Re: [Exim] restricting AUTH Plain/Login to TLS connectionsy

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M\MPhilip Hazel at <-
MMNico Erfurth at ->
Delete this message
Reply to this message
Author: Torsten Luettgert
Date:  
To: exim-users
Subject: Re: [Exim] restricting AUTH Plain/Login to TLS connectionsy
On Wed, 2003-01-08 at 12:56, Philip Hazel via COM.BOX TEMA wrote:
> On Wed, 8 Jan 2003, Nico Erfurth wrote:
>
> > Why?
> > IMHO, you need to loop through the authenticators anyway, to find the
> > requested authenticator, so checking the condition again and skipping if
> > it yields false shouldn't be a problem (around line 1793 in my version
> > of smtp_in.c). But I could be wrong, I just had a quick look ;)
>
> OK, you may be right. I *didn't* have a quick look. :-)

Is he really? I didn't look at the code either, but having
different authenticators announced depending on TLS/no TLS
(which was the original requested functionality) requires
an expansion of the argument, right?

And is it good to have it evaluated twice, once for the
announcement and once for checking again if the AUTH should
be accepted?
Perhaps I'm paranoid, but having two (possibly quite complicated)
expansions and expecting the same result doesn't seem right to me -
what if the results differ due to DNS/LDAP outage or whatever?

- Torsten



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] restricting AUTH Plain/Login to TLS connectionsyRe: [Exim] restricting AUTH Plain/Login to TLS connectionsy->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)