SASL 2.1.24 RC1 - no mechanism available: security flags do not match required
Rosenbaum, Larry M.
rosenbaumlm at ornl.gov
Wed Sep 16 14:09:38 EDT 2009
I get the following when I try to run cyradm:
ornl71# cyradm localhost --tls
Password: (I enter the password here)
IMAP Password: (I shouldn't get this prompt)
The log file shows the following entries:
Sep 16 11:43:55 ornl71 imap[7466]: [ID 921384 local6.debug] accepted connection
Sep 16 11:43:55 ornl71 imap[7466]: [ID 286863 local6.notice] imapd:Loading hard-coded DH parameters
Sep 16 11:43:55 ornl71 imap[7466]: [ID 277171 local6.error] TLS server engine: No CA file specified. Client side certs may not work
Sep 16 11:43:55 ornl71 imap[7466]: [ID 574029 local6.debug] SSL_accept() incomplete -> wait
Sep 16 11:43:56 ornl71 imap[7466]: [ID 867439 local6.debug] SSL_accept() succeeded -> done
Sep 16 11:43:56 ornl71 imap[7466]: [ID 379946 local6.notice] starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication
Sep 16 11:44:02 ornl71 imap[7466]: [ID 824502 local6.notice] badlogin: localhost [127.0.0.1] PLAIN [SASL(-4): no mechanism available: security flags do not match required]
This doesn't happen with v2.1.22.
When I connect with Thunderbird, the log files also show that it takes two login attempts, although Thunderbird only prompts me once.
Sep 16 14:07:01 ornl71 imap[7600]: [ID 379946 local6.notice] starttls: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits new) no authentication
Sep 16 14:07:05 ornl71 imap[7600]: [ID 824502 local6.notice] badlogin: rosenbaumlm42.ornl.gov [160.91.217.127] plain [SASL(-4): no mechanism available: security flags do not match required]
Sep 16 14:07:08 ornl71 imap[7600]: [ID 277583 local6.notice] login: rosenbaumlm42.ornl.gov [160.91.217.127] lmr plaintext+TLS User logged in
name : Cyrus IMAPD
version : v2.3.15 2009/09/09 12:35:48
vendor : Project Cyrus
support-url: http://cyrusimap.web.cmu.edu
os : SunOS
os-version : 5.9
environment: Built w/Cyrus SASL 2.1.24
Running w/Cyrus SASL 2.1.24
Built w/Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
Running w/Sleepycat Software: Berkeley DB 4.2.52: (December 3, 2003)
Built w/OpenSSL 0.9.8j 07 Jan 2009
Running w/OpenSSL 0.9.8j 07 Jan 2009
Built w/zlib 1.2.3
Running w/zlib 1.2.3
CMU Sieve 2.3
mmap = shared
lock = fcntl
nonblock = fcntl
idle = idled
I built Cyrus-SASL with the following config:
CC=gcc ./configure \
--disable-cram \
--disable-digest \
--disable-otp \
--disable-krb4 \
--disable-gssapi \
--disable-anon \
--enable-plain \
--with-dblib=none \
--with-openssl=/usr/local/ssl \
--with-saslauthd=/var/saslauthd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20090916/829ded43/attachment.html
More information about the Cyrus-sasl
mailing list