saslauthd performance anxiety

Jeremy Rumpf jrumpf at heavyload.net
Fri Jan 10 11:51:11 EST 2003


I always hashed the password as soon as they entered the cache. So the 
checkpoint dump would contain binary MD5, SHA hashes etc. They're not clear 
text per say, but I can see why some would not find even that ideal.

Cheers,
Jeremy

On Friday 10 January 2003 11:07 am, Paul M Fleming wrote:
> Personally I have issues with dumping the contents of a password cache
> to a file. Especially in this case, they WILL be stored in cleartext. I
> had planned on keeping somes stats (hits,misses,etc)
>
> Jeremy Rumpf wrote:
> > > This whole idea sounds great, especially as I'd expect a lot of the
> > > authentication load to come from a small number of users with their
> > > clients set to check mail every few minutes.
> > >
> > > For debugging it would help if there was a way to force a flush of the
> > > entire cache, and one to dump its contents. I'm not sure how you'd get
> > > saslauthd to recognise maintenance commands like this - maybe some
> > > method of "out-of-band signalling", which seems better than tinkering
> > > with the socket protocol.
> > >
> > > --
> > > Simon Brady                             mailto:simon.brady at otago.ac.nz
> > > ITS Technical Services
> > > University of Otago, Dunedin, New Zealand
> >
> > How about SIGUSR1 and SIGUSR2?
> >
> > Cheers,
> > Jeremy





More information about the Info-cyrus mailing list