On Tuesday, 10 May 2005 at 21:43, David Champion wrote: > Mirapoint have chosen a different method of doing superuser > authentication, though -- they compile a string of the real user name, > the authuser name, and the [authuser] password, separated by null bytes, > and submit that base64-encoded in an AUTHENTICATE PLAIN negotiation. > This unfortunately doesn't work with any IMAP client without explicit > authuser support in the client. > > (I don't know whether this is Mirapoint's own invention, or whether it's > commonly used, but for the present I've called it "Mirapoint style".) I believe this is the format defined in RFC 2595. I'm under a pretty severe time crunch right now, so I can't take a close look at the problem, but I have a feeling you're reinventing at least some of the wheel. Mutt already supports SASL, and SASL already supports authuser. You'd have a much smaller patch if you just added $imap_authuser and passed that along to the SASL library. I seem to recall that you'd prefer to avoid the extra dependency, but I think it's preferable to adding redundant code. Especially since, like the GSSAPI code, it's not going to be used in distributions and will probably ended up rotting on the vine. > - an $imap_authuser_style variable, which switches between UW > and Mirapoint authuser methods, so that the same interface can > be used with either server type. This should be set to > "none", "uw", or "mirapoint". > > The patch does not autodetect which method the server uses. I'm not > confident that reliable tests for this can be devised, really. I don't think this is necessary. In the UW case you can just mangle imap_user by hand. I'd be surprised if UW didn't pick up the SASL style eventually anyway, since it's the standard. Of course, this is all an off-the-cuff opinion - if you've found problems with the SASL library I'd like to hear about them. -b
Attachment:
pgpBG7IQ6SpES.pgp
Description: PGP signature