Quanah Gibson-Mount:
> --On Wednesday, December 02, 2015 9:05 AM -0500 Wietse Venema
> <wie...@porcupine.org> wrote:
>
> > Selcuk Yazar:
> >> Thank you Koko for warning , hopelessly i try to my chance :(
> >>
> >> but i found this after ,i sent email
> >>
> >> "...From a cursory inspection of lib/pwcheck.c, saslauthd does not get
> >> passed
> >> any client IP information and cannot log it or forward it to pam..."
> >
> > Postfix currently sends no IP address to the Cyrus SASL library.
> >
> > Long ago, libsasl did not use this information, and the Postfix
> > side code has not been updated.
> >
> > You can try this patch and see if it fixes the problem (or if it
> > causes new ones).
>
> We are using this patch in our dev lab with postfix 3.0.3. So far, no
> problems have arisen, and it is helping us with resolving an issue we had
> with tracking originating IPs. Thanks!
Thanks. According to a document dating from 2003 (*), this code
needs more work:
- The sasl_server_new() function expects the form "ipaddress:port",
but Postfix sends only the IP address.
- An IPv6 address must be enclosed in [], which Postfix does not
yet do.
This is not completely trivial because the port information needs
to be consistent with information from proxies, postscreen, and
XCLIENT, otherwise results will be incorrect.
Wietse
(*) https://cyrusimap.org/docs/cyrus-sasl/2.1.25/draft-newman-sasl-c-api-xx.txt
