From 9306fa497983088359c6f1f6b8c4658bf0ec2b99 Mon Sep 17 00:00:00 2001 From: Matthew Wild Date: Tue, 24 Jul 2012 10:56:47 +0100 Subject: mod_auth_cyrus, util.sasl_cyrus: Add new option 'cyrus_server_fqdn' to override the hostname passed to Cyrus (and used in e.g. GSSAPI/Kerberos) - fixes #295 --- util/sasl_cyrus.lua | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'util/sasl_cyrus.lua') diff --git a/util/sasl_cyrus.lua b/util/sasl_cyrus.lua index 002118fd..19684587 100644 --- a/util/sasl_cyrus.lua +++ b/util/sasl_cyrus.lua @@ -78,11 +78,15 @@ local function init(service_name) end -- create a new SASL object which can be used to authenticate clients -function new(realm, service_name, app_name) +-- host_fqdn may be nil in which case gethostname() gives the value. +-- For GSSAPI, this determines the hostname in the service ticket (after +-- reverse DNS canonicalization, only if [libdefaults] rdns = true which +-- is the default). +function new(realm, service_name, app_name, host_fqdn) init(app_name or service_name); - local st, ret = pcall(cyrussasl.server_new, service_name, nil, realm, nil, nil) + local st, ret = pcall(cyrussasl.server_new, service_name, host_fqdn, realm, nil, nil) if not st then log("error", "Creating SASL server connection failed: %s", ret); return nil; -- cgit v1.2.3