Jeremy Howard wrote:
>
> Ken Murchison wrote:
> > Christopher Audley wrote:
> <...>
> > >
> > > Because the protocol is essentially the same as pwcheck, you can lift
> > > saslauthd from a latter version of SASL and use it with your 1.5.24 SASL
> > > installation.
> >
> > Well... This is *most likely* going to change in SASL v2. The current
> > thinking between myself, Lyndon Nerenberg from Messaging Direct (the
> > original author of saslauthd), and Rob Siemborski and Larry Greenfield
> > from CMU, is that the protocol will be changed to use counted length
> > strings instead of NUL delimited strings, and will be extended to
> > include the service name and user realm. An example from Lyndon is
> > below.
> >
> Why the proposed change, Ken? The current null termination is easy to use
> and existing daemons already work with it.
Not _entirely_ sure myself. This was proposed by the guy who originally
authored (and contributed) saslauthd. My guess is that using counted
length strings (similar to IMAP's literals) is much cleaner, especially
if we define the string content as UTF-8.
> I can understand the interest in adding the service name, and I'd sure I'd
> understand why 'realm' is useful if you could explain briefly what that
> is... But I don't see the point of changing the format.
I wanted the service name so that any PAM implementations which have
different rules for POP and IMAP will still work (like mine). I then
decided to add the realm (currently only used by Kerberos) so that all
the data currently used internally by SASL v1.5 for plaintext
verification is available to whichever mechanism is used by saslauthd.
> Hey, it's no big deal--I'm sure I can handle counting characters ;-) But if
> it ain't broke, don't fix it, huh?
I think this is more of a move forward and a preemptive thing. Let's
change it now before we realize that it is broken down the road.
Ken
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
