AUTHINFO SSL Patch

NDSoftware extml at ndsoftware.net
Sun Apr 22 12:25:55 UTC 2001


Where i can find the SSL patch ?
Thanks

Nicolas DEFFAYET, NDSoftware
http://www.ndsoftware.net - ndsoftware at ndsoftware.net
France: Tel +33 671887502
---
Note: All HTML email sent to me can be deleted for security reasons.

-----Original Message-----
From: inn-workers-bounce at isc.org [mailto:inn-workers-bounce at isc.org]On
Behalf Of James F. Hranicky
Sent: Friday, April 20, 2001 8:21 PM
To: jmv16 at cornell.edu
Cc: inn-workers at isc.org
Subject: Re: AUTHINFO SSL Patch


jmv16 at cornell.edu wrote:
> On Fri, 20 Apr 2001, James F. Hranicky wrote:
>
> > I don't care if the remote users use SSL *unless* then try to send
> > me their username and password. That's the functionality my patch
> > gives.
>
> That functionality is in my patch.  You have two auth groups for the
> remote IPs, one with require-ssl and one without, and allow password
> authentication only on the first group.

Ah, ok.

> The trouble is that there's nothing in the protocol for telling the
> client not to try authenticating.  So you can stop the clients from
> getting anywhere by authenticating on a non-SSL connection, but you can't
> stop them from sending their passwords if they really want to.

I suppose the best we can do is make sure it fails when they try...

----------------------------------------------------------------------
| Jim Hranicky, Senior SysAdmin                   UF/CISE Department |
| E314D CSE Building                            Phone (352) 392-1499 |
| jfh at cise.ufl.edu                      http://www.cise.ufl.edu/~jfh |
----------------------------------------------------------------------
         -  Encryption: its use by criminals is far less  -
         - frightening than its banishment by governments -
                      - Vote for Privacy -




More information about the inn-workers mailing list