SASL support in INN 2.5.0
Alexander Bartolich
alexander.bartolich at gmx.at
Sun Jun 28 19:11:09 UTC 2009
Julien ÉLIE wrote:
> [...]
> So basically, you wish to change how AUTHINFO SASL has been implemented.
> I understand that you want AUTHINFO SASL to reject the authentication
> if it fails and, in the case it is successful, to go on with possible
> perl_auth: and python_auth: hooks. Not with auth: I believe.
> We could provide $attributes{'saslmech'} to show it has been successfully
> matched by the given mechanism.
That's one way to do it.
> [...]
> Can't you use $attributes{'hostname'} and $attributes{'ipaddress'}
> in perl_auth: for your checks?
AFAIK there is no way for perl_auth to first check the IP address
and then request username/password. Perhaps INN could call a separate
Perl function to determine whether username/password is required at
all.
>> Having to edit readers.conf to close an account is really awkward.
>> And simulating a rejected login through "perl_access:" feels silly.
>
> Yet, perl_auth: has access to the same attributes as perl_access:
> (+ password).
Yet another way would be to give perl_access the possibility to
close the session.
Ciao
Alexander.
More information about the inn-workers
mailing list