What are the valid values of ldap_mech ?

[williamdes]

While creating https://github.com/tomav/docker-mailserver/pull/1708 I could not figure out what are the ldap_mech valid values. Except some that can be found on the net:

• DIGEST-MD5
• GSSAPI
• OTP
• EXTERNAL
• CRAM-MD5
• NTLM
• LOGIN
• PLAIN

https://github.com/cyrusimap/cyrus-sasl/blob/eeb935a9198172aede242c77b0e0dafe9312db10/lib/staticopen.h

Your documentation is quite empty for this option: https://github.com/cyrusimap/cyrus-sasl/blob/e41cfb986c1b1935770de554872247453fdbb079/docsrc/sasl/pwcheck.rst

And man pages are not better, I blame nobody but I want to have the valid values list and some details is possible.

Seems to have a list here: https://ldapwiki.com/wiki/SASL%20Mechanisms

Just found the command here to get the server let us know it's values:

$ ldapsearch -ZZ -x -H ldap://ldap.example.com -b "" -LLL -s base supportedSASLMechanisms
dn:
supportedSASLMechanisms: SCRAM-SHA-1
supportedSASLMechanisms: SCRAM-SHA-256
supportedSASLMechanisms: GS2-IAKERB
supportedSASLMechanisms: GS2-KRB5
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: GSS-SPNEGO
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: OTP
supportedSASLMechanisms: NTLM
supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: PLAIN
supportedSASLMechanisms: LOGIN

[williamdes]

SASL supported password schemes seem to be defined here: https://github.com/cyrusimap/cyrus-sasl/blob/9b914e1d25d6414a2e4ef4c41a0a4ba27f20e79b/saslauthd/lak.c#L128-L136

This is in sync with my testing, any other value does not work

[quanah]

closed via #737