Dan Ellison wrote:
Hello,
The company I work for has been using Cyrus IMAP for several years with
no problems. However, due to some new security policies, we have to
make some changes in how we're authenticating.
After reading the SASL docs and examining some of the plugin code, it
appears to me that what I need is to be able to handle the password
validation for the PLAIN and LOGIN authentication methods.
I've looked at the plugin that implements the PLAIN method (code in
plugins/plain.c), and it looks like I could modify that code into a new
plugin that will do what I need. However, I have been unable to find
the code that handles the password validation for the LOGIN auth. I
have tried modifying the LOGIN plugin in plugins/login.c, but as far as
I can tell, it isn't being used.
I assume that you're talking about the IMAP LOGIN command, not the SASL
LOGIN mechanism.
All plaintext authentication, whether it be SASL PLAIN, SASL LOGIN, IMAP
LOGIN, POP3 USER/PASS, call sasl_checkpass(). Depending on what you're
trying to do, it may be easier to tweak that function.
If you can tell me more about what you're trying to do, I can better
point you to the proper place in the code.
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
