Timo Sirainen
2005-Dec-21 22:37 UTC
[Dovecot] PATCH: Dovecot SASL authentication for Postfix 2.3-20051220
Skipped content of type multipart/mixed-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://dovecot.org/pipermail/dovecot/attachments/20051221/643bbd8a/attachment-0001.pgp
Wietse Venema
2005-Dec-23 17:12 UTC
[Dovecot] Re: PATCH: Dovecot SASL authentication for Postfix 2.3-20051220
I'm adding the finishing touch to the Postfix Dovecot plug-in, to be released with snapshot 20051223. The plug-in code quality is generally very good. I had two observations, both of minor importance: - The authentication server protocol uses the TAB character as a delimiter, so it is critical that legitimate user names don't contain this character. This is of course trivial to ensure with the authentication server implementation, so I will not worry about it. - I noticed that the plug-in did not satisfy one Postfix principle, namely that operations be bounded in time. I added a time limit for connect, read and write operations. Postfix will time-bound all operations anyway, but the diagnostics of the watchdog timer are less specific and therefore less useful. Wietse
/dev/rob0
2005-Dec-24 07:38 UTC
[Dovecot] Re: PATCH: Dovecot SASL authentication for Postfix 2.3-20051220
On Wednesday 2005-December-21 14:36, Timo Sirainen wrote:> Tested with PLAIN authentication. Doesn't require any external > libraries.Tested here in Postfix 2.3-20051223, PLAIN over TLS, and it works: a good username/password combination authenticates and a bad one is rejected. :) Thanks again to both Timo and Wietse for their work on this feature, and let me be the first to kick of this year's slew of posts wishing "happy holidays" to all. (I'm cheating by crossposting this. :) ) -- mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header