| Subject: | Authen::SASL may load older incompatible plugin |
1. The system has older plugin (specifically Authen::SASL::Cyrus)
installed.
2. Newer Authen::SASL is installed in different directory, but newer Authen::SASL::Cyrus cannot be installed (e.g. because the system lack
needed developer tools / library to compile the binary).
3. When using the newer Authen::SASL, it will load the older Authen::SASL::Cyrus, which may incompatible (fail to established
connection).
This is exacerbated by the fact that in client_new (and server_new)
method, creating connection is not inside an eval block.
This specifically an issue in a shared hosting environment, where the
specific hosting owner have no permission to remove / replace the Authen::SASL::Cyrus installed in the system and provided developer tools
/ library probably limited.
Suggestion:
1. Authen::SASL should match the version of each plugin to latest
version known to be compatible,
or
Authen::SASL should only load the plugin from known directory, i.e. the
one installed with that Authen::SASL (probably Module::Pluggable can
help here - with a plus that future plugin can be added without changing Authen::SASL).
2. client_new (and server_new) method should do connection creation
inside an eval block