auth_pam.c patch (fwd)

Sasa Stupar sasa at stupar.homelinux.net
Wed Nov 16 03:09:23 EST 2005



--On 15. november 2005 21:58 +0100 iMil <imil at home.imil.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hi,
>
> i am working on a mail solution based on sendmail, ldap and saslauthd. To
> authenticate users, i choosed to use pam_ldap in conjunction with
> saslauthd. My users are identified with they usernames assosiated with
> their domain names. To keep the solution simple to the user, they will
> login on every services using their email as the username, and i needed to
> rewrite the arobase to another character.
> This is what this patch does, with a little bit more flexibility. It
> applies to auth_pam.c. I used the mech_option to do so, not sure this is
> the cleanest way but i didn't want to implement a conf file reading /
> parsing for a single option. If you beleive it's better i could do it
> anyway.
> The format for the mech_option is :
>
> <separator>,fmt:<format>
>
> Where separator is the string separating the user part from the domain
> part, and format is the format, printf-style, you want your final login to
> have, for example :
>
> /usr/local/sbin/saslauthd -a pam -O @,fmt:%s_%s
>
> will rewrite user at domain.tld to user_domain.tld. As you can imagine, the
> 1st %s refers to user and the 2d to domain.
>
> You'll find the patch at :
> http://imil.net/stuff/auth_pam+user_rewrite.diff
>
> It applies to version 2.1.21 (from FreeBSD ports), hope you'll like it
>
> regards
>
> - -------------------------
> iMil <imil at home.imil.net>
> _
>       http://gcu-squad.org                          ASCII ribbon campaign
> ( )
>                                                      - against HTML email
> X
>                                                                  & vCards
> / \
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (NetBSD)
>
> iD8DBQFDekwOFG3BlGWyzUIRAkCcAJ47eZHxMNISla7j5ck25NPnSpOY5gCfdmXd
> gyyp0KFp/PGMHGKitUTMoU4=
> =etJH
> -----END PGP SIGNATURE-----


But why use "_" instead of ":" which is more usually?
"_" character can be used also in the username part so then it won't work 
correctly since it would have two same characters.
Catch my point?

Regards,
Sasa


More information about the Cyrus-sasl mailing list