Re: [vchkpw] Re: 5.4.15 onchange patch

Mon, 03 Apr 2006 14:14:39 -0700 

On 2006-04-03, at 1609, Robin Bowes wrote:


This is how I've implemented a plugin for qpsmtpd that auths against
vpopmaild.

It's extremely easy:

# create socket

my $vpopmaild_socket = IO::Socket::INET->new(PeerAddr =>  
vpopmaild_host,
                                             PeerPort =>  
vpopmaild_port,

                                             Proto    => "tcp",
                                             Type     => SOCK_STREAM)
    or return (DECLINED);



right here, you should read a line of input from the server and make  
sure it matches /^\+OK/. otherwise...



# send login details
print $vpopmaild_socket "login $user $passClear\n\r";

# get response from server
my $login_response = <$vpopmaild_socket>;



this read, being the first read since the client connects, will  
return the "+OK" line that the server sends when you first connect to  
the service, rather than the "+OK" or "-ERR" response from your  
"login" command.



you should also wait for the command to end (if the response was "+OK 
+", read lines until you see one which matches /^\.$/), then send  
"quit\n", then wait for the "+OK" response. otherwise you are writing  
sloppy code which doesn't follow the protocol, which only encourages  
others to do the same.




Of course, qpsmtpd is written in perl so this sort of thing *is*  
pretty

easy!


i love perl. if i ever meet larry wall, i owe him a beer.


the "auth.cdb" idea is a lot easier to write, and to me it makes more
sense. however, the idea of using vpopmaild for this purpose is also
intriguing from a programming standpoint (i.e. CAN i write this code,
how can i make a single version of qmail-smtpd which can handle all
three AUTH schemes- fork/exec vchkpw, auth.cdb, and vpopmaild.)


You really should check out qpsmtpd. It can handle several auth types
easily.



if it were for my own server, sure... but i'm releasing patches for  
people using qmail-smtpd. if i were to suddenly switch to qpsmtpd it  
would be like abandoning everybody else who is using my qmail  
patches, including all of my clients.



besides, qmail-smtpd is compiled, where qpsmtpd is interpreted and  
requires the perl runtime and a bunch of libraries. i tend to think  
in terms of mail servers which may be handling literally hundreds of  
SMTP requests per second.


--------------------------------------------------
| John M. Simpson - KG4ZOW - Programmer At Large |
| http://www.jms1.net/           <[EMAIL PROTECTED]> |
--------------------------------------------------
| Mac OS X proves that it's easier to make UNIX  |
| pretty than it is to make Windows secure.      |
--------------------------------------------------





Attachment:
PGP.sig

Description: This is a digitally signed message part





























					Reply via email to