SASL Server Plugin

Mathew iprocessor i9processor at gmail.com
Thu Nov 22 10:57:58 EST 2012 

Hi,
I also have one more doubt. I am just editing Plain.c to make my own
mechanism. Here once the username and password is sent to the server from
client. The server will verify it and sends the response. After this step
again the server needs to send a request asking for some other parameters.
Once the client sends those parameters the server should receive it. How to
handle this in plain.c?


On Thu, Nov 22, 2012 at 3:14 AM, Helio Luchtenberg Jr <
helio.luchtenberg at gmail.com> wrote:

> I am thinking about the solution for that...
>
> We are working on this, please wait a while...
>
>
> On Wed, Nov 21, 2012 at 6:48 AM, Mathew iprocessor <i9processor at gmail.com>wrote:
>
>> Hi Dan,
>>
>> Thanks a lot for your reply. I dont need to implement a email server. I
>> just need to wirte my own mechanism just like PLAIN. For this I renamed
>> mech name to something like "sample-mech" and compiled it added the
>> corresponding .so files in /usr/lib64/sasl2. I gave the command
>> "sasl2-shared-mechlist" i get Available mechanisms: sample-mech. *Everything
>> is ok till now.*
>>
>> *I tried creating a sample-mech.c and compiled it and copied the .so
>> file to /usr/lib64/sasl2, now when I give the command
>> "sasl2-shared-mechlist". Now the mechanism name is not getting listed as
>> above. What might be the reason for this? Do I need to  anything extra
>> while adding a mechanism like this? *Please suggest..!
>>
>>
>>
>>
>> On Tue, Nov 20, 2012 at 11:02 AM, Dan White <dwhite at olp.net> wrote:
>>
>>> On 11/20/12 10:20 +0530, Mathew iprocessor wrote:
>>>
>>>> Hi,
>>>>
>>>> I need to implement SASL in my email client. I downloaded Cyrus-SASL and
>>>> installed it. When the client sends the "UserName" and "Password", my
>>>> server needs to verify the "UserName" and "Password" and Authenticate
>>>> it.
>>>> The below are some of my doubts, Please clarify.
>>>>
>>>
>>> See:
>>> http://www.cyrussasl.org/docs/**cyrus-sasl/2.1.25/programming.**php<http://www.cyrussasl.org/docs/cyrus-sasl/2.1.25/programming.php>
>>>
>>> Within your email client, after you have captured the user's username and
>>> password, you provide a callback to libsasl2 in which you provide that
>>> information to the library, and you will not need to know the details of
>>> how each of the existing mechanisms are implemented, such as PLAIN or
>>> DIGEST-MD5.
>>>
>>>
>>>  1) The "sasl2-sample-client" and "sasl2-sample-server" in the "bin"
>>>> directories and the "sample-client" and "sample-server" in "sample"
>>>> response are different. Where can I get the source code for
>>>> "sasl2-sample-server"?
>>>>
>>>
>>> There are two sets of sample/client applications distributed within the
>>> /sample directory of the source code. To compile both:
>>>
>>> ./configure [options]
>>> cd sample
>>> make
>>> make sample-server
>>> make sample-client
>>>
>>>
>>>  2) Once the "Username" and "Password" is passed from client to server,
>>>> the
>>>> server needs to verify the "UserName" and "Password" and authenticate
>>>> the
>>>> client. How to do this in server side? Does "sasl_checkpass" do this or
>>>> can
>>>> you suggest some other best way to achieve the above?  CAN YOU PROVIDE
>>>> SOME
>>>> CODE SNIPPETS FOR THIS?
>>>>
>>>
>>> That depends on the mechanism that was negotiated between the client and
>>> the server. For some mechanisms, such as DIGEST-MD5 and SCRAM, the
>>> username
>>> and password are not sent over the wire.
>>>
>>> For the PLAIN and LOGIN mechanisms (and the older user/pass
>>> style of authentication), where the username and password are sent, then
>>> authentication is performed using the configured 'pwcheck_method'. See:
>>>
>>> http://www.cyrussasl.org/docs/**cyrus-sasl/2.1.25/options.php<http://www.cyrussasl.org/docs/cyrus-sasl/2.1.25/options.php>
>>>
>>> Are you also attempting to write an email server?
>>>
>>>  3) I tried testing "sample-client" and "sample-server"  and I get the
>>>> below
>>>> response, how to solve this?
>>>>
>>>> *Server Terminal:
>>>>
>>>> *
>>>>
>>>> [root at localhost sample]# ./sample-server -p 8000 -s rcmd -m PLAIN
>>>> Forcing use of mechanism PLAIN
>>>> Sending list of 1 mechanism(s)
>>>> S: UExBSU4=
>>>> Waiting for client mechanism...
>>>>
>>>> *Client Terminal:
>>>>
>>>>
>>>> *
>>>>
>>>> [root at localhost sample]# ./sample-client -s rcmd -p 8000 -m PLAIN -n
>>>> 127.0.0.1
>>>> service=rcmd
>>>> Waiting for mechanism list from server...
>>>> S: UExBSU4*=                                                   Pasted
>>>> server Response*
>>>>
>>>> recieved 5 byte message
>>>> Forcing use of mechanism PLAIN
>>>> Choosing best mechanism from: PLAIN
>>>> lt-sample-client: SASL Other: No worthy mechs found
>>>> error was SASL(-4): no mechanism available: No worthy mechs found
>>>> lt-sample-client: Starting SASL negotiation: no mechanism available
>>>>
>>>
>>> You may not have the appropriate plugins installed. Use 'pluginviewer' or
>>> 'saslpluginviewer' on your system to list the available plugins. If you
>>> are
>>> missing PLAIN, then you're likely missing some relevant packages (or
>>> you've
>>> compiled something wrong).
>>>
>>> --
>>> Dan White
>>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20121122/f8d9a3b0/attachment.html

More information about the Cyrus-sasl mailing list