|
I am having trouble authenticating to sivtest but can authenticate to Imtest.
I am running NetBSD packages: cyrus-sasl-2.1.26nb4 Simple Authentication and Security Layer
cyrus-imapd-2.4.17nb10 Cyrus IMAP server cy2-login-2.1.22 Cyrus SASL LOGIN authentication plugin cy2-plain-2.1.26 Cyrus SASL PLAIN authentication plugin my /usr/pkg/etc/imapd.conf currently looks like:
===== imapd.conf ====
# $NetBSD: imapd.conf,v 1.5 2005/03/02 21:42:48 wiz Exp $ # # Cyrus IMAP server configuration file. Refer to imapd.conf(5) for # more options.
configdirectory: /var/imap partition-default: /var/spool/imap #sieveusehomedir: true hashimapspool: false sievedir: /usr/pkg/sieve sieve_maxscriptsize: 32 sieve_maxscripts: 5
admins: cyrus johnh
# Use the saslauthd daemon to verify plaintext passwords. Please ensure that # the saslauthd daemon is running before trying to authenticate. # #sasl_mech_list: PLAIN sasl_pwcheck_method: auxprop sasl_auxprop_plugin: sasldb allowanonymouslogin: no # aparently changed in 2.4 # aparently changed in 2.4 allowplaintext: yes
# The server certificate and key files must be specified for the # server to repond to IMAPS or POP3S requests. See imapd.conf(5) for # a complete listing of tls_* options. # tls_ca_file: /var/imap/server.pem tls_cert_file: /var/imap/server.pem
tls_key_file: /var/imap/server.pem ===== end imapd.conf ======
I am trying to use sasldb which is located in /usr/pkg/etc/sasldb.db
Here is what I am seeing when I run imtest and sivtest ==== sieve.log === Script started on Sat Jun 27 07:54:38 2015 ESC[?1034hbash-3.2$ imtest -a linda -u linda localhost S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=LOGIN AUTH=PLAIN SASL-IR] haywardfamily.org Cyrus IMAP v2.4.17 server ready^M C: A01 AUTHENTICATE LOGIN^M S: + VXNlcm5hbWU6^M Please enter your password: C: bGluZGE=^M S: + UGFzc3dvcmQ6^M C: MnphcHB5^M S: A01 OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH SORT SORT=MODSEQ SORT=DISPLAY THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE LIST-EXTENDED WITHIN QRESYNC SCAN XLIST URLAUTH URLAUTH=BINARY LOGINDISABLED COMPRESS=DEFLATE IDLE] Success (no protection) SESSIONID=<haywardfamily.org-4536-1435409698-1>^M Authenticated. Security strength factor: 0 ^CC: Q01 LOGOUT^M Connection closed. bash-3.2$ sivtest -a linda -u linda localhost S: "IMPLEMENTATION" "Cyrus timsieved v2.4.17"^M
S: "SASL" "LOGIN PLAIN"^M S: "SIEVE" "comparator-i;ascii-numeric fileinto reject vacation imapflags notify envelope relational regex subaddress copy"^M
S: "STARTTLS"^M
S: "UNAUTHENTICATE"^M
S: OK^M
C: AUTHENTICATE "LOGIN"^M
S: {12}^M
S: VXNlcm5hbWU6^M
Please enter your password:
C: {8+}^M
C: bGluZGE=^M
S: {12}^M
S: UGFzc3dvcmQ6^M
C: {8+}^M
C: MnphcHB5^M
S: NO "Authentication Error"^M
Authentication failed. generic failure
Security strength factor: 0
^CC: LOGOUT^M
Connection closed.
bash-3.2$ exit
exit
Script done on Sat Jun 27 07:55:49 2015
==== end of sieve.log ===
Any suggestions on how to resolve this issue?
Some additional questions:
1) if one is trying to use sasldb with sasl_auxprop_plugin then saslauthd is out of the picture - I have it running but don't think it needs to be involved.
2) There appears to be both login and plain mechanisms - on imtest I can specify either and they both authenticate - which one should I be focused on?
TIA
johnh...
|
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
