does xfer require murder?

Perry Brown vbperry at hotmail.com
Thu Apr 20 14:56:55 EDT 2006 


>
>Perry Brown wrote:
>>Thanks for the imtest idea.
>>
>>It looks like I can log in OK.
>>
>>
>>server1.sub1% /opt/mail/cyrus-imapd/bin/imtest -m login -p imap 
>>server2.sub2.domain.com
>
>Force imtest to use one of the SASL mechanisms that are listed.  The 
>backends *only* use SASL, not protocol specific login commands (IMAP LOGIN, 
>POP3 USER/PASS, NNTP AUTHINFO USER/PASS).
>

I'm sorry I got my dounce cap on today or something.

Should I change the -m login to -m and one of the AUTH= values from the 
CAPABILITY output?
ie  -m GSSAPI? or digest-md5 etc...


I gave this a try with GSSAPI, and got nothing.

digest-md5,

server1.sub1% /opt/mail/cyrus-imapd/bin/imtest -m digest-md5
WARNING: no hostname supplied, assuming localhost

S: * OK server1.sub1.domain.com Cyrus IMAP4 v2.2.8 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS 
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY 
SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=GSSAPI 
AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
C: A01 AUTHENTICATE DIGEST-MD5
S:
wkrnfjknf (etc list of characters)
Please enter your password: (I enter passwd for cyrus)
C: dXNlcm5h (another long list of characters)
S: A01 NO user not found
Authentication failed. generic failure
Security strength factor: 128


This is what I see in local6.log on server1.sub1

Apr 20 11:04:32 server1 imap[17729]: accepted connection
Apr 20 11:04:38 server1 imap[17729]: badlogin: localhost.localdomain 
[127.0.0.1] DIGEST-MD5 [SASL(-13): user not found: no secret in database]

This is in the auth.log
Apr 20 11:06:26 server1 imap[15971]: unable to open Berkeley db 
/etc/sasldb2: No such file or directory
Apr 20 11:06:26 server1 imap[15971]: unable to open Berkeley db 
/etc/sasldb2: No such file or directory
Apr 20 11:06:26 server1 imap[15971]: no secret in database



cram-md5 got me pretty much the same thing.

Is there a cyrus or sasl command I should/can run to get the auth for 
digest-md5 working?


Perry



>
>>S: * OK server2.sub2.domain.com Cyrus IMAP4 v2.2.8 server ready
>>C: C01 CAPABILITY
>>S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS 
>>NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY 
>>SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=GSSAPI 
>>AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE
>>S: C01 OK Completed
>>Please enter your password:
>>C: L01 LOGIN cyrus {8}
>>S: + go ahead
>>C: <omitted>
>>S: L01 OK User logged in
>>Authenticated.
>>Security strength factor: 0
>>CAPABILITY

More information about the Info-cyrus mailing list