Authentication over SSL

Russ Allbery rra at stanford.edu
Mon Sep 22 08:13:45 UTC 2008


Julien ÉLIE <julien at trigofacile.com> writes:

> I have just implemented that for AUTHINFO USER/PASS and AUTHINFO SASL.
> However, I cannot change the behaviour of the legacy AUTHINFO GENERIC
> because it does not use auth blocks; therefore, there is no possibility
> to know whether SSL may be required for AUTHINFO GENERIC.
>
> I do not think it is a problem, though, for that deprecated use of
> AUTHINFO.

Yeah, that's not a problem.

> The main problem is that we then need to force a re-authentication after
> a successful TLS negotiation (because we need to change the current auth
> block).  I do not know if it is wise to do that.

We have to discard any authentication after STARTTLS anyway.  All state
must be reset after STARTTLS and no information from the connection prior
to STARTTLS can be trusted other than MODE READER.  (It may have been the
result of a man-in-the-middle attack.)

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

    Please send questions to the list rather than mailing me directly.
     <http://www.eyrie.org/~eagle/faqs/questions.html> explains why.


More information about the inn-workers mailing list