Ouch! Thanks for the reply. I am a perl novice so it will take a
while for me to understand it all. However, this is a lot more
complex then I was lead to believe. I thought most of what you are
doing was done behind the scenes automagically when I created the
SASL object.
On May 18, 2006, at 12:14 PM, Quanah Gibson-Mount wrote:
--On Thursday, May 18, 2006 7:27 AM -0400 Dennis Putnam
<[EMAIL PROTECTED]> wrote:
I was told some of you folks are working with Kerberos auth using
GSSAPI. I am trying to do the same thing with POP rather then
LDAP and I
am hoping someone here might be able to help me. It is not
obvious to me
what I really need to pass in the 'auth' method so I suspect that
is the
crux of my problem. When I try to authenticate to the POP server it
fails and all that shows up in the POP log is 'badlogin'. Here is my
relevant code:
use strict;
use Net::POP3;
use Authen::SASL;
I was able to use Authen::SASL to do GSSAPI authentication via
finger & whois, using the Authen-SASL-GSSAPI-server package.
The following are my code snippets that may help you in the right
direction:
######################################################################
######
# SASL related subroutines
######################################################################
######
sub sendreply
{
$SIG{PIPE} = 'IGNORE'; # Client is closing too fast
my ($s,$so) = @_;
$s = " " unless $s;
#print "Sendreply: ",substr($s,0,10),"\n";
syswrite ($so,$s);
}
sub getreply
{
my ($so) = @_;
my $s;
#print "Getreply is waiting.\n";
sysread($so,$s,4096);
#print "Getreply: ",substr($s,0,10),"\n";
return $s;
}
sub query_server {
my ($server, $query, $port) = @_;
# I tried using IO::Socket here, but the load time was noticeable.
# Using Getopt::Long is bad enough. On top of that, IO::Socket
doesn't
# return meaningful error codes that I can see, so one can't
distinguish
# between, say, "connection refused" and "host unreachable."
my $address = inet_aton ($server)
or die "Can't resolve server name $server\n";
my $proto = getprotobyname 'tcp';
$port ||= 43;
if ($port =~ /\D/) {
my $service = $port;
$port = getservbyname ($service, 'tcp')
or die "Unknown service $service\n";
}
socket (S, PF_INET, SOCK_STREAM, $proto)
or die "Can't create local socket: $!\n";
connect (S, sockaddr_in ($port, $address))
or die "Can't connect to $server: $!\n";
my $oldfh = select S; $| = 1; select $oldfh;
my $remote_ip = inet_ntoa($address);
my ($local_port, $local_ip) = sockaddr_in(getsockname(S));
$local_ip = inet_ntoa($local_ip);
#print "$local_ip;$local_port $remote_ip;$port\n";
my $saslClient = Authen::SASL->new (
mechanism => "GSSAPI",
callback => {
}
);
my $conn = $saslClient->client_new("host", "$remote_ip",
"$local_ip;$local_port", "$remote_ip;$port");
sendreply($conn->client_start(),\*S,0);
while ($conn->need_step) {
sendreply($conn->client_step(&getreply(\*S) ), \*S );
}
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
Dennis Putnam
Sr. IT Systems Administrator
AIM Systems, Inc.
11675 Rainwater Dr., Suite 200
Alpharetta, GA 30004
Phone: 678-240-4112
Main Phone: 678-297-0700
FAX: 678-297-2666 or 770-576-1000
The information contained in this e-mail and any attachments is
strictly confidential. If you are not the intended recipient, any
use, dissemination, distribution, or duplication of any part of this
e-mail or any attachment is prohibited. If you are not the intended
recipient, please notify the sender by return e-mail and delete all
copies, including the attachments.
