note there are (or were) limits on the size of usernames and passwords
that pwcheck can deal with.
David Lang
On Fri, 10 Aug 2001, Jeremy Howard wrote:
> Date: Fri, 10 Aug 2001 05:59:54 +1000
> From: Jeremy Howard <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED], Marco Colombo <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: SASL re-entrancy crisis (was: OpenLDAP 2.0.x + pam_ldap +
> cyrus-imapd-2.0.x)
>
> Devdas Bhagat wrote:
> > The problem with the current design of imapd is that it assumes that
> > SASL will be available locally in some form, ignoring that it may not
> > be available there.
> > Do the pwcheck daemons provide support for this?
>
> Yes. The pwcheck 'API' is this simple:
> - SASL sends username\0password\0 over a socket
> - The daemon sends back 'OK\0' or 'Incorrect password\0'
>
> How the daemon decides on what response to return is completely open. For
> instance, my pwcheck daemon contacts a MySQL server on a remote machine to
> check the credentials.
>
>
