Hi all, 

On my webserver, I have saslauthd running. It has a Unix domain socket
under the path name /var/run/saslauthd/mux. 

Here is a quick and dirty password authentication using Unix domain
sockets. This requires the new TXR 134, of course. 

Firstly, why would you want to do this? It lets you validate a password
without having special privileges. Passwords hashes are in a shadow file
that you can't read if you aren't root. But you can ask the SASL daemon
to check a password even if you aren't root. 

 (defun put-binary-str (str stream)
 (let ((len (length str)))
 (put-byte (trunc len 256) stream)
 (put-byte (mod len 256) stream)
 (put-string str stream)))

 (defun sasl-auth (user pass)
 (let ((sock (open-socket af-unix sock-stream)))
 (sock-connect sock (new sockaddr-un path "/var/run/saslauthd/mux"))
 (put-binary-str user sock)
 (put-binary-str pass sock)
 (put-binary-str "" sock)
 (put-binary-str "" sock)
 (let ((response (get-string sock)))
 (equal [response 2..4] "OK")))) 

The sasl-auth function returns t or nil based on whether the
authentication was successful. 

The protocol consists of strings, which are encoded as a 16 bit length
(big endian a.k.a. "network byte order") followed by the data.
Obviously, the above code is broken for non-ASCII characters, since
(length str) doesn't give us the UTF-8 encoded length.