Marco Aurelio Monteiro wrote:
As far as I know it does. However some clients (Mozilla Thunderbird
for example) tests all authentication methods, and uses all until one
of those works. TLS plugin registers itself in "auth" hook when it is
loaded, creating an illusion that all authentication methods are
available. This situation may cause an unexpected behavior (because
there is no plugin priority in the hook) working together with other
auth plugins, and uses processing power unnecessarily. The TLS plugin
should returns DENY to all commands only after a ssl negotiation has
failed. It does not make sense for me that TLS plugin registers itself
in all hooks until this situation occurs.
Thanks.
Bob Dodds wrote:
If other auth plugins are confused, doesn't qpsmtpd ignore
them after it receives a DENY from any hook?
And it must be possible for other auth plugins to bait
thunderbird in the same way, by registering as auth
instead of a more specific capability.
I think the new init method will not accept the more
specific capability registration. I updated from
registering the hook to init sub hook_auth-cram-md5
and it wouldn't work so I had to sub hook_auth--
# old register--
# $self->register_hook( "auth-cram-md5" , "authldap" ) ;
# specific capability failed--
#sub hook_auth-cram-md5
# new: baits thunderbird to try all auth methods?--
sub hook_auth
...trouble.
-Bob
