jabber + sasl/gssapi (was: [Gaim-commits] CVS: gaim/src/protocols/jabber auth.c, 1.42, 1.43)
Simon Wilkinson
simon at sxw.org.uk
Wed Oct 24 17:06:31 EDT 2007
>
> I'm not at all familiar with this but hopefully that clears things up
> for you ... :)
That's fine - that's the way I thought I'd left it! Sorry, I though
that was a (moderately) new patch - the [gaim-commits] and CVS should
have given it away, I guess.
Basically, we don't use a SASL security layer when we've got a SSL
secured link. This isn't entirely ideal (as it fails to bind the SASL
authentication to the underlying transport encryption), but avoids
the problems of chaining the SASL and SSL encryption layers together.
Cheers,
Simon
More information about the Devel
mailing list