SASL bind programming - what is the expected response?

["Marsha Petry" <mpetry@qwest.net>]

I am testing how to send back a response to a SASL	bind challenge.  Is
that documented anywhere in a fairly easy-to-read format 
or in sample code?	RFC 2381 gives me a idea what needs to be
passed, but how does that translate into openldap library calls?

For example...

I created a small test C program (based off of an example in Netscape's C
SDK) to bind using "mpetry".  I set the credentials in ber structure (cred)
and when I do the first bind using
ldap_sasl_bind_s(ld,"uid=mpetry+realm=who.jabber.com","digest-md5",&cred,NULL,N
ULL,&servercred),
I get back a "SASL bind in progress".	Great, sounds good - but what is the
challenge it sends back asking me for?	 If I look in servercred, I see:

Server credentials:
realm="who.jabber.com",nonce="r6ceBnuQKc8TNKbdYDvPJLdg9PcqnU2knra2zakemFM=",qop
="auth,auth-int",charset=utf-8,algorithm=md5-sess

Now how do I respond? - I've already sent the mechanism and credentials.  Not
knowing how to satisfy that challenge,	as a test I sent the same bind
statement with the same credentials, and got back (rc=49):

ldap_sasl_bind_s: Invalid credentials
	additional info: required parameters missing

I'm using openldap 2.0.7 with Cyrus SASL, and it seems to work fine from the
command line. (e.g. using ldapsearch binding using DIGEST-MD5 works fine, so I
know the credentials are correct). 

Many thanks in advance for information or, if I've asked the wrong list,
pointers to where I should ask this question.
          
--		    
Marsha Petry			      
mpetry@qwest.net (note: no longer @uswest.net)