Testing authentincation / SASL + MySQL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello list, I am trying to use MySQL as an authentication backend for SASL

I am folowing directions from The Book of Postfix but I am stack in authentication testing.

Can somebody help me with it please?



Errors:

MySQL query log:
---------------

1033 Connect     Access denied for user: 'postfix@localhost' (Using password: YES)

/var/log/auth: I understand that this is a fallback mecganisms
--------------

Apr 26 22:38:36 ced lt-server: sql_select option missing
Apr 26 22:38:36 ced lt-server: auxpropfunc error no mechanism available
Apr 26 22:38:36 ced lt-server: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

Apr 26 22:32:55 ced lt-server: unable to open Berkeley db /etc/sasldb2: No such file or directory
Apr 26 22:32:55 ced lt-server: unable to open Berkeley db /etc/sasldb2: No such file or directory
Apr 26 22:32:55 ced lt-server: Password verification failed



Details:


ls /usr/local/lib/sasl2 -> seems that I could compile SASL w/ MySQL support?
-----------------------

libanonymous.la         libcrammd5.so.2.0.21     liblogin.so.2       libsasldb.la         libsql.so.2
libanonymous.so         libdigestmd5.la         liblogin.so.2.0.21  libsasldb.so         libsql.so.2.0.19
libanonymous.so.2       libdigestmd5.so         libplain.la         libsasldb.so.2       libsql.so.2.0.21
libanonymous.so.2.0.21  libdigestmd5.so.2       libplain.so         libsasldb.so.2.0.19
libcrammd5.la           libdigestmd5.so.2.0.21  libplain.so.2       libsasldb.so.2.0.21
libcrammd5.so           liblogin.la             libplain.so.2.0.19   libsql.la
libcrammd5.so.2         liblogin.so             libplain.so.2.0.21  libsql.so


/usr/lib/sasl2/smtp.conf & sample.conf
--------------------------------------

# Global parameter
log_level: 3

# Password verification service
pwcheck_method: auxprop

# SMTP AUTH mechanisms
mech_list: PLAIN LOGIN CRAM_MD5

# auxiliary plugin parameters -> mysql password backend
auxprop_plugin: sql
sql_engine: mysql
sql_hostname: localhost
sql_database: smtpauthdb
sql_user: postfix
sql_passwd:
sql_select: SELECT %p FROM users WHERE username = '%u' AND userrealm = '%r' and auth = '1'
sql_usessl: no

server / client output
---------------------

# sh server -s rcmd -p 8000
trying 10, 1, 6
socket: Address family not supported by protocol
trying 2, 1, 6
accepted new connection
send: {41}
ANONYMOUS LOGIN DIGEST-MD5 CRAM-MD5 PLAIN
recv: {5}
PLAIN
recv: {1}
Y
recv: {18}
test[0]test[0]testpass
starting SASL negotiation: user not foundclosing connection

# sh client -s rcmd -p 8000 -m PLAIN 127.0.0.1
receiving capability list... recv: {41}
ANONYMOUS LOGIN DIGEST-MD5 CRAM-MD5 PLAIN
ANONYMOUS LOGIN DIGEST-MD5 CRAM-MD5 PLAIN
please enter an authentication id: test
please enter an authorization id: test
Password:
send: {5}
PLAIN
send: {1}
Y
send: {18}
test[0]test[0]testpass
authentication failed
closing connection

Compile options
---------------

  export CPPFLAGS="-I/usr/include/mysql" &&

  ./configure \
   --prefix=/usr/local/sasl2 \
  --enable-sample \
  --enable-shared=yes \
  --enable-fast-install=yes \
  --disable-static \
  --disable-cmulocal \
  --disable-java \
  --disable-alwaystrue \
  --disable-libtool-lock \
  --disable-staticdlopen \
  --disable-checkapop \
  --enable-cram \
  --enable-plain \
  --enable-login \
  --disable-anon \
  --disable-digest \
  --disable-krb4 \
  --disable-gssapi \
  --disable-ntlm \
  --disable-otp \
  --disable-srp \
  --disable-srp-setpass \
  --enable-sql \
  --with-mysql \
  --with-plugindir=/usr/local/lib/sasl2 \
  --with-des=yes \
  --with-rc4 \
  --with-openssl=/usr/bin/openssl \
  --without-pam \
  --without-dbpath \
  --without-dblib \
  --without-bdb-libdir \
  --without-bdb-incdir \
  --without-pwcheck \
  --without-dmalloc \
  --without-sfio \
  --without-opie \
  --without-ldap \
  --without-javabase \
  --without-gdbm \
  --without-gnu-ld \
  --without-purecov \
  --without-purify \
  --without-authdaemon \
  --with-saslauthd=no \
  --without-ipctype   &&


[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux