Problems getting Cyrus Imapd to with with SASL (PostgreSQL engine) ***SOLVED***

[Jesper K. Pedersen]

On Mon, 11 Apr 2005 21:50:14 +0200
"Jesper K. Pedersen" <jkp at solnet-data.dk> wrote:

> I have been wanting to upgrade our small mail server to use a
> PostgreSQL database to authenticate users.
> 
> As the server needed a full overhaul I have installed a test server
> with Slackware 10.1
> Downloaded Cyrus SASL 2.1.20, Cyrus IMAPD 2.2.12
> 
> I already have my postgres server running without a problem.
> 
> I also have SASL compiled for supporting the PostgreSQL database via
> the auxprop, and finally also have compiled Imapd and have it all
> running.
> 
> I have created a couple of test users in the sql database with
> cleartext passwords.
> 
> I am not able to successfully run the imtest:
> An example run:
> Command: imtest -s -a mailman at solnet localhost
> Result:
> verify error:num=18:self signed certificate
> TLS connection established: TLSv1 with cipher AES256-SHA (256/256
> bits) S: * OK vega Cyrus IMAP4 v2.2.12 server ready
> C: C01 CAPABILITY
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
> BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
> AUTH=PLAIN SASL-IR S: C01 OK Completed
> Please enter your password: 
> C: A01 AUTHENTICATE PLAIN AG1haWxtYW5Ac29sbmV0AGFkbWluMjAwNQ==
> S: A01 NO authentication failure
> Authentication failed. generic failure
> Security strength factor: 256
> C: Q01 LOGOUT
> Connection closed.
> 
> 
> My imapd log says the following (please note I made my own self
> signing SSL certificate so I could test using TLS/SSL):
> ------------------------
> Apr 11 21:32:59 vega imaps[5666]: starttls: TLSv1 with cipher
> AES256-SHA
> 	(256/256 bits new) no authentication 
> Apr 11 21:33:02 vega imaps[5666]: Password verification failed
> Apr 11 21:33:02 vega imaps[5666]: badlogin: localhost [127.0.0.1]
> PLAIN
> 	[SASL(-13): authentication failure: Password verification
> 	failed]
> ------------------------
> 

<CUT>

After a few hard days work debugging my setup I found the problem:

Basically it was a database field issue. Of course I had forgotten when
I created my original database it was a fixed width character field (
char(50) ) containing passwords.
This ment that results read from the password field was also 50
characters wide nomatter the size of the data inserted.

After modifying my database table to having a password entry being a
varchar(50) type it ran without a problem.

Does anyone know if anyone have written a small general "HOWTO" for SASL
with the PostgreSQL database? (if not I may try to write down my
experience with it setting it up)


Best regards,
Jesper K. Pedersen
--
Carpe Aptenodytes!

PS. Yes - laughing IS allowed!

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html