cyrus - sasl - pam - ldap strange error with libsldap

Sam Smith sam.smith at
Thu Sep 14 12:23:41 EDT 2006

We've been using cyrus faithfully with pam->NIS for years, but I have to 
change to pam->LDAP.
I'm using saslauthd -a pam, with a solaris 9 box that authenticates just 
fine using pam->ldap to a fedora directory server.

I'm using cyrus 2.3.7, and sasl 2.1.22. I did not compile in ldap 
support for sasl, since I am using pam.

Anyway, here's the error:

Sep 14 12:07:19 imaps[2724]: [ID 379946 
local6.notice] starttls: TLSv1 with cipher AES256-SHA (256/256 bits 
reused) no authentication
Sep 14 12:07:19 imaps[2724]: [ID 293258 
local6.error] libsldap: Status: 91  Mesg: openConnection: failed to 
initialize TLS security (security library: bad database.)
Sep 14 12:07:19 last message repeated 1 time
Sep 14 12:07:19 imaps[2724]: [ID 292100 
local6.warning] libsldap: could not remove from 
servers list
Sep 14 12:07:19 imaps[2724]: [ID 293258 
local6.error] libsldap: Status: 7  Mesg: Session error no available conn.
Sep 14 12:07:19 imaps[2724]: [ID 529592 
local6.notice] login: [] sam 
plain+TLS User logged in

I am able to login with most clients (thunderbird, outlook, eudora), but 
I cannot login with squirrelmail. That's very strange. Squirrelmail logs 
in twice for some reason, and the second time always fails.

Is this a cyrus or a sasl error? Or maybe a pam_ldap error?

Of course, if I change back to pam->NIS, everything works great, but 
that's not an option.

Thanks for any help,
Sam Smith

More information about the Info-cyrus mailing list