SASL support in INN 2.5.0

Russ Allbery rra at stanford.edu
Thu Jun 25 22:56:53 UTC 2009


Julien ÉLIE <julien at trigofacile.com> writes:

> Consider for instance the Debian package which has SASL support.  A
> news client will see AUTHINFO SASL and try to authenticate with
> AUTHINFO SASL PLAIN <base64-string>.

Hm, shouldn't we be interrogating the SASL library for the supported
mechanisms, and if PLAIN isn't supported, not including it?  Or does the
SASL library always report that PLAIN is supported?

> That's why I had imagined to have an sasl_auth: parameter in
> readers.conf auth blocks.  If set to true, then an AUTHINFO SASL
> request will match this block if successful.
>
> AUTHINFO SASL would not be advertised if there is no "sasl_auth: true"
> in readers.conf.

This does make sense to me.

> If there is a perl_auth:, python_auth: or auth: parameter along with
> "sasl_auth: true", they will not be checked if AUTHINFO SASL is used
> (there might be no password with AUTHINFO SASL).

Yes, that sounds right.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>

    Please send questions to the list rather than mailing me directly.
     <http://www.eyrie.org/~eagle/faqs/questions.html> explains why.



More information about the inn-workers mailing list