different sasl_mech_lists for imap and http?
Pim Zandbergen
pim at zandbergen.org
Thu Oct 11 13:13:42 EDT 2018
Is there a simple way to configure a different sasl_mech_list for imap
and http?
I was allowing login, plain, cram-md5 and digest-md5 using sasldb, when
I noticed digest-md5 is not working at all for http.
But it works fine for imap.
I started noticing this when it turned out iOS CalDAV/CardDAV clients
could not authenticate.
iOS, once it sees digest-md5 offered, apparently will not fall back to
other mechs.
Other *dav clients appear to be less picky, especially over SSL.
But other *dav clients will start to fail too, if digest-md5 is the only
mech available.
Since I can't figure out what's wrong with my SASL setup, I'd like to
disable digest-md5 for http,
but leave it enabled for imap where it works fine.
I'm using cyrus imap 3.0.8 on Fedora.
More information about the Info-cyrus
mailing list