I am having trouble authenticating to sivtest but can authenticate to Imtest.
I am running NetBSD packages:
cyrus-sasl-2.1.26nb4 Simple Authentication and Security Layer
cyrus-imapd-2.4.17nb10 Cyrus IMAP server
cy2-login-2.1.22 Cyrus SASL LOGIN authentication plugin
cy2-plain-2.1.26 Cyrus SASL PLAIN authentication plugin
my /usr/pkg/etc/imapd.conf currently looks like:
===== imapd.conf ====
# $NetBSD: imapd.conf,v 1.5 2005/03/02 21:42:48 wiz Exp $
#
# Cyrus IMAP server configuration file. Refer to imapd.conf(5) for
# more options.
configdirectory: /var/imap
partition-default: /var/spool/imap
#sieveusehomedir: true
hashimapspool: false
sievedir: /usr/pkg/sieve
sieve_maxscriptsize: 32
sieve_maxscripts: 5
admins: cyrus johnh
# Use the saslauthd daemon to verify plaintext passwords. Please ensure that
# the saslauthd daemon is running before trying to authenticate.
#
#sasl_mech_list: PLAIN
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sasldb
allowanonymouslogin: no
# aparently changed in 2.4
# aparently changed in 2.4
allowplaintext: yes
# The server certificate and key files must be specified for the
# server to repond to IMAPS or POP3S requests. See imapd.conf(5) for
# a complete listing of tls_* options.
#
tls_ca_file: /var/imap/server.pem
tls_cert_file: /var/imap/server.pem
tls_key_file: /var/imap/server.pem
===== end imapd.conf ======
I am trying to use sasldb which is located in /usr/pkg/etc/sasldb.db
Here is what I am seeing when I run imtest and sivtest
==== sieve.log ===
Script started on Sat Jun 27 07:54:38 2015
ESC[?1034hbash-3.2$ imtest -a linda -u linda localhost
S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=LOGIN AUTH=PLAIN
SASL-IR] haywardfamily.org Cyrus IMAP v2.4.17 server ready^M
C: A01 AUTHENTICATE LOGIN^M
S: + VXNlcm5hbWU6^M
Please enter your password:
C: bGluZGE=^M
S: + UGFzc3dvcmQ6^M
C: MnphcHB5^M
S: A01 OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxte QUOTA
MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN
MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH SORT SORT=MODSEQ SORT=DISPLAY
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE LIST-EXTENDED WITHIN
QRESYNC SCAN XLIST URLAUTH URLAUTH=BINARY LOGINDISABLED COMPRESS=DEFLATE IDLE]
Success (no protection) SESSIONID=<haywardfamily.org-4536-1435409698-1>^M
Authenticated.
Security strength factor: 0
^CC: Q01 LOGOUT^M
Connection closed.
bash-3.2$ sivtest -a linda -u linda localhost
S: "IMPLEMENTATION" "Cyrus timsieved v2.4.17"^M
S: "SASL" "LOGIN PLAIN"^M
S: "SIEVE" "comparator-i;ascii-numeric fileinto reject vacation imapflags
notify envelope relational regex subaddress copy"^M
S: "STARTTLS"^M
S: "UNAUTHENTICATE"^M
S: OK^M
C: AUTHENTICATE "LOGIN"^M
S: {12}^M
S: VXNlcm5hbWU6^M
Please enter your password:
C: {8+}^M
C: bGluZGE=^M
S: {12}^M
S: UGFzc3dvcmQ6^M
C: {8+}^M
C: MnphcHB5^M
S: NO "Authentication Error"^M
Authentication failed. generic failure
Security strength factor: 0
^CC: LOGOUT^M
Connection closed.
bash-3.2$ exit
exit
Script done on Sat Jun 27 07:55:49 2015
==== end of sieve.log ===
Any suggestions on how to resolve this issue?
Some additional questions:
1) if one is trying to use sasldb with sasl_auxprop_plugin then saslauthd is
out of the picture - I have it running but don't think it needs to be involved.
2) There appears to be both login and plain mechanisms - on imtest I can
specify either and they both authenticate - which one should I be focused on?
TIA
johnh...
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
