[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AUTH= !*, what to do...
|
From: |
Sam Roberts |
|
Subject: |
Re: AUTH= !*, what to do... |
|
Date: |
Tue, 30 Oct 2001 00:58:13 -0500 |
|
User-agent: |
Mutt/1.3.16i |
Bonjour!
The world's slowest programmer is back for a few days, before returning
to Montreal for another weekend...
The attached patch does (a), from below, for the anonymous SASL mechanism.
Notice I split the authentication states out. It should be a tiny bit
easier to implement more AUTHENTICATE types. It still PREAUTHs (though
I don't have a preauthed server to test against).
I am guessing that there needs to be a state between every call that
could return EWOULDBLOCK if the socket was non-blocking, but I'd like
confirmation that I am using the IMAP macros correctly, and I am doing
the aproximately correct thing before committing.
Try with:
imap://;address@hidden/archive.info-cyrus
It has +11,000 messages! Anybody need a stress test?
$ ./mbox-check 'imap://;address@hidden/archive.info-cyrus'
g1 SELECT archive.info-cyrus
g1 OK [READ-ONLY] Completed
g2 CLOSE
g2 OK Completed
count 11008 messages in <imap://;address@hidden/archive.info-cyrus>
Sam
Quoting Sam Roberts <address@hidden>, who wrote:
> I don't like the idea of making a network connection before the mailbox has
> been opened, and I don't think it's necessary.
>
> How about, in mailbox_create():
>
> If no auth mechanism is supplied in the URL, create a LOGIN auth mechanism
> (the one we currently have, this would be sensible and backwards compatible).
>
> If an AUTH= was supplied in the URL, that's the one the person wants, if we
> support it, create it, if we don't, return an error.
>
> Next, in mailbox_open():
>
> We make a network connection, the server responds with (from 3.4 of rfc2060):
>
> (3) BYE -> close the connection
> (2) PREAUTH -> move to authenticated state, bypassing any authentication,
> even if the URL had one specified.
> (1) OK -> in this case we are supposed to authenticate.
>
> We have two options:
>
> a - attempt to use the auth mechanism we created (if it's not supported,
> authentication will fail). If the mailbox is an anonymous mailbox,
> then the auth mechanism auth=anonymous MUST have been specified for
> authentication to work.
> b - issue CAPABILITY, if the server supports auth=anonymous, authenticate
> using it, bypassing "real" authentication. Otherwise, try (a). We
> could see if the auth mechanism we are about to try is supported, but
> I don't see the point.
>
> Future enhancement, have AUTH=* register ALL implemented mechanisms, then try
--
Sam Roberts <address@hidden> (Vivez sans temps mort!)
_diff
Description: Text document
- Re: AUTH= !*, what to do...,
Sam Roberts <=