Re: mupdatetest works, but the deamons cant connect

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

i compared both logins, and the x64 machine doesnt offer anything when
i dont use a certificate.
also when I log in, the autocreate mailbox says cant "connect" to the
mupdate server, but tcpdump shows me a connection on the right port,
and when I change the listen="mupdate" to something silly, it says it
cant "find" the mupdate server at all
here are my imtests

works not
---
 imtest  backend-A1 -a cyrus-backend -w backend -m PLAIN

S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED]
backend-A1.bla1.mailcluster Cyrus IMAP4 (Murder)
v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED ACL RIGHTS=kxte
QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH
S: C01 OK Completed
C: A01 AUTHENTICATE PLAIN
S: A01 NO mechanism too weak for this user
Authentication failed. generic failure
Security strength factor: 0


works:
--
imtest  backend-A1 -a cyrus-backend -w backend -m PLAIN -t
/etc/pki/cyrus-imapd/server.pem

S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED]
backend-A1.bla1.mailcluster Cyrus IMAP4 (Murder)
v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED ACL RIGHTS=kxte
QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH
S: C01 OK Completed
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now
verify error:num=18:self signed certificate
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ AUTH=PLAIN SASL-IR ACL RIGHTS=kxte
QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH
S: C01 OK Completed
C: A01 AUTHENTICATE PLAIN AGN5cnVzLWJhY2tlbmQAYmFja2VuZA==
S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ LOGINDISABLED ACL RIGHTS=kxte QUOTA
MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN
MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (tls protection)
Authenticated.
Security strength factor: 256


works on old machine
--
 imtest backend -u ralf@xxxxxxxxxx -a ralf@xxxxxxxxxx -m PLAIN -w ralf

S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdate.test.local/ STARTTLS AUTH=PLAIN SASL-IR]
backend.test.local Cyrus IMAP4 (Murder) v2.3.9-Fedora-RPM-2.3.9-7.fc8
server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdate.test.local/ STARTTLS AUTH=PLAIN SASL-IR ACL
RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME
UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE
CONDSTORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH
S: C01 OK Completed
C: A01 AUTHENTICATE PLAIN cmFsZkBibHViLmxvY2FsAHJhbGZAYmx1Yi5sb2NhbAByYWxm
S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdate.test.local/ LOGINDISABLED ACL RIGHTS=kxte
QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (no protection)
Authenticated.
Security strength factor: 0

On Mon, Feb 4, 2008 at 9:23 AM, rupert <rupertt@xxxxxxxxx> wrote:
> Hello,
>  i transfered my murder from some x86 VM machine to some real x64
>  machines, and I cant get the frontend/backend and mupdate servers to
>  talk to each others.
>  imtest only works with the -t option. I use pam and a mysql DB with
>  hashed paswords.
>  Local testsaslauth works and also i can do a mupdatest with the same
>  parameters as in the imapd.conf.
>
>  on the frontend I have these messages repeating,
>
>  08:21:00 frontend-A1 mupdate[5198]: couldn't connect to mupdate server
>  Feb  4 08:21:00 frontend-A1 mupdate[5198]: retrying connection to
>  mupdate server in 25 seconds
>  Feb  4 08:21:12 frontend-A1 mupdate[5196]: couldn't authenticate to
>  backend server: no mechanism available
>
>  also I can find this line
>
>  frontend-A1 saslauthd[1617]: pam_unix_acct(imap:account): could not
>  identify user (from getpwnam(albert@xxxxxxxxxx))
>
>  looks like pam tries to look for a local user?
>
>  Since I am using as mech only PLAIN, how can I force the deamons to
>  use TLS to talk to each other?
>
>
>  cheers
>
>  rupertt
>

thx ()
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux