Re: SASL configuration from a string?

[Gordon Sim <gs...@redhat.com>]

On 12/09/16 21:43, Alan Conway wrote:
> It looks like Proton requires SASL configuration to come from a named
> file.

I believe that requirement comes from cyrus-sasl, rather than proton itself.

> This is bad, because it assumes
> a) there is a file system and
> b) the proton app deployer can modify it.
>
> I was thinking about adding
>
>   pn_sasl_config_string(pn_sasl_t*, const char*)
>
> So the application can get the config from wherever it pleases or
> construct it programatically without assuming a filesystem. Does that
> make sense?

Unless cyrus sasl allows you do specify config in a string, doing this 
would require some other SASL implementation.

> What about the SASL database?
>
> Or am I barking up the wrong tree and SASL is just not intended to be
> usable in non-filesystem environments?

I don't think SASL itself cares one way or the other. Implementations of 
it may make assumptions though (e.g. cyrus-sasl). However if anyone 
needs to use SASL in an environment with no filesystem, they can always 
provide an implementation tailored for that environment. My view is to 
wait until someone actually has an actual need for it (and then 
presumably also some concrete requirements for how it should work).

At present I believe proton requires ssl certificates to be specified as 
files also.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org