Simon Josefsson <[email protected]> ha escrit: > SCRAM-SHA-1. However I cannot login using LOGIN/PLAIN.
Probably, you have not configured the `gsasl' statement in your configuration file. See its short description in `imap4d --config-help' output. > GSASL_VALIDATE_SIMPLE callback is imap4d/auth_gsasl.c:cb_validate that > does: [...] > What is the purpose of the code? Is the intention that it MUST be run > for every user regardless of authentication method? No, of course not. It must be run only in the validation callback. Its purpose is as follows: > auth = mu_get_auth_by_name (*username); This returns a pointer to a structure containing the information about this account, or NULL if no such account exists. This function is a MU counterpart of getpwnam(3). The difference is that it looks the user up in the MU authorization database, as set by the `auth' statement (http://www.gnu.org/software/mailutils/manual/html_node/Auth-Statement.html), and that the resulting structure contains some more information about the account. > if (auth == NULL) > return GSASL_AUTHENTICATION_ERROR; If there are no such user, report error. > rc = mu_authenticate (auth, pass); The mu_authenticate function verifies if password (pass) matches that stored in the `auth' structure. The authentication mechanism is configured by the `auth' configuration statement. > mu_auth_data_free (auth); The `auth' structure is freed. > return rc == 0 ? GSASL_OK : GSASL_AUTHENTICATION_ERROR; The return from mu_authenticate determines that of the callback function. > Btw, the name of cram-passwd is a bit wrong now that it is also used for > non-CRAM mechanisms. I'm not sure it is worthwhile to rename it. It is definititely worth it. Thanks for pointing that out. > Btw^2, maybe a cleaner approach is to add a function mu_gsasl_getpass, > similar to mu_sql_getpass and use that? Yes, perhaps. I am now thinking about clearer ways to organize the auth stuff. I'll probably use this idea too. > I suspect (hope) that mu_authenticate need not be called for all users > unconditionally, and in that case, the patch below makes LOGIN/PLAIN > work for passwords stored in cram-passwd and SQL format. I'll try this. Thank you. Regards, Sergey _______________________________________________ Bug-mailutils mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-mailutils
