diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2020-01-01 15:19:52 +0000 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2020-01-01 15:27:41 +0000 |
| commit | 2b615f22d0ce78ba28a6d758d6a2a5c8cb33e10a (patch) | |
| tree | e0cdb22708021987c8a3e1333f6ed8fded72b014 /doc | |
| parent | 0299eb6ae2f923bd2a4ba8f82fc06e615b99c177 (diff) | |
GSASL: provide $autnN for scram option expansions
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/doc-docbook/spec.xfpt | 22 | ||||
| -rw-r--r-- | doc/doc-txt/ChangeLog | 3 |
2 files changed, 20 insertions, 5 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 560b72066..4d02bdc32 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -27544,16 +27544,28 @@ This specifies the SASL realm that the server claims to be in. Some mechanisms will use this data. -.option server_scram_iter gsasl string&!! unset +.option server_scram_iter gsasl string&!! 4096 This option provides data for the SCRAM family of mechanisms. -&$auth1$& is not available at evaluation time. -(This may change, as we receive feedback on use) +.new +The &$auth1$&, &$auth2$& and &$auth3$& variables are available for expansion. + +The result of expansion should be a decimal number, +and represents both a lower-bound on the security, and +a compute cost factor imposed on the client +(if it does not cache results, or the server changes +either the iteration count or the salt). +A minimum value of 4096 is required by the standards +for all current CRAM mechanism variants. +.wen .option server_scram_salt gsasl string&!! unset This option provides data for the SCRAM family of mechanisms. -&$auth1$& is not available at evaluation time. -(This may change, as we receive feedback on use) +.new +The &$auth1$&, &$auth2$& and &$auth3$& variables are available for expansion. +If unset or empty after expansion the library will provides a value for the +protocol conversation. +.wen .option server_service gsasl string &`smtp`& diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 491ff5208..e1e1e3bf0 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -74,6 +74,9 @@ JH/17 Logging: when the deliver_time selector ise set, include the DT= field on delivery deferred (==) and failed (**) lines (if a delivery was attemtped). Previously it was only on completion (=>) lines. +JH/18 Authentication: the gsasl driver not provides the $authN variables in time + for the expansion of the server_scram_iter and server_scram_salt options. + Exim version 4.93 ----------------- |