[SIP Beyond VoIP] Sylkserver - authentication against an IMAP server

[Adrian Georgescu]

Thank you for the patch. We will evaluate it.

Regards,
Adrian
 

> On 7 Apr 2020, at 11:40, Valentin Kleibel <valentin at vrvis.at> wrote:
> 
> Hi,
> 
> Thanks for your comments on the code. We've done some work based on them.
> 
>> Unless you have a modified client like yours, this server add-on is kind of useless because it only works for you. We do not want to always send the password in clear text over the web socket, as you require. So if you build a client to use IMAP and you can as well build the server and maintain it yourself.
> 
> We totally agree that sending the plaintext password over ws is a inferior solution if you use sip. unfortunately, to implement any other authentication without even more changes, we need this. therefore we create a configurable client and sylkrtc.js which by default sends ha1 but can be changed to send plain passwords. see patches sylkrtc-ha1-conditional.patch and  sylk-webrtc-ha1-conditional.patch.
> Those don't change the default code path and can be used independently of each other if you want to send ha1.
> 
>> Regarding the patch itself, it is blocking. If the IMAP server is not responding, the whole application is stuck. You should figure out an async way todo the IMAP authentication so that is non-blocking.  If you do this, we may add this functionality to the main server code with some comments about where. To download the modified client.
> 
> We have also written a patch for a non-blocking imap authentication.
> The authentication itself is in a separate auth.py which also facilitates to implement other authentication methods.
> 
> What is your opinion on this approach?
> 
> Regards,
> Valentin
> <sylkrtc-ha1-conditional.patch><sylk-webrtc-ha1-conditional.patch><sylkserver-auth-imap-async.patch>