question about auth implementation
Ken Murchison
murch at andrew.cmu.edu
Tue May 9 16:18:03 EDT 2006
Dan Ellison wrote:
> Hello,
>
> The company I work for has been using Cyrus IMAP for several years with
> no problems. However, due to some new security policies, we have to
> make some changes in how we're authenticating.
>
> After reading the SASL docs and examining some of the plugin code, it
> appears to me that what I need is to be able to handle the password
> validation for the PLAIN and LOGIN authentication methods.
>
> I've looked at the plugin that implements the PLAIN method (code in
> plugins/plain.c), and it looks like I could modify that code into a new
> plugin that will do what I need. However, I have been unable to find
> the code that handles the password validation for the LOGIN auth. I
> have tried modifying the LOGIN plugin in plugins/login.c, but as far as
> I can tell, it isn't being used.
I assume that you're talking about the IMAP LOGIN command, not the SASL
LOGIN mechanism.
All plaintext authentication, whether it be SASL PLAIN, SASL LOGIN, IMAP
LOGIN, POP3 USER/PASS, call sasl_checkpass(). Depending on what you're
trying to do, it may be easier to tweak that function.
If you can tell me more about what you're trying to do, I can better
point you to the proper place in the code.
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
More information about the Cyrus-sasl
mailing list