develooper Front page | perl.ldap | Postings from August 2006

Suggestions regarding Authen-SASL & libnet

Thread Next
From:
Jürgen Herz
Date:
August 28, 2006 10:11
Subject:
Suggestions regarding Authen-SASL & libnet
Message ID:
44F31FCC.9000109@jherz.redirectme.net
Hi,

using an program that incorporates the above libs, I experienced some
problems with them.

The program uses Authen-SASL 2.03 which seems "a bit old", but all in
all I still think the changes would also do 2.10 good.

1. Net::POP3
In auth () I don't like
  my $mechanisms = $capa->{SASL} || 'CRAM-MD5';
If a server doesn't contain a SASL line I guess that has a reason. So
I'd not pretend he's wrong and still try CRAM-MD5.
Writing
  my $mechanisms = $capa->{SASL};
  return () unless $mechanisms;
instead would still work the same for users but save the try.

2. Authen::SASL::Perl
In 2.03 there was no DIGEST-MD5 and no GSSAPI, so Authen just exited
badly if the server only supported one of thos, which is fatal. Though
by supporting more algorithms the problem is mitigated in newer
versions, I'd still like seeing it not to croak.

What about replacing
  or croak "No SASL mechanism found\n";
by
  or return ();               #No SASL mechanism found
in client_new ()?

auth () in Net::POP3 would need a
  return () unless $client;
added between
  my $client = $sasl->client_new('pop3',${*$self}{'net_pop3_host'},0);
and
  my $str    = $client->client_start;
and I guess
also initial () in Authen::SASL needs to get adjusted.

But that would prevent some program using the lib to get terminated.

Regards,
Jürgen

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About