Bug#292906: exim4-daemon-heavy: Compiled without cyrus_sasl authenticator

RISKO Gergely RISKO Gergely <risko@risko.hu>, 292906@bugs.debian.org
Sun, 06 Feb 2005 21:24:52 +0100 

Andreas Metzler <ametzler@downhill.at.eu.org> writes:

> Hello,
> Well, -heavy links against libldap2 and libldap2 links against libsasl2.
> I am not sure, but I guess Gergely is right and linking exim4 directly
> against libsasl2 would not bring additional performance/memory
> penalties. (_If_ libldap2 will continue to link against libsasl2.)
>
> I think 30s of the ldap's maintainers' time on IRC would clear this up
> for sure.

I think, it will, since ldap's only real strong authentication
mechanism is sasl per rfc.

However, it will compile a new authenticator, so little disk space
will be wasted, but it is not really a waste, since sasl
authentication is _really useful_.  With it, you can do smtp auth
_cleanly_ (sasl's way) on a sasl based system (for example a common
setup with cyrus-imapd).  I think it is not a minority request and
arrives now only, because it wasn't available in upstream, until now.

It is certainly more important in a *unix* system, than strange
microsoft authentication mechanism (SPA) which compiled in in heavy
builds.

>> Anyway, we need to postpone that bug until 4.44 has arrived in sarge
>> as I don't think it would be a good idea to reset our counter for this.
>
>> In the absence of testing-proposed-updates, I wouldn't dare to compile
>> cyrus-sasl into the exim4 packages without the release team's approval.
>
> Agreed on both counts.
>             cu andreas

Agreed on both, but please ask them this way:
"What a fantastic will be, if we can include cyrus-sasl auth in exim4
with sarge?"
and not this way:
"Do we really need this cyrus-sasl thing in exim4 with sarge or we can
postpone it?".

Easy integratibility with other software components in the main system
(cyrus-sasl and cyrus-imap is in the main) will be a big point in
Sarge's quality.  And keep in mind, that if we won't do it now, we
won't do it for another two-three years (the next stable release).
In two years the smtp auth systems will probably get a lot wider
acceptance in the world (because of spam, spf, domainkeys, whatever).

Thanks for your help anyway,
Gergely