SASL testing

Julien ÉLIE julien at trigofacile.com
Tue Sep 23 18:19:44 UTC 2008


Hi Russ,

> It's fine to support LOGIN where we support PLAIN.  I suspect that the
> underlying library just supports it for legacy reasons.

I have also checked that we do not need to add AUTHINFO SASL LOGIN to the
list of exceptions in the "nnrpd -t" trace mode.
PLAIN can be used with an initial response.
LOGIN does not use one according to the RFC you pointed me.

Consequently, there is no tracing security issue with it.

-- 
Julien ÉLIE

« -- Tu dois avoir un messager zélé autant qu'ailé
  pour faire rapidement le trajet.
  -- Oui ! et c'est une fine mouche ! » (Astérix) 



More information about the inn-workers mailing list