saslauthd and perdition
István Király
LaKing at D250.hu
Thu Jul 3 19:58:12 EDT 2014
Hello List(s), ...
When using saslauthd for authentication with a remote imap server, in this
case perdition IMAP4, there seems to be a compatibility issue.
After LOGIN, perdition is sending the CAPABILITY tag before the OK.
saslauthd expects an OK, but receives the CAPABILITY first and then closes
the connection.
saslauthd[8454] :do_auth : auth failure: [user=x at test.d250.hu]
[service=imap] [realm=]
[mech=rimap] [reason=[ALERT] Unexpected response from remote authentication
server]
I was able to alter the last lines of auth_rimap.c, and hack this out, but
this should be implemented properly.
I assume, perdition behaves standard compliant within the IMAP4 protocol,
however it could send the combined "a OK [CAPABILITY ... ]" as dovecot
does. Is there a technical reason for the two separate messages? I was not
able to manipulate this behavior with configuration arguments.
saslauthd on the other hand could read the CAPABILITY tag, skip it, and
process the next tag to read an OK, and then close the connection, with the
Unexpected response error eventually.
I'm not sure which is the more standard compliant approach, but if my
assumption is correct, auth_rimap.c should be modified for increased
compatibility.
I already wrote to the perdition mailing list and to the cyrus-devel
mailing list, but no one responded so far. It would be important for me to
get this issue fixed, as my system requires this setup. I can workaround
with compiling the modified saslauthd, but it would be much better to have
it built-in.
Could anyone assist me with this?
Thank you, ...
Greetings,
--
Király István
+36 209 753 758
LaKing at D250.hu
<http://d250.hu>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20140704/d346b073/attachment.html
More information about the Cyrus-sasl
mailing list