> > > I'm interested in taking a crack at implementing SASL authentication. > > Great! Go for it. I'm happy to talk about the design and implementation, > and review and pull patches when it comes time.
Cool. Let me mention up front that you'll have to bear with me when it comes to C idiom and style. The closest I've come to production C coding is a bit of Objective-C on iOS. I'd very much appreciate feedback that lets me fix whatever needs fixing rather than other folks doing it - I can use the practice. My plan is to: - use Cyrus SASL (libsasl2) - plan on using shared secret authentication schemes like PLAIN or DIGEST-MD5. expect administrators to use plaintext password databases. - define a sensible wire protocol; my first thoughts are at [2]. - build an evented server modelled after beanstalkd, reusing net.c / sock-*.c / sd-daemon.* / srv.c and following the patterns of conn.c / prot.c. [1] - modify beanstalkd to have a switch that causes it to listen to a PF_UNIX socket bound to a path. recvmsg() instead of accept(). I've actually started working on this and am at the point where I need a SASL client to test it. I'll need to take a detour and implement something, probably using https://github.com/astro/ruby-sasl. Please let me know your thoughts! Cheers, Jon [1] I might get excitable and turn this into a proxy that rewrites tube names along the lines of s/tube/username-tube/. Any kind of partitioning of tube accessibility by user would be helpful for me. [2] My first cut of a wire protocol: Requests: auth-list-mechanisms\r\n auth-start <mechanism> <bytes>\r\n <auth data - initial emission from client SASL>\r\n auth-step <bytes>\r\n <auth data - response from client SASL>\r\n Responses: AUTH_OK\r\n AUTH_UNAUTHORIZED\r\n AUTH_CONTINUE <bytes>\r\n <auth data - challenge from server SASL>\r\n -- You received this message because you are subscribed to the Google Groups "beanstalk-talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/beanstalk-talk?hl=en.
