[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] post now asking for a password, even when it doesn't h

From: Ken Hornstein
Subject: Re: [Nmh-workers] post now asking for a password, even when it doesn't have to
Date: Tue, 15 Apr 2014 09:44:11 -0400

>> It turns out even though I tested this, I wasn't actually using some of
>> the backend programs until now ... like post.  D'oh!
>> Anyway, I discovered that now post(8) is always asking me for a username
>> and password ... even when it doesn't need to (my sasl mechanism doesn't
>> require them).
>I didn't expect that:  I thought that a username and password were
>always required here.

I suppose unless you had experience with different SASL mechanisms, this
wouldn't be obvious.  If SASL needs a password, it will ask for it via
the callback mechanism.  If it doesn't, then it won't.

Username is a bit more complicated; SASL doesn't technically require it
either for all mechanisms, and there's the the difference between the
UserName, and the AuthName ... technically the mechanism can provide it's
own UserName, but the AuthName is optional.

>If that argument is changed to "1", it breaks Valdis's use case.

Right, but that makes post behave differently than the othe rprograms.

>I think that the nmh_get_credentials() call needs to move back
>to sm_get_pass().  We might want to do that with inc and msgchk,

Hm.  Let me meditate on this a bit; we might have to do something slightly
more complicated.

>> But I guess I don't understand why post now behaves differently than inc
>> and msgchk, which are also sasl-aware programs.  Can someone fill me in
>> here?
>My read of the code was that post did behave differently than
>inc and msgchk.  See commit 52a236230220, the diffs of the inc.c

I understand that, but historically it did not.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]