Linux cpanel.rrshost.in 5.15.0-25-generic #25-Ubuntu SMP Wed Mar 30 15:54:22 UTC 2022 x86_64
Apache
: 109.123.238.221 | : 172.69.6.95
128 Domain
8.2.28
aev999
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
usr /
share /
perl5 /
Authen /
SASL /
[ HOME SHELL ]
Name
Size
Permission
Action
Perl
[ DIR ]
drwxr-xr-x
CRAM_MD5.pm
352
B
-rw-r--r--
EXTERNAL.pm
352
B
-rw-r--r--
Perl.pm
7.7
KB
-rw-r--r--
Perl.pod
4.09
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : Perl.pod
# Copyright (c) 2004 Peter Marschall <peter@adpm.de>. All rights reserved. # This program is free software; you can redistribute it and/or # modify it under the same terms as Perl itself. =head1 NAME Authen::SASL::Perl -- Perl implementation of the SASL Authentication framework =head1 SYNOPSIS use Authen::SASL qw(Perl); $sasl = Authen::SASL->new( mechanism => 'CRAM-MD5 PLAIN ANONYMOUS', callback => { user => $user, pass => \&fetch_password } ); =head1 DESCRIPTION B<Authen::SASL::Perl> is the pure Perl implementation of SASL mechanisms in the B<Authen::SASL> framework. At the time of this writing it provides the client part implementation for the following SASL mechanisms: =over 4 =item ANONYMOUS The Anonymous SASL Mechanism as defined in RFC 2245 resp. in IETF Draft draft-ietf-sasl-anon-03.txt from February 2004 provides a method to anonymously access internet services. Since it does no authentication it does not need to send any confidential information such as passwords in plain text over the network. =item CRAM-MD5 The CRAM-MD5 SASL Mechanism as defined in RFC2195 resp. in IETF Draft draft-ietf-sasl-crammd5-XX.txt offers a simple challenge-response authentication mechanism. Since it is a challenge-response authentication mechanism no passwords are transferred in clear-text over the wire. Due to the simplicity of the protocol CRAM-MD5 is susceptible to replay and dictionary attacks, so DIGEST-MD5 should be used in preferrence. =item DIGEST-MD5 The DIGEST-MD5 SASL Mechanism as defined in RFC 2831 resp. in IETF Draft draft-ietf-sasl-rfc2831bis-XX.txt offers the HTTP Digest Access Authentication as SASL mechanism. Like CRAM-MD5 it is a challenge-response authentication method that does not send plain text passwords over the network. Compared to CRAM-MD5, DIGEST-MD5 prevents chosen plaintext attacks, and permits the use of third party authentication servers, so that it is recommended to use DIGEST-MD5 instead of CRAM-MD5 when possible. =item EXTERNAL The EXTERNAL SASL mechanism as defined in RFC 2222 allows the use of external authentication systems as SASL mechanisms. =item GSSAPI The GSSAPI SASL mechanism as defined in RFC 2222 resp. IETF Draft draft-ietf-sasl-gssapi-XX.txt allows using the Generic Security Service Application Program Interface [GSSAPI] KERBEROS V5 as as SASL mechanism. Although GSSAPI is a general mechanism for authentication it is almost exlusively used for Kerberos 5. =item LOGIN The LOGIN SASL Mechanism as defined in IETF Draft draft-murchison-sasl-login-XX.txt allows the combination of username and clear-text password to be used in a SASL mechanism. It does does not provide a security layer and sends the credentials in clear over the wire. Thus this mechanism should not be used without adequate security protection. =item PLAIN The Plain SASL Mechanism as defined in RFC 2595 resp. IETF Draft draft-ietf-sasl-plain-XX.txt is another SASL mechanism that allows username and clear-text password combinations in SASL environments. Like LOGIN it sends the credentials in clear over the network and should not be used without sufficient security protection. =back As for server support, only I<PLAIN>, I<LOGIN> and I<DIGEST-MD5> are supported at the time of this writing. C<server_new> OPTIONS is a hashref that is only relevant for I<DIGEST-MD5> for now and it supports the following options: =over 4 =item - no_integrity =item - no_confidentiality =back which configures how the security layers are negotiated with the client (or rather imposed to the client). =head1 SEE ALSO L<Authen::SASL>, L<Authen::SASL::Perl::ANONYMOUS>, L<Authen::SASL::Perl::CRAM_MD5>, L<Authen::SASL::Perl::DIGEST_MD5>, L<Authen::SASL::Perl::EXTERNAL>, L<Authen::SASL::Perl::GSSAPI>, L<Authen::SASL::Perl::LOGIN>, L<Authen::SASL::Perl::PLAIN> =head1 AUTHOR Peter Marschall <peter@adpm.de> Please report any bugs, or post any suggestions, to the perl-ldap mailing list <perl-ldap@perl.org> =head1 COPYRIGHT Copyright (c) 2004-2006 Peter Marschall. All rights reserved. This document is distributed, and may be redistributed, under the same terms as Perl itself. =cut
Close
