cyrus - sasl - pam - ldap strange error with libsldap
Andreas Winkelmann
ml at awinkelmann.de
Thu Sep 14 15:47:37 EDT 2006
Am Thursday 14 September 2006 18:23 schrieb Sam Smith:
> We've been using cyrus faithfully with pam->NIS for years, but I have to
> change to pam->LDAP.
> I'm using saslauthd -a pam, with a solaris 9 box that authenticates just
> fine using pam->ldap to a fedora directory server.
>
> I'm using cyrus 2.3.7, and sasl 2.1.22. I did not compile in ldap
> support for sasl, since I am using pam.
>
> Anyway, here's the error:
>
> Sep 14 12:07:19 tsnfs.ece.gatech.edu imaps[2724]: [ID 379946
> local6.notice] starttls: TLSv1 with cipher AES256-SHA (256/256 bits
> reused) no authentication
> Sep 14 12:07:19 tsnfs.ece.gatech.edu imaps[2724]: [ID 293258
> local6.error] libsldap: Status: 91 Mesg: openConnection: failed to
> initialize TLS security (security library: bad database.)
> Sep 14 12:07:19 tsnfs.ece.gatech.edu last message repeated 1 time
> Sep 14 12:07:19 tsnfs.ece.gatech.edu imaps[2724]: [ID 292100
> local6.warning] libsldap: could not remove ldapserv.ece.gatech.edu from
> servers list
> Sep 14 12:07:19 tsnfs.ece.gatech.edu imaps[2724]: [ID 293258
> local6.error] libsldap: Status: 7 Mesg: Session error no available conn.
> Sep 14 12:07:19 tsnfs.ece.gatech.edu imaps[2724]: [ID 529592
> local6.notice] login: ct5247.ece.gatech.edu [199.77.225.131] sam
> plain+TLS User logged in
>
> I am able to login with most clients (thunderbird, outlook, eudora), but
> I cannot login with squirrelmail. That's very strange. Squirrelmail logs
> in twice for some reason, and the second time always fails.
>
> Is this a cyrus or a sasl error? Or maybe a pam_ldap error?
>
> Of course, if I change back to pam->NIS, everything works great, but
> that's not an option.
Your configuration?
And, stop saslauthd and start it with an additional "-d" for Debug-Output out
of a shell. Test it and show the Output.
--
Andreas
More information about the Info-cyrus
mailing list