Re: [POLL] Cyrus v2.1 and SASL v2

Mon, 19 Nov 2001 12:22:02 -0800 


OCNS Consulting wrote:
> 
> Ken,
> 
> I have no problem resetting SASL Admin passwords however, does this
> change to SASL V2 effect PAM authentication (kerberos, LDAP, etc.)?

All of the plaintext verification mechanisms (PAM, password, shadow,
krb, sasldb, etc) have been moved out of the library and into
saslauthd.  Simply fire up 'saslauthd -a <authmech>' and you're good to
go.

Ken


> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Ken Murchison
> Sent: Monday, November 19, 2001 1:54 PM
> To: Cyrus Mailing List
> Subject: [POLL] Cyrus v2.1 and SASL v2
> 
> Cyrus users,
> 
> We are getting close to releasing Cyrus v2.1 (yeah, I know I've said
> this a bunch of times already) and we are leaning towards making it
> dependent on SASL v2.  We would like to do this for a number of reasons:
> 
> 1. Take advantage of the benefits of SASL v2 (improvements in memory
> management, support for additional plugin types, simplified database
> support, and improved error reporting).
> 
> 2. Take the lead in SASLv2 migration.  Hopefully Sendmail, OpenLDAP, etc
> would soon follow.
> 
> 3. SASL v2 and v1.5.x can peacefully co-exist on the same system.  I've
> been running Sendmail 8.12.1/SASL 1.5.24 and Cyrus 2.1 CVS/SASL 2.0.4
> CVS for weeks without any problems.
> 
> 4. We would no longer have to maintain two Cyrus v2.1 source branches
> (developer benefit).
> 
> 5. It WILL happen eventually, so why not now?
> 
> The biggest (only?) downside for existing installations is that any
> secrets stored in sasldb would have to migrated to the new format.  This
> will require resetting all of the users passwords because they can not
> be extracted from the old sasldb (unless you have been using my APOP
> patch).  As stated above, this will eventually have to be done, so why
> not now?
> 
> We would like to get as much feedback (pro and con) on this as possible
> before we make a final decision.
> 
> Thanks,
> Ken
> --
> Kenneth Murchison     Oceana Matrix Ltd.
> Software Engineer     21 Princeton Place
> 716-662-8973 x26      Orchard Park, NY 14127
> --PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp























					Reply via email to