cyradm authz

Dave McMurtrie dgm+ at pitt.edu
Tue Sep 2 13:05:25 EDT 2003


On Tue, 2 Sep 2003, Rob Siemborski wrote:

> Its used exactly as it says.
>
> Its for you to authenticate as one user and authorize as another, e.g.
>
> cyradm --user rjs3.admin --authz bob
>
> gets me connected as bob but authenticated as rjs3.admin (who is an admin
> in imapd.conf).

Thanks, Rob.  This makes sense.  I appreciate the info.  As I expected,
now that I know what it's supposed to do, I have more questions.

Is there a bug in perl/imap/IMAP.c, or am I reading the source wrong?

In perl/imap/IMAP.c it appears to correctly parse the options passed to
it.  It uses the char pointer "auth" to store the username and the char
pointer "user" to store the user to authorize as.  When it calls
imclient_authenticate(), it's passing "user" as the fourth argument where
I think it should be passing "auth".

As a result, it's trying to authenticate as a user named "" and fails
everytime unless I specify "--authz" when I invoke cyradm.

Can you check this out and let me know if I'm way off base?

Thanks,

Dave
--
Dave McMurtrie, Systems Programmer
University of Pittsburgh
Computing Services and Systems Development,
Development Services -- UNIX and VMS Services
717P Cathedral of Learning
(412)-624-6413

PGP/GPG Key:  http://www.pitt.edu/~dgm/gpgkey.asc.txt




More information about the Info-cyrus mailing list