SASL Server Plugin

Dan White dwhite at olp.net
Fri Nov 23 04:51:07 EST 2012


>On Fri, Nov 23, 2012 at 8:06 AM, Dan White <dwhite at olp.net> wrote:
>> The PLAIN mechanism is a protocol defined in RFC 4616. plain.c is it's
>> implementation within cyrus sasl. RFC 3501 provides details about how SASL
>> interactions (for all mechanisms) are initiated and completed for IMAP.
>>
>> I am not clear what you mean by "After this step again the server needs to
>> send a request asking for some other parameters." Is this step related to
>> authentication, or to some other aspect of the email protocol you are
>> using?

On 11/23/12 09:29 +0530, Mathew iprocessor wrote:
>The step is related to authentication. Once the username and password is
>verified, I server needs to ask the client for some more parameters. How to
>achieve this in plain.c?

On 11/23/12 13:07 +0530, Mathew iprocessor wrote:
>In another form once the server founds the username and password sent by
>the client is correct, then instead of sending authentication success to
>the client the server needs to ask for another parameter and if the client
>sends that x parameter, the server should receive it. Is it possible to
>implement in plain.c? if it is possible can you send a snippet?

A challenge-response (multi-step) mechanism, such as OTP or DIGEST-MD5,
would be better place to start.

-- 
Dan White


More information about the Cyrus-sasl mailing list