Pat Lashley wrote:
>
> --On Monday, November 19, 2001 01:54:11 PM -0500 Ken Murchison
> <[EMAIL PROTECTED]> wrote:
>
> > Cyrus users,
> >
> > We are getting close to releasing Cyrus v2.1 (yeah, I know I've said
> > this a bunch of times already) and we are leaning towards making it
> > dependent on SASL v2. We would like to do this for a number of reasons:
> >
> > <reasons elided>
>
> Sounds like a good idea.
>
> > The biggest (only?) downside for existing installations is that any
> > secrets stored in sasldb would have to migrated to the new format. This
> > will require resetting all of the users passwords because they can not
> > be extracted from the old sasldb (unless you have been using my APOP
> > patch). As stated above, this will eventually have to be done, so why
> > not now?
>
> Aarrgghhh. That's a definate stumbling block. Especially if you have
> other applications sharing the sasldb; but not ready to shift to v2.
Maybe I wasn't clear. You do NOT have to change the existing sasldb in
any way. You have to set the users' passwords in the new sasldb.
> How much can be done to ease the transition? Is there a tool to
> extract PLAIN passwords from the v1 sasldb and store them in the
> new format? (That would at least handle the common case where all
> of the mechanisms actually used the same password for a given user.)
No. The PLAIN passwords were not stored in a plaintext format in v1.5.
If you are running with my APOP patch (which stored a plaintext
password), then there is a conversion tool available.
Ken
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
