2009/5/29 Bron Gondwana <br...@fastmail.fm>: >> - custom authentification mechanism (for single sign-on purpose, >> because kerberos doesn't fit everywhere) > > BYO saslauthd protocol daemon. We have one written in Perl that does > all sorts of clever. Just put this in your imapd.conf > > sasl_pwcheck_method: saslauthd > > And have your daemon listen on a unix socket at: > > /var/state/saslauthd/mux > > You need to speak the saslauthd protocol, which is a packed string > format. We parse it in Perl like this: > > my $LoginName = get_counted_string($Self->{server}{client}); > my $Password = get_counted_string($Self->{server}{client}); > my $Service = lc get_counted_string($Self->{server}{client}); > my $Realm = get_counted_string($Self->{server}{client}); > > And return one of: > > use constant SASL_SUCC_RESP => pack("nA3", 2, "OK\000"); > use constant SASL_FAIL_RESP => pack("nA3", 2, "NO\000"); > > (with this function - slightly ugly code, but it works) > > sub get_counted_string { > my $fh = shift; > > my ($rd, $data); > > ($rd = sysread($fh, $data, 2) ) == 2 > or die "Unable to read counted string size ($rd != 2) ($!)"; > > my $size = unpack("n", $data); > > $data = ''; $rd = 0; my $this_data = ''; my $rem_size = $size; > while (my $this_rd = sysread($fh, $this_data, $rem_size)) { > $rd += $this_rd; > $rem_size -= $this_rd; > $data .= $this_data; > } > die "Unable to read counted string data ($rd != $size) ($!)" > unless ($rd == $size); > > return unpack("A$size", $data); > } >
Thank you very much. This was so obvious but we might have sought that replacing saslauthd would be complicated. Thanks a lot, we'll probably solve everything with an homebrew saslauthd. ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html