|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: SASL auth: postfix passing "user" instead of "user
domain.tld" to saslauthd
From: postfixml (postfixmlmedasys.com)
Date: Mon May 03 2004 - 09:16:46 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andreas Winkelmann a écrit :
>Am Freitag, 30. April 2004 09:42 schrieb guerin%gmx;net:
>
>
>
>>It seems that postfix is not passing auth information correctly from my
>>mail client (evolution) to saslauthd. (...)
>>
>>
>
>Yes, this is a nice little Feature implemented since Cyrus-SASL 2.1.17. If you
>use saslauthd, the Library itselfs drops the domain-part from the Username
>before saslauthd is contacted. "testsaslauthd" does not use the Library (Good
>Test!), so this dropping happens not with it.
>
>a) Go back to 2.1.15
>b) If your Passwords are plain, use the sql-auxprop-plugin.
>c) Change the Sourcecode of sasl and drop the Part where the domain-part is
>cutted off.
>
>
For your Information :
On Fri, 30 Apr 2004, [ISO-8859-1] Sylvain wrote:
>> - Why since the 2.1.15 saslauthd , the library drops the domain-part
>> from the username before saslauthd is conctacted ?
>
>
It doesn't drop the name. It passes it as the realm parameter to
saslauthd instead of as part of the userid.
>> - Why testsaslauthd don't use the library (difficult to see the problem) ?
>
>
Why should it? Testsaslauthd is to test just the saslauthd service and
isolate it as the problem.
>> - Do you think add this patch
>> (http://frost.ath.cx/software/cyrus-sasl-patches/) in the library
>> (Yes/No/Why/When ?)
>
>
No -- this patch breaks the auxprop abstraction. Really, the solution is
a mysql saslauthd module for this purpose.
> OK because we can't use encryption for password (md5, crypt, etc...)
>
> You envisaged to do a mysql saslauthd soon ?
As soon as someone submits a reasonable patch, we'll encorporate it.
-Rob
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
Research Systems Programmer * /usr/contributed Gatekeeper
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]