Not seing SASL auth metchanisms from sieve

Albert Chin info-cyrus at lists.thewrittenword.com
Tue Feb 24 18:00:47 EST 2004 

On Tue, Feb 24, 2004 at 04:40:41PM -0600, Albert Chin wrote:
> On Tue, Feb 24, 2004 at 05:25:38PM -0500, Igor Brezac wrote:
> > 
> > On Tue, 24 Feb 2004, Albert Chin wrote:
> > 
> > > On Tue, Feb 24, 2004 at 01:49:39PM -0600, Albert Chin wrote:
> > > >
> > > > BTW, imapd doesn't display the auth mechanisms either:
> > > > $ telnet [host] imap
> > > > a001 CAPABILITY
> > > > * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> > > > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
> > > > BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE
> > > > IDLE
> > >
> > > Ok, I looked at the sieve_get_handle() function in
> > > perl/sieve/managesieve/managesieve.xs. It errors out if no SASL auth
> > > mechanisms are displayed:
> > >   mechlist=read_capability(obj);
> > >   if(!mechlist) {
> > >         globalerr = "sasl mech list empty";
> > >         XSRETURN_UNDEF;
> > >   }
> > >
> > > So, that's definitely my problem. Anyone with ideas as to why I don't
> > > see any auth mechanisms displayed? Should I query the cyrus-sasl
> > > mailing list?
> > >
> > 
> > You must be using plaintext mechs (plain, login).  These mechs will show
> > only when you protect the transport (use tls).  It looks like you did not
> > configure tls.
> 
> True (I'm using PAM via saslauthd). So, with the following in
> imapd.conf and TLS, I should get some auth mechanisms displayed?
>   sasl_mech_list: PLAIN
>   sasl_pwcheck_method: saslauthd

Ok, I configured TLS and then did:
  $ openssl
  OpenSSL> s_client -host [host] -port 993
  ... SSL stuff ...
  a01 capability
  * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
  NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
  BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE
  IDLE

No SASL auth stuff though. Also, I cannot:

My imapd.conf:
  allowallsubscribe: false
  allowanonymouslogin: false
  allowapop: false
  allownewnews: false
  allowplaintext: true
  allowusermoves: false
  configdirectory: [path]
  defaultpartition: default
  duplicate_db: berkeley-nosync
  idlesocket: [path]
  lmtpsocket: [path]
  notifysocket: [path]
  partition-default: [path]
  postmaster: postmaster
  sasl_mech_list: PLAIN
  sasl_pwcheck_method: saslauthd
  sendmail: [path]
  sievedir: /ext/data/mail/.sieve
  unix_group_enable: true
  unixhierarchysep: false
  tls_ca_file: [path]
  tls_cert_file: [path]
  tls_key_file: [path]

-- 
albert chin (china at thewrittenword.com)
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list