SASL support in INN 2.5.0
rra at stanford.edu
Thu Jun 25 22:56:53 UTC 2009
Julien ÉLIE <julien at trigofacile.com> writes:
> Consider for instance the Debian package which has SASL support. A
> news client will see AUTHINFO SASL and try to authenticate with
> AUTHINFO SASL PLAIN <base64-string>.
Hm, shouldn't we be interrogating the SASL library for the supported
mechanisms, and if PLAIN isn't supported, not including it? Or does the
SASL library always report that PLAIN is supported?
> That's why I had imagined to have an sasl_auth: parameter in
> readers.conf auth blocks. If set to true, then an AUTHINFO SASL
> request will match this block if successful.
> AUTHINFO SASL would not be advertised if there is no "sasl_auth: true"
> in readers.conf.
This does make sense to me.
> If there is a perl_auth:, python_auth: or auth: parameter along with
> "sasl_auth: true", they will not be checked if AUTHINFO SASL is used
> (there might be no password with AUTHINFO SASL).
Yes, that sounds right.
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
Please send questions to the list rather than mailing me directly.
<http://www.eyrie.org/~eagle/faqs/questions.html> explains why.
More information about the inn-workers