During server login, a challenge/response security handshake occurs when the server issues a challenge, to which the client must respond.
A connection uses a negotiation callback to provide its response to the challenge. To do this, the connection installs a negotiation callback routine. At connection time, when Client-Library receives the server challenge, Client-Library triggers the negotiation callback.
A connection that participates in challenge/response security handshakes must have its CS_SEC_CHALLENGE property or its CS_SEC_APPDEFINED property set to CS_TRUE.
When the application calls ct_connect to connect to the server:
If the server replies with a challenge, then Client-Library calls the connection’s negotiation callback routine.
The negotiation callback routine generates the response and returns either CS_CONTINUE, CS_SUCCEED, or CS_FAIL.
If the callback routine returns CS_CONTINUE, Client-Library calls the negotiation callback again to get an additional response.
If the callback returns CS_SUCCEED, Client-Library sends the response(s) to the server.
If the callback returns CS_FAIL, Client-Library aborts the connection process, causing ct_connect to return CS_FAIL.