cyrus-sasl 2.1.22 and pluginviewer

Alexey Melnikov alexey.melnikov at isode.com
Mon May 22 13:08:52 EDT 2006


Andreas Winkelmann wrote:

>Hi All.
>
>First, I was positive suprised about this Tool ;-)
>  
>
Thank you.

>But it makes some unexpected things.
>
>a) auxprop-plugins
>
>Installed are:
>
># ls /usr/lib/sasl2/
>.                       libcrammd5.so           libgssapiv2.la         
>libldapdb.so.2.0.22  libntlm.so.2       libplain.so          libsql.la
>..                      libcrammd5.so.2         libgssapiv2.so         
>liblogin.la          libntlm.so.2.0.22  libplain.so.2        libsql.so
>libanonymous.la         libcrammd5.so.2.0.22    libgssapiv2.so.2       
>liblogin.so          libotp.la          libplain.so.2.0.22   libsql.so.2
>libanonymous.so         libdigestmd5.la         libgssapiv2.so.2.0.22  
>liblogin.so.2        libotp.so          libsasldb.la         libsql.so.2.0.22
>libanonymous.so.2       libdigestmd5.so         libldapdb.la           
>liblogin.so.2.0.22   libotp.so.2        libsasldb.so         slapd.conf
>libanonymous.so.2.0.22  libdigestmd5.so.2       libldapdb.so           
>libntlm.la           libotp.so.2.0.22   libsasldb.so.2       smtpd.conf
>libcrammd5.la           libdigestmd5.so.2.0.22  libldapdb.so.2         
>libntlm.so           libplain.la        libsasldb.so.2.0.22
>
>ldapdb, sasldb, sql. But pluginviewer -a shows:
>
># pluginviewer -a
>Installed auxprop mechanisms are:
>sasldb
>List of auxprop plugins follows
>Plugin "sasldb" ,       API version: 4
>        supports store: yes
>
>#       
>
>Only sasldb. Why? Shouldn't it list all installed Plugins?
>
This might be a bit misleading, pluginviewer should probably say 
"installed and properly configured". That is the whole point: it only 
shows plugin that were successfully loaded. So if a plugin you want to 
use is not showing up, it means that it is not properly configured.

>b) -m MECH
>The Help shows:
>
>-m MECHS        force to use one of MECHS SASL mechanism
>
>But:
>
># pluginviewer -m PLAIN
>Installed SASL (server side) mechanisms are:
>OTP NTLM PLAIN DIGEST-MD5 CRAM-MD5 GSSAPI LOGIN ANONYMOUS EXTERNAL
>List of server plugins follows
>Plugin "plain" [loaded],        API version: 4
>        SASL mechanism: PLAIN, best SSF: 0, supports setpass: no
>        security flags: NO_ANONYMOUS
>        features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
>Installed auxprop mechanisms are:
>sasldb
>List of auxprop plugins follows
>Plugin "sasldb" ,       API version: 4
>        supports store: yes
>
>Installed SASL (client side) mechanisms are:
>OTP NTLM PLAIN DIGEST-MD5 CRAM-MD5 GSSAPI LOGIN ANONYMOUS EXTERNAL
>List of client plugins follows
>Plugin "otp" [loaded],  API version: 4
>        SASL mechanism: OTP, best SSF: 0
>        security flags: NO_ANONYMOUS|NO_PLAINTEXT|FORWARD_SECRECY
>        features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
>Plugin "ntlm" [loaded],         API version: 4
>        SASL mechanism: NTLM, best SSF: 0
>        security flags: NO_ANONYMOUS|NO_PLAINTEXT
>        features: WANT_CLIENT_FIRST
>Plugin "plain" [loaded],        API version: 4
>        SASL mechanism: PLAIN, best SSF: 0
>        security flags: NO_ANONYMOUS
>        features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
>Plugin "digestmd5" [loaded],    API version: 4
>        SASL mechanism: DIGEST-MD5, best SSF: 128
>        security flags: NO_ANONYMOUS|NO_PLAINTEXT|MUTUAL_AUTH
>        features: PROXY_AUTHENTICATION|NEED_SERVER_FQDN
>Plugin "crammd5" [loaded],      API version: 4
>        SASL mechanism: CRAM-MD5, best SSF: 0
>        security flags: NO_ANONYMOUS|NO_PLAINTEXT
>        features: SERVER_FIRST
>Plugin "gssapiv2" [loaded],     API version: 4
>        SASL mechanism: GSSAPI, best SSF: 56
>        security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|
>MUTUAL_AUTH
>        features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN
>Plugin "login" [loaded],        API version: 4
>        SASL mechanism: LOGIN, best SSF: 0
>        security flags: NO_ANONYMOUS
>        features: SERVER_FIRST
>Plugin "anonymous" [loaded],    API version: 4
>        SASL mechanism: ANONYMOUS, best SSF: 0
>        security flags: NO_PLAINTEXT
>        features: WANT_CLIENT_FIRST
>Plugin "EXTERNAL" [loaded],     API version: 4
>        SASL mechanism: EXTERNAL, best SSF: 0
>        security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_DICTIONARY
>        features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
>#
>
>Server-Side only PLAIN, Client-Side All Installed Plugins, and additional the 
>auxprop-Plugin(s) (sasldb)).
>
Hmm, I will investigate why all plugins were shown on the client side. 
Sounds like a bug.

>
>c) A Option to show the Compiled-In Plugin-Path and Configuration-Path would 
>be nice.  
>
Ok, I will add this to the todo list.



More information about the Cyrus-sasl mailing list