On Thu, Jun 5, 2008 at 2:47 PM, Gordon Sim <[EMAIL PROTECTED]> wrote:
> Aidan Skinner wrote: >> >> I believe it does, although this bug/difference of interpretation >> wouldn't manifest itself for any sane password (it only happens with >> certain high characters). I've had a look through the SASL source and >> it doesn't seem to do anything funky with the password inside itself. >> What do you read the password in as? > > Its read in as essentially binary data into a std::string then passed to > cyrus via a c-string. Ah, so you don't do any of the funky charset conversion that's going on elsewhere then? That may be an issue to watch out for when you try to interop Java to C++, although it will likely only affect certain passwords if it is a problem at all. >> As an aside, do you support hashed password files? > > All support for authentication currently comes from what cyrus provides. > Theres a config file in cpp/etc/sasl2 that authenticates against a db (an > example of which, containing guest user, is created during the dist build). > > Passwords are stored in the clear in the db though. Cyrus can also be setup > to authenticate against the hosts userbase, ldap etc. I'm not _aware_ of any > option to authenticate an application specific hashed password file, but > that doesn't mean its not there (it could be built as a cyrus module if > needed). Gotcha, just wondered. This all blew up because of the java brokers slightly odd strategy for not storing passwords in plaintext on disk. Thanks! - Aidan -- aim/y!:aidans42 g:[EMAIL PROTECTED] http://aidan.skinner.me.uk/ "We belong to nobody and nobody belongs to us. We don't even belong to each other."
