Description: ------------ Hi, the applied patch allows SASL proxy authentication with SMTP, i.e when configured correctly the calling application can use one identity (with its own password) to act on behalf of another identity. This is quite useful when SMTP authentication is required but the calling app does only konw the users identity but does not know the users password. Not all SMTP server support SASL proxy authentication though - "postfix" for example requires a patch to make this work (I made one which I willing to share ...) This patch also re-orders the priorities between the "PLAIN" and "LOGIN" mecahnisms: the "PLAIN" mecahnism supports proxy authentication while "LOGIN" does not (and was an afterthought to SASL after all).

Added patch smtp-proxy-auth.patch.

Thanks for the patch Andreas - you mention it works with 5.1+ to perform certain functionality; I don't suppose you'd bake in a functionality/version test to raise a PEAR Error or fail gracefully if < PHP 5.1

I did not use any constructs that was not already present in the module before, although I'm not much of a PHP programmer so frankly I'm not exactly qualified to determine which versions are required. There might be a version dependency on the SASL modules though.

This looks like a nice additional. Could you please expand you patch to include a documentation update and a unit test?

This bug has been fixed in SVN. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better.

Patch hasn't been applied fully. _authDigest_MD5() lacks this change: @@ -614,7 +614,7 @@ $challenge = base64_decode($this->_arguments[0]); $digest = &Auth_SASL::factory('digestmd5'); $auth_str = base64_encode($digest->getResponse($uid, $pwd, $challenge, - $this->host, "smtp")); + $this->host, "smtp", $authz)); if (PEAR::isError($error = $this->_put($auth_str))) { return $error;

This bug has been fixed in SVN. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better.