Re: Can't authorize as different user in cyradm and sieveshell

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dan,

 

You nailed it. Mere presence of sasldb plugin makes it work.

The code doesn't look kosher to me though.

 

In sasl_server_new() there's a line:

serverconn->sparams->canon_user = &_sasl_canon_user_lookup;

 

which unconditionally set canon_user callback to the function that performs both

canonicalization and auxprop lookup. In case there's no auxprop plugins it

results in SASL_NOMECH.

 

I guess it should check whether auxprop plugins are available in the system and either

set it to _sasl_canon_user_lookup() or _sasl_canon_user().

 

Anyway installing sasldb plugin is easy enough workaround.

 

Thanks everybody,

 

Michael

 

 

On Monday, November 21, 2016 04:36:01 PM Dan White wrote:

> In the absence of an [sasl_]auxprop_plugins statement, all plugins will be

> queried. For example, running pluginviewer (or saslpluginviewer on debian)

> should typically list sasldb if it's installed on your system.

>

> The canon_user plugins and auxprop plugins are coded within the same code,

> and so are tied together somewhat, although I haven't dug into the code to

> explain the error Michael is experiencing.

>

> Michael,

>

> I'd suggest installing the sasldb auxprop to see if that clears up the

> issue. That may not even require a configuration change.

>

> On 11/21/16 13:43 -0800, Andrew Morgan via Info-cyrus wrote:

> >I'm using Debian packages for sasl. Here is what libsasl2-modules

> >includes:

> >

> >/usr/lib/x86_64-linux-gnu/sasl2/libplain.so.2.0.25

> >/usr/lib/x86_64-linux-gnu/sasl2/libcrammd5.so.2.0.25

> >/usr/lib/x86_64-linux-gnu/sasl2/libdigestmd5.so.2.0.25

> >/usr/lib/x86_64-linux-gnu/sasl2/liblogin.so.2.0.25

> >/usr/lib/x86_64-linux-gnu/sasl2/libanonymous.so.2.0.25

> >/usr/lib/x86_64-linux-gnu/sasl2/libntlm.so.2.0.25

> >

> >But in my imapd.conf, I'm not specifying an auxprop plugins:

> >

> ># grep sasl /etc/imapd.conf

> >sasl_mech_list: PLAIN

> >sasl_minimum_layer: 0

> >#sasl_maximum_layer: 256

> >sasl_pwcheck_method: saslauthd

> >

> >Since we are using saslauthd, we don't use auxprop plugins, I think...

> >

> > Andy

> >

> >On Mon, 21 Nov 2016, Michael Ulitskiy wrote:

> >

> >>I'm trying to read the code and it seems that it tries to lookup authorization id

> >>in auxprop plugin. since I don't have any auxprop plugins that returns SASL_NOMECH and results

> >>in the error I'm seeing.

> >>

> >>By any chance do you have any auxprop plugin defined?

>

>

----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux