Password accessing in CRAM-MD5 authentication
Alexey Melnikov
alexey.melnikov at isode.com
Wed Feb 7 12:50:11 EST 2007
Denis Malyshkin wrote:
>Hello,
>
> I'm writing an SMTP-server application that maintain its own
>user/password database. How can I use Cyrus-SASL with my application
>for CRAM-MD5 (DIGEST-MD5 and so on) authentication ?
>
> For PLAIN & LOGIN mechanisms Cyrus-SASL has a callback
>sasl_server_userdb_checkpass_t which allows to check username &
>password agains the caller-supplied database.
>
> I think, another callback, which gets an username (and, possible, a
>realm) and return plain-text password back to the SASL engine, will be
>appropriate for my needs.
>
> An hour later:
> I found that SASL 1 had sasl_server_getsecret_t callback which did
>something like I need. Why was this callback removed in SASL 2 ?
>
>
I am afraid I don't know the answer to this.
>Does SASL 2 use another way for the caller-supplied database for
>CRAM-MD5 mechanism ?
>
Yes. You should write your own auxprop plugin. Look at plugins/sasldb.c
(or plugins/sql.c) for an example.
> I would be very appreciative of examples or any
>hints.
>
>
More information about the Cyrus-sasl
mailing list