0
.IP "property ( \s-1NAME\s0 )" 4
.IX Item "property ( NAME )"
Returns the property value associated with \f(CW\*(C`NAME\*(C'\fR.
.IP "property ( \s-1NAME\s0 => \s-1VALUE, NAME\s0 => \s-1VALUE, ...\s0 )" 4
.IX Item "property ( NAME => VALUE, NAME => VALUE, ... )"
Sets the named properties to their associated values.
.IP "service ( )" 4
.IX Item "service ( )"
Returns the service argument that was passed to *_new\-methods.
.IP "host ( )" 4
.IX Item "host ( )"
Returns the host argument that was passed to *_new\-methods.
.IP "mechanism ( )" 4
.IX Item "mechanism ( )"
Returns the name of the chosen mechanism.
.IP "is_success ( )" 4
.IX Item "is_success ( )"
Once \fBneed_step()\fR returns false, then you can check if the authentication
succeeded by calling this method which returns a boolean value.
.SS "Callbacks"
.IX Subsection "Callbacks"
There are three different ways in which a callback may be passed
.IP "\s-1CODEREF\s0" 4
.IX Item "CODEREF"
If the value passed is a code reference then, when needed, it will be called
and the connection object will be passed as the first argument. In addition
some callbacks may be passed additional arguments.
.IP "\s-1ARRAYREF\s0" 4
.IX Item "ARRAYREF"
If the value passed is an array reference, the first element in the array
must be a code reference. When the callback is called the code reference
will be called with the connection object passed as the first argument
and all other values from the array passed after.
.IP "\s-1SCALAR\s0" 4
.IX Item "SCALAR"
All other values passed will be used directly. ie it is the same as
passing an code reference that, when called, returns the value.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
Authen::SASL::Perl, Authen::SASL::XS, Authen::SASL::Cyrus
.SH "MAINTAINER"
.IX Header "MAINTAINER"
Erik Huelsmann <ehuels@gmail.com>
.SH "AUTHOR"
.IX Header "AUTHOR"
Graham Barr <gbarr@pobox.com>
.SH "BUGS"
.IX Header "BUGS"
Please report any bugs, or any suggestions, in the GitHub project at
<https://github.com/gbarr/perl\-authen\-sasl/issues>.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
.Vb 2
\&  Copyright (c) 2023 Erik Huelsmann
\&  Copyright (c) 1998\-2005 Graham Barr.
.Ve
.PP
All rights reserved. This program is
free software; you can redistribute it and/or modify it under the same
terms as Perl itself.