Next release of CMU SASL - update

Patrick Ben Koetter p at state-of-mind.de
Thu Apr 9 04:30:10 EDT 2009


* Pascal Gienger <Pascal.Gienger at uni-konstanz.de>:
> Alexey Melnikov schrieb:
>
>> 1). Remove extra (unused) mutex in libsasl
>> 2). Merge my utils/pluginviewer.c changes
>> 3). Investigate global callback updating in subsequent sasl_server_init() calls
>> 4). Commit SQLite3 configure change. Test SQLite3 plugin.
>> 5). Remove use of obsolete cmusasl... attributes
>> 6). Strip trailing spaces from options during server configuration loading
>> 7). Investigate fix for bug # 2822 (OTP does not work with prompts)
>> 8). Review patch for bug # 3134 (Improved error reporting from auth_getpwent)
>> 9). MacOS dlopen.c change (+ the libtool change?)
>> 10). Merge Debian bugfixes 
>
> Is 5 really necessary?
> There are quite some people who actually use cmusaslsecretDIGEST-MD5 to  
> store secrets via ldap. If their hash database gets stolen they can  
> change the realm (DIGEST-MD5!) and recompute all the hashes, making the  
> stolen hashes useless.

+1 for leaving it in, if it is still useful. IIRC Alexey wanted to take it out
because it wouldn't work anymore.

BTW: HOW do you make use of it? It would be interesting to have this working.

p at rick

-- 
The Book of Postfix
<http://www.postfix-book.com>
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>


More information about the Cyrus-sasl mailing list