X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/0756eb3cb50d73a77b486e47528f7cb1bffdb299..37942ad83fcb6b788cceb4abe2891c92651811a7:/src/src/auths/README diff --git a/src/src/auths/README b/src/src/auths/README index 190505f25..d4f125c30 100644 --- a/src/src/auths/README +++ b/src/src/auths/README @@ -1,5 +1,3 @@ -$Cambridge: exim/src/src/auths/README,v 1.1 2004/10/07 13:10:00 ph10 Exp $ - AUTHS The modules in this directory are in support of various authentication @@ -23,7 +21,7 @@ The API for each of these functions is documented with the function's code. INTERFACE TO SMTP AUTHENTICATION MECHANISMS -These are general SSL mechanisms, adapted for use with SMTP. Each +These are general SASL mechanisms, adapted for use with SMTP. Each authentication mechanism has three functions, for initialization, server authentication, and client authentication. @@ -44,9 +42,10 @@ The second function performs authentication as a server. It receives a pointer to the instance block, and its second argument is the remainder of the data from the AUTH command. The numeric variable maximum setting (expand_nmax) is set to zero, with $0 initialized as unset. The authenticator may set up numeric -variables according to its specification; it should leave expand_nmax set at -the end so that they can be used for the expansion of the generic server_set_id -option, which happens centrally. +variables according to its (old) specification and $auth variables the +preferred ones nowadays; it should leave them set at the end so that they can +be used for the expansion of the generic server_set_id option, which happens +centrally. This function has access to the SMTP input and output so that it can write intermediate responses and read more data if necessary. There is a packaged @@ -57,7 +56,8 @@ The yield of a server authentication check must be one of: OK success DEFER couldn't complete the check FAIL authentication failed - CANCELLED authentication forced to fail by "*" response to challenge + CANCELLED authentication forced to fail by "*" response to challenge, + or by certain forced string expansion failures BAD64 bad base64 data received UNEXPECTED unexpected data received @@ -68,7 +68,7 @@ CLIENT AUTHENTICATION The third function performs authentication as a client. It receives a pointer to the instance block, and four further arguments: - The smtp_inblock item for the connection to the remote host. + The smtp_context item for the connection to the remote host. The normal command-reading timeout value. @@ -85,7 +85,8 @@ The yield of a client authentication check must be one of: FAIL failed after reading a response; either errno is set (for timeouts, I/O failures) or the buffer contains the SMTP response line - FORCEFAIL failed without reading a response (often "fail" in expansion) + CANCELLED the client cancelled authentication (often "fail" in expansion) + the buffer may contain a message; if not, *buffer = 0 ERROR local problem (typically expansion error); message in buffer To communicate with the remote host the client should call