rc41 and sasl

Carter Bullard carter at qosient.com
Tue Mar 13 19:00:00 EDT 2007 

Hey Mike,
Well, if sasl2 has something that would be nice, like kerberos support,
or hooks into some sort of DCE style enterprise authentication/ 
authoriization
framework, then I can do the port.  I can recommend we do it after the
argus-3.0 release?

One of the things I'ld like to do, is to do user specific filtering,  
so that if
'carter' connects, argus/radium will only give 'carter' the types of  
records
that 'carter' is allowed to have, i.e. records that relate only to  
'carter's
PC.  If sasl2 provides this type of support, then lets do it!!!!

Carter


On Mar 13, 2007, at 6:54 PM, Michael Hornung wrote:

> It sounds like there is no problem and I should use SASLv1, which I  
> will
> do!  Thanks.
>
> -Mike
>
> On Tue, 13 Mar 2007 at 18:45, Carter Bullard wrote:
>
> |Hey Mike,
> |So sasl1 is readily available, so is there a problem?
> |Because no one is complaining, I've not worried about
> |it, and so  its pretty low on the priority list.  Does sasl2 do
> |anything any different?
> |
> |Carter
> |
> |
> |On Mar 13, 2007, at 5:43 PM, Michael Hornung wrote:
> |
> |> Thanks Chris.  I note now that in the INSTALL file it lists  
> SASLv1 only.
> |> Do people not use it ("it" meaning SASL support in Argus) these  
> days
> |> because there is a different safe and reliable way to protect  
> data from a
> |> probe to a concentrator?  I don't like the thought of sending  
> this data in
> |> the clear on a user network, and for my current needs that is  
> the network
> |> I'm using.  Otherwise for the time being I will install and use  
> SASLv1
> |> instead!
> |>
> |> Thanks!
> |>
> |> -Mike
> |>
> |> On Tue, 13 Mar 2007 at 21:33, Christoph Badura wrote:
> |>
> |> |On Tue, Mar 13, 2007 at 09:25:23AM -0700, Michael Hornung wrote:
> |> |> and they put headers in /usr/include/sasl/ and the library is
> |> |> libsasl2.a.  The rc41 client and server configuration does  
> not allow one
> |> |> to specify "/usr/include/sasl/" as the includedir since it  
> appends
> |> |> "include" to whatever you supply with "--with-sasl".  And the  
> test for
> |> |> libsasl does not look for -lsasl2!
> |> |
> |> |my understanding is that argus expects to build against SASL1  
> not SASL2.
> |> |You would need to convert it to the SASL2 conventions.  Losing  
> SASL1
> |> |support along that way shouldn't hurt much. I get the  
> impression that
> |> |nobody uses it these days.
> |>
> |
>

More information about the argus mailing list