Hi,
when i use a cyrus saslauthd:
pwcheck_method: saslauthd
mech_list: plain login
saslauthd_path: /var/run/kokolores/mux
And the saslauthd is not running.
Then the socket /var/run/kokolores/mux does not exist and postfix
returns
535 5.7.8 Error: authentication failed: generic failure
Shouldn't postfix return a temporary error in this case?
In xsasl_cyrus_server.c:
switch (sasl_status) {
case SASL_TRYAGAIN:
case SASL_UNAVAIL:
return XSASL_AUTH_TEMP;
default:
return (XSASL_AUTH_FAIL);
}
In sasl.h:
#define SASL_FAIL -1 /* generic failure */
Could this one be added to the AUTH_TEMP case?
Maybe there are a few more error in sasl.h which indicate
service-side problems and should be handled with a temporary error.
#define SASL_NOMEM -2 /* memory shortage failure */
#define SASL_BUFOVER -3 /* overflowed buffer */
Markus
--
https://markusbenning.de/
