Ken,
I am not sure I answered your question before.
I went back and used Mac's tcpdump utility to look at the data coming
over the wire. It is *not* clear text. So, I am assuming it is
using Kerberos to encrypt the data. If I still have not answered
your question, I can either dig further into the code and/or ask some
Mac guys on the net -- but I've not found Mac guys that really know
the details like this.
Looking at prot_fill in prot.c, s->saslssf is true when the client is
authenticating using Kerberos and false when the client is using
"password" (which I assume is clear text password authentication).
Perry
On Feb 7, 2006, at 2:34 PM, Ken Murchison wrote:
Perry Smith wrote:
I have tracked down my problems to a call to sasl_decode in
prot_fill.
To recap: I am getting IOERROR: unexpected end of file in my log
file. It turns out that if the client has Kerberos GSSAI
authentication and the client tries to do an "APPEND" command, it
frequently fails (but not always). The rest of my Kerberos stuff
appears to be fine.
Are you using a Kerberos security layer (integrity and/or
confidentiality)?
--
Kenneth Murchison
Project Cyrus Developer/Maintainer
Carnegie Mellon University
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
