Cyrus IMAP4 v2.1.18 no login via SSL

Lars Hanke lars at
Sat May 21 18:59:03 EDT 2005

Hi there,

I tracked the issue down into the source code of imapd. Actually, its 
SASL or something even further downstream, which hangs. sasl_checkpass() 
in cmd_login() simply does not return (put syslogs immediately before 
and after) in case the correct password is supplied and I connected to 
imapd using imaps.

changed the if around line 1917 in imapd.c

syslog(LOG_NOTICE, "attempting SASL pwd for %s with %s", canon_user, 
r = 
syslog(LOG_NOTICE, "SASL returned %d for %d", r, SASL_OK);

interestingly the first syslog is exactly the same, no matter if I do

telnet mail imap or openssl s_client -connect mail:imaps,

but in the first case it returns well, in the latter it does only 
return, if the password is wrong. Otherwise, it hangs in running state 
eating lots of CPU time (99%).

SASL uses the ldapdb backend to retrieve the password using ldaps. Is 
there anything prohibiting two simultaneous SSL connections for a single 
process? Can somebody with deeper SASL understanding give me some hint?

 - lars.

More information about the Info-cyrus mailing list