Patch status

Alexey Melnikov alexey.melnikov at isode.com
Tue Oct 16 13:26:50 EDT 2012


Hi Amir,

On 13/10/2012 02:55, Amir 'CG' Caspi wrote:
> Speaking of more updates...
>
>     This issue still hasn't been truly resolved:
> http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/2011-April/002233.html
>
>     Lorenzo Catucci released a couple of patches to deal with this but 
> they were "rejected" by RHEL because they supposedly broke 
> compatibility with other utilities.  From reading the latest comments 
> in the bug report 
> (https://bugzilla.redhat.com/show_bug.cgi?id=683797), especially #16, 
> it appears that this is because the patch causes saslauthd to hang up 
> if it doesn't receive rhost info, which it wouldn't from utilities 
> that haven't been modified to send it.  Perhaps the patch could be 
> rewritten so that saslauthd doesn't _expect_ rhost, but still allows 
> it, so it won't hang up if not given that info.
>     Some later comments (notably #20) remark that this is an issue 
> with other auth schemes besides pam.

I can apply the older patch (for 1.5.X, possibly updated), but my 
problem is that I can't really test it. If somebody is willing to try it 
out, I can attempt to fix this issue.

>     In any case, it would be awesome to have this updated at the 
> source (here), and to have it work - right now, without rhost logging 
> capability, DDoS banners like fail2ban can't use saslauthd info (at 
> least not with pam).



More information about the Cyrus-sasl mailing list