After a lack of replies on this list a few days ago, when I asked about
this, I've gone off and written a SASL server AUTH implementation for Exim.
Unlike with some SASL drivers, it doesn't present everything it knows about
at once, exim's architecture means that this is impossible without a large
code change. What it does instead is to compare the mechanism against the
public_name of the authenticator (though there is, of course, a way to
override this).
So, if you want to support GSSAPI (no, don't ask me *why* you might want to
do this):
| begin authenticators
|
| sasl_gssapi:
| driver = sasl
| public_name = GSSAPI
| server_advertise_condition = yes
| server_set_id = $1
And there you have it, authenticating against SASL with GSSAPI.
I have not written any client code, because client SASL is significantly
less fun, and I don't directly need it.
This patch is somewhat of a work in progress, and shouldn't (yet) be used
in production. I do think it works, though I could be wrong. But if you
want to test it, and send me bug reports, please feel free to do so.
It can be downloaded from:
http://colon.colondot.net/~mbm/ald-stuff/exim.sasl.patch
with an md5sum of:
0da93f4ebec6eb32a63d88d59e4c5f81 exim.sasl.patch
Share and Enjoy
MBM
--
Matthew Byng-Maddick <mbm@???> http://colondot.net/
