1@deftypefn Prototype int (*Gsasl_server_callback_validate) (Gsasl_session_ctx * @var{ctx}, char * @var{authentication_id}, char * @var{authorization_id}, char * @var{passcode}, char * @var{pin}, char * @var{suggestpin}, size_t * @var{suggestpinlen}) 2 3@var{ctx}: libgsasl handle. 4 5@var{authorization_id}: input array with authorization identity. 6 7@var{authentication_id}: input array with authentication identity. 8 9@var{passcode}: input array with passcode. 10 11@var{pin}: input array with new pin (this may be NULL). 12 13@var{suggestpin}: output array with new suggested PIN. 14 15@var{suggestpinlen}: on input the maximum size of the output array, on 16output contains the actual size of the output array. 17 18Type of callback function the application implements. It should 19return GSASL_OK if and only if the validation of the provided 20credential was succesful. GSASL_AUTHENTICATION_ERROR is a good 21failure if authentication failed, but any available return code may be 22used. 23 24Two SECURID specific error codes also exists. The function can return 25GSASL_SECURID_SERVER_NEED_ADDITIONAL_PASSCODE to request that the 26client generate a new passcode. It can also return 27GSASL_SECURID_SERVER_NEED_NEW_PIN to request that the client generate 28a new PIN. If the server wishes to suggest a new PIN it can populate 29the SUGGESTPIN field. 30 31If SUGGESTPIN is NULL, the function should only populate the output 32length field with the length, and return GSASL_OK. This usage may be 33used by the caller to allocate the proper buffer size. 34 35@end deftypefn 36