cyrus-sasl 2.1.22 and pluginviewer
Alexey Melnikov
alexey.melnikov at isode.com
Mon May 22 13:08:52 EDT 2006
Andreas Winkelmann wrote:
>Hi All.
>
>First, I was positive suprised about this Tool ;-)
>
>
Thank you.
>But it makes some unexpected things.
>
>a) auxprop-plugins
>
>Installed are:
>
># ls /usr/lib/sasl2/
>. libcrammd5.so libgssapiv2.la
>libldapdb.so.2.0.22 libntlm.so.2 libplain.so libsql.la
>.. libcrammd5.so.2 libgssapiv2.so
>liblogin.la libntlm.so.2.0.22 libplain.so.2 libsql.so
>libanonymous.la libcrammd5.so.2.0.22 libgssapiv2.so.2
>liblogin.so libotp.la libplain.so.2.0.22 libsql.so.2
>libanonymous.so libdigestmd5.la libgssapiv2.so.2.0.22
>liblogin.so.2 libotp.so libsasldb.la libsql.so.2.0.22
>libanonymous.so.2 libdigestmd5.so libldapdb.la
>liblogin.so.2.0.22 libotp.so.2 libsasldb.so slapd.conf
>libanonymous.so.2.0.22 libdigestmd5.so.2 libldapdb.so
>libntlm.la libotp.so.2.0.22 libsasldb.so.2 smtpd.conf
>libcrammd5.la libdigestmd5.so.2.0.22 libldapdb.so.2
>libntlm.so libplain.la libsasldb.so.2.0.22
>
>ldapdb, sasldb, sql. But pluginviewer -a shows:
>
># pluginviewer -a
>Installed auxprop mechanisms are:
>sasldb
>List of auxprop plugins follows
>Plugin "sasldb" , API version: 4
> supports store: yes
>
>#
>
>Only sasldb. Why? Shouldn't it list all installed Plugins?
>
This might be a bit misleading, pluginviewer should probably say
"installed and properly configured". That is the whole point: it only
shows plugin that were successfully loaded. So if a plugin you want to
use is not showing up, it means that it is not properly configured.
>b) -m MECH
>The Help shows:
>
>-m MECHS force to use one of MECHS SASL mechanism
>
>But:
>
># pluginviewer -m PLAIN
>Installed SASL (server side) mechanisms are:
>OTP NTLM PLAIN DIGEST-MD5 CRAM-MD5 GSSAPI LOGIN ANONYMOUS EXTERNAL
>List of server plugins follows
>Plugin "plain" [loaded], API version: 4
> SASL mechanism: PLAIN, best SSF: 0, supports setpass: no
> security flags: NO_ANONYMOUS
> features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
>Installed auxprop mechanisms are:
>sasldb
>List of auxprop plugins follows
>Plugin "sasldb" , API version: 4
> supports store: yes
>
>Installed SASL (client side) mechanisms are:
>OTP NTLM PLAIN DIGEST-MD5 CRAM-MD5 GSSAPI LOGIN ANONYMOUS EXTERNAL
>List of client plugins follows
>Plugin "otp" [loaded], API version: 4
> SASL mechanism: OTP, best SSF: 0
> security flags: NO_ANONYMOUS|NO_PLAINTEXT|FORWARD_SECRECY
> features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
>Plugin "ntlm" [loaded], API version: 4
> SASL mechanism: NTLM, best SSF: 0
> security flags: NO_ANONYMOUS|NO_PLAINTEXT
> features: WANT_CLIENT_FIRST
>Plugin "plain" [loaded], API version: 4
> SASL mechanism: PLAIN, best SSF: 0
> security flags: NO_ANONYMOUS
> features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
>Plugin "digestmd5" [loaded], API version: 4
> SASL mechanism: DIGEST-MD5, best SSF: 128
> security flags: NO_ANONYMOUS|NO_PLAINTEXT|MUTUAL_AUTH
> features: PROXY_AUTHENTICATION|NEED_SERVER_FQDN
>Plugin "crammd5" [loaded], API version: 4
> SASL mechanism: CRAM-MD5, best SSF: 0
> security flags: NO_ANONYMOUS|NO_PLAINTEXT
> features: SERVER_FIRST
>Plugin "gssapiv2" [loaded], API version: 4
> SASL mechanism: GSSAPI, best SSF: 56
> security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|
>MUTUAL_AUTH
> features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN
>Plugin "login" [loaded], API version: 4
> SASL mechanism: LOGIN, best SSF: 0
> security flags: NO_ANONYMOUS
> features: SERVER_FIRST
>Plugin "anonymous" [loaded], API version: 4
> SASL mechanism: ANONYMOUS, best SSF: 0
> security flags: NO_PLAINTEXT
> features: WANT_CLIENT_FIRST
>Plugin "EXTERNAL" [loaded], API version: 4
> SASL mechanism: EXTERNAL, best SSF: 0
> security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_DICTIONARY
> features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
>#
>
>Server-Side only PLAIN, Client-Side All Installed Plugins, and additional the
>auxprop-Plugin(s) (sasldb)).
>
Hmm, I will investigate why all plugins were shown on the client side.
Sounds like a bug.
>
>c) A Option to show the Compiled-In Plugin-Path and Configuration-Path would
>be nice.
>
Ok, I will add this to the todo list.
More information about the Cyrus-sasl
mailing list