Rob Siemborski wrote: > > As far as setpass() specifically, each plugin is still allowed to maintain > its own database of secrets if necessary. There is no requirement that > any mechanism plugin use sasldb for authentication (e.g. KERBEROS_V4). > For the record, saslpasswd makes all appropriate setpass() calls, though > the supplied mechanisms do not make use of it (except possibly OTP at > this point, but I'm not sure).
Yeah, OTP uses it. I'd prefer that it didn't, but because opiepasswd checks to make sure that the userid exists in /etc/passwd, I needed to provide a way of setting user keys on a closed system like Cyrus. I've fixed other bugs in OPIE which are required for compliance with RFC2444, although the code will run unpatched. Because Craig Metz is real busy a new release of OPIE won't be out real soon. I'll have to but together a patch to ship with SASL v2 until a new OPIE release comes out. Ken -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp