|
Hello,
Adding your "hack" it works! Now I can login: =====imapd.conf======== imap cmd="imapd -p 256" listen="imap" ==================== #imtest -m plain 192.168.65.130 -a test-adm S: * OK IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=PLAIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE S: C01 OK Completed Please enter your password: C: A01 AUTHENTICATE PLAIN AGN5cnVzAGN5cnVzMDE= S: A01 OK Success (no protection) Authenticated. Security strength factor: 0 Thanks a lot! Regards. Manel Gimeno Zaragoza magiza83@xxxxxxxxxxx > Date: Mon, 13 Feb 2012 14:32:21 -0600 > From: dwhite@xxxxxxx > To: magiza83@xxxxxxxxxxx > CC: info-cyrus@xxxxxxxxxxxxxxxxxxxx; awilliam@xxxxxxxxxxxxx > Subject: Re: Allow PLAIN login cyrus 2.2.12 > > On 02/13/12 17:22 +0100, Manel Gimeno Zaragozá wrote: > > > >Hello, > > > >I've execute testsaslauthd as cyrus user a it's OK > > > >[root log]# su - cyrus > >[cyrus1 ~]$ /usr/sbin/testsaslauthd -u test-adm -p password > >0: OK "Success." > > > >On the other hand, I've done some test and I've execute imtest getting the following: > > > ># imtest -m plain 192.168.65.130 -a cyrus > >S: * OK Datadec-Online Cyrus IMAP4 v2.2.12-Invoca-RPM-2.2.12-19 server ready > >C: C01 CAPABILITY > >S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS > >NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND > >BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE > >LISTEXT LIST-SUBSCRIBED X-NETSCAPE > >S: C01 OK Completed > >C: A01 AUTHENTICATE PLAIN > >S: A01 NO encryption needed to use mechanism > >Authentication failed. generic failure > >Security strength factor: 0 > >. login test-adm password > >. OK User logged in > >C: Q01 LOGOUT > >Connection closed. > > > > > >=========log============== > > > >Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: telling master 2 > > > >Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: accepted connection > > > >Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: telling master 3 > > > >Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 pid 29801 in READY state: now unavailable and in BUSY state > > > >Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 now has 1 ready workers > > > >Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 pid 29801 in BUSY state: now serving connection > > > >Feb 13 17:16:02 srv-vln-pre1 master[24579]: service imap1 now has 1 ready workers > > > >*Feb 13 17:16:02 srv-vln-pre1 imap1[29801]: badlogin: > >xmlfrwk.pre.datadec-online.com [192.168.65.130] PLAIN [SASL(-16): > >encryption needed to use mechanism: security flags do not match > >required] > > > >*Feb 13 17:16:11 srv-vln-pre1 imap1[29801]: login: > >xmlfrwk.pre.datadec-online.com [192.168.65.130] test-adm plaintext User > >logged in > > > >========================== > > > > > > > >As you can see on the first try I get "badlogin" but when I try ". login > >test-adm password" I'm able to log in. > > In the first case you are authenticating using SASL PLAIN, with user > 'cyrus', and in the second case you are authenticating using the > login/pass with user 'test-adm', which is an apples to oranges > comparison. > > It would be better to use 'imtest -m login -a cyrus <ip>' (which should perform > login/pass authentication) and compare that to 'imtest -m login -a > test-adm <ip>', and then compare the two with '-m plain'. > > 'encryption needed to use mechanism: security flags do not match required' > seems to indicate that you need to specify: > > sasl_minimum_layer: 0 > > but you said you already tried that. A hack to get this to work would be to > tell imapd that it's operating under an external security layer. In > /etc/cyrus.conf, you could modify your imapd line(s) to include '-p 256', > e.g.: > > imap cmd="imapd -p 256" listen="imap" > > See the manpage for imapd(8). > > -- > Dan White |
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
