Re: question about auth implementation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dan Ellison wrote:
Hello,

The company I work for has been using Cyrus IMAP for several years with no problems. However, due to some new security policies, we have to make some changes in how we're authenticating.

After reading the SASL docs and examining some of the plugin code, it appears to me that what I need is to be able to handle the password validation for the PLAIN and LOGIN authentication methods.

I've looked at the plugin that implements the PLAIN method (code in plugins/plain.c), and it looks like I could modify that code into a new plugin that will do what I need. However, I have been unable to find the code that handles the password validation for the LOGIN auth. I have tried modifying the LOGIN plugin in plugins/login.c, but as far as I can tell, it isn't being used.

I assume that you're talking about the IMAP LOGIN command, not the SASL LOGIN mechanism.

All plaintext authentication, whether it be SASL PLAIN, SASL LOGIN, IMAP LOGIN, POP3 USER/PASS, call sasl_checkpass(). Depending on what you're trying to do, it may be easier to tweak that function.

If you can tell me more about what you're trying to do, I can better point you to the proper place in the code.

--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University

[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux