Cyrus-sasl Digest, Vol 53, Issue 5

Dan White dwhite at olp.net
Thu Dec 17 00:04:36 EST 2009


On 16/12/09 21:08 +0100, John Morrison wrote:
>Thanks for helping out.
>
>When I remove the libldapdb.so from the plugin directory these errors
>go. Strange, do I need LDAP compiled in sals in order for me use LDAP
>authentication or? 
>
>./configure --prefix=/usr/local --enable-login --enable-ldapdb
>--with-ldap=/opt/csw --with-openssl=/opt/csw --disable-gssapi
>--disable-cram --disable-digest --disable-anon --disable-otp
>
>
>Maybe ldapdb is not what I need when compiling!  :)

If you're using saslauthd exclusively to authenticate, then ldapdb is
unnecessary, even if you're using an LDAP configuration from within
saslauthd.

You may also see the errors go away by specifying:

sasl_auxprop_plugin: sasldb
in imapd.conf

and

auxprop_plugin: sasldb
in your postfix smtpd.conf.

Either way, just removing the ldapdb shared library or removing it from
your compile options is the most straight forward way to side step the
errors.

>Date: Fri, 4 Dec 2009 10:26:29 -0600
>From: Dan White <dwhite at olp.net>
>Subject: Re: errors in log but all is working fine
>To: John Morrison <jcm at sics.se>
>Cc: cyrus-sasl at lists.andrew.cmu.edu
>Message-ID: <20091204162629.GF4783 at dan.olp.net>
>Content-Type: text/plain; charset=iso-8859-1; format=flowed
>
>On 04/12/09?13:21?+0100, John Morrison wrote:
>>Hello,
>>
>>Anybody recognise these errors?
>>
>>Dec  4 12:43:35 host.domain.x imaps[4253]: [ID 702911 auth.error]
>>auxpropfunc error invalid parameter supplied
>>Dec  4 12:43:45 host.domain.x postfix/smtpd[4259]: [ID 702911
>>auth.error] auxpropfunc error invalid parameter supplied
>>
>>conf files:
>>
>>/usr/local/lib/sasl2/smtpd.conf:
>>
>>pwcheck_method: saslauthd
>>
>>/etc/imapd.conf:
>>
>>sasl_mech_list: LOGIN PLAIN
>>sasl_pwcheck_method: saslauthd
>>
>>/etc/sasl/saslauthd.conf:
>>
>>ldap_servers: ldap://ldapxxxx
>>ldap_version: 3
>>ldap_timeout: 10
>>ldap_time_limit: 10
>>ldap_cache_ttl: 30
>>ldap_cache_mem: 32768
>>ldap_scope: sub
>>ldap_search_base: xxxx
>>ldap_auth_method: bind
>>ldap_bind_dn: xxxx
>>ldap_password: xxxx
>>ldap_filter: mail=%u
>
>That error occurs in only one place that I can find (in lib/auxprop.c):
>
>/* add an auxiliary property plugin */
>int sasl_auxprop_add_plugin(const char *plugname,
>                 sasl_auxprop_init_t *auxpropfunc)
>{
>     int result, out_version;
>     auxprop_plug_list_t *new_item;
>     sasl_auxprop_plug_t *plug;
>
>     result = auxpropfunc(sasl_global_utils, SASL_AUXPROP_PLUG_VERSION,
>              &out_version, &plug, plugname);
>
>     if(result != SASL_OK) {
>     _sasl_log(NULL, SASL_LOG_ERR, "auxpropfunc error %s\n",
>           sasl_errstring(result, NULL, NULL));
>     return result;
>     }
>...
>
>
>Most likely there is an error in initializing one (of possibly serveral) of
>your auxprop plugins, such as sasldb, ldapdb or sql.
>
>See which auxprop plugins you have installed. If you have an unused auxprop
>plugin, you can either specify the parameter that it is looking for (in
>smtpd.conf and imapd.conf), or just remove/disable it.
>
>It does not appear, according to the config above, that imapd is making use
>of an auxprop plugin. Your SMTP server may be, since you have not
>restricted your mech list to "LOGIN PLAIN" (such as for DIGEST-MD5 logins).
>
>pluginviewer/saslpluginviewer should help you trouble shoot.
>'doc/options.html' within the sasl source documents what options are
>available.

-- 
Dan White


More information about the Cyrus-sasl mailing list