Pascal Gienger wrote:
Alexey Melnikov schrieb:
1). Remove extra (unused) mutex in libsasl
2). Merge my utils/pluginviewer.c changes
3). Investigate global callback updating in subsequent
sasl_server_init() calls
4). Commit SQLite3 configure change. Test SQLite3 plugin.
5). Remove use of obsolete cmusasl... attributes
6). Strip trailing spaces from options during server configuration
loading
7). Investigate fix for bug # 2822 (OTP does not work with prompts)
8). Review patch for bug # 3134 (Improved error reporting from
auth_getpwent)
9). MacOS dlopen.c change (+ the libtool change?)
10). Merge Debian bugfixes
Is 5 really necessary?
There are quite some people who actually use cmusaslsecretDIGEST-MD5
to store secrets via ldap. If their hash database gets stolen they can
change the realm (DIGEST-MD5!) and recompute all the hashes, making
the stolen hashes useless.
I was only planning to remove PLAIN and CRAMMD5 attributes.
