Re: [Exim] restricting AUTH Plain/Login to TLS connectionsy

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Torsten Luettgert
Date:  
À: exim-users
Sujet: Re: [Exim] restricting AUTH Plain/Login to TLS connectionsy
On Wed, 2003-01-08 at 12:56, Philip Hazel via COM.BOX TEMA wrote:
> On Wed, 8 Jan 2003, Nico Erfurth wrote:
>
> > Why?
> > IMHO, you need to loop through the authenticators anyway, to find the
> > requested authenticator, so checking the condition again and skipping if
> > it yields false shouldn't be a problem (around line 1793 in my version
> > of smtp_in.c). But I could be wrong, I just had a quick look ;)
>
> OK, you may be right. I *didn't* have a quick look. :-)


Is he really? I didn't look at the code either, but having
different authenticators announced depending on TLS/no TLS
(which was the original requested functionality) requires
an expansion of the argument, right?

And is it good to have it evaluated twice, once for the
announcement and once for checking again if the AUTH should
be accepted?
Perhaps I'm paranoid, but having two (possibly quite complicated)
expansions and expecting the same result doesn't seem right to me -
what if the results differ due to DNS/LDAP outage or whatever?

- Torsten