Problem authenticating with pop3proxyd
Etienne Goyer
etienne.goyer at linuxquebec.com
Fri Mar 7 16:21:16 EST 2003
Hi again,
I have been reading the source code of pop3proxyd this aftrenoon looking
for the cause of my problem. I noticed the following in the function
proxy_authenticate() of pop3proxyd.c (around line 1222) :
---
/* we now do the actual SASL exchange */
r = sasl_client_start(backend_saslconn,
config_getstring(buf, "KERBEROS_V4"),
NULL, &out, &outlen, &mechusing);
if ((r != SASL_OK) && (r != SASL_CONTINUE)) {
return r;
}
---
If I understand correctly, pop3proxyd will only attempt KERBEROS_V4 to
authenticate to the backend. Is that correct ?
Thanks in advance for your answer !
On Fri, Mar 07, 2003 at 02:00:02PM -0500, Etienne Goyer wrote:
> Hi,
>
> I have another problem with my Murder setup. So far, I have it working
> fine with a frontend, a backend and an MUPDATE server on separate
> machine for IMAP. All my server are configured to authenticate via
> saslauthd, which in turn is authenticating to LDAP. Here is the
> imapd.conf on the frontend :
>
> ---
> configdirectory: /var/imap
> partition-default: /var/spool/imap
> admins: cyrus
> sasl_mech_list: PLAIN
> sasl_pwcheck_method: saslauthd
>
> # Murder stuff
> imap1_password: **************
> proxy_authname: murder
> mupdate_server: ldap1
> mupdate_username: cyrus
> mupdate_authname: cyrus
> mupdate_password: ***********
> ---
>
> Here is the saslauthd.conf on the frontend :
>
> ---
> ldap_servers: ldap://ldap1.test.com/
> ldap_bind_dn: cn=Manager,dc=test,dc=com
> ldap_bind_pw: *********************
> ldap_search_base: ou=people,dc=test,dc=com
> ---
>
> With an account that work correctly using IMAP (with Mozilla Mail and
> imtest), I have the following result :
>
> ---
> [root at www1 root]# telnet localhost 110
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> +OK www1.test.com Cyrus POP3 Murder v2.1.12 server ready <3885135747.1047062922 at www1.test.com>
> user egoyer
> +OK Name is a valid mailbox
> pass ********
> -ERR Authentication to backend server failed
> Connection closed by foreign host.
> ---
>
> In auth.log on the frontend, I have the following :
>
> ---
> Mar 7 13:48:50 www1 pop3d[19251]: No worthy mechs found
> ---
>
> Beside the reason why I get this error and what I could do about it, I
> would be curious to know how pop3proxyd operate. Is it :
>
> 1. Client open POP connection on frontend, frontend validate by whichever
> mean it is configured for (in my case, saslauthd), open an IMAP
> connection on the backend, translate POP <-> IMAP to satisfy client
> command.
>
> OR
>
> 2. Client open POP connection on frontend, get client credentials, open
> POP session on the backend using these credentials and just forward POP
> command/response from client to server and vice-versa.
>
> Thanks for your answer !
>
>
> --
> Etienne Goyer Linux Québec Technologies Inc.
> http://www.LinuxQuebec.com etienne.goyer at linuxquebec.com
> PGP Pub Key: http://www.LinuxQuebec.com/pubkeys/eg.key
> Fingerprint: F569 0394 098A FC70 B572 5D20 3129 3D86 8FD5 C853
--
Etienne Goyer Linux Québec Technologies Inc.
http://www.LinuxQuebec.com etienne.goyer at linuxquebec.com
PGP Pub Key: http://www.LinuxQuebec.com/pubkeys/eg.key
Fingerprint: F569 0394 098A FC70 B572 5D20 3129 3D86 8FD5 C853
More information about the Info-cyrus
mailing list