mupdatetest works, but the deamons cant connect
rupert
rupertt at gmail.com
Mon Feb 4 08:25:09 EST 2008
i compared both logins, and the x64 machine doesnt offer anything when
i dont use a certificate.
also when I log in, the autocreate mailbox says cant "connect" to the
mupdate server, but tcpdump shows me a connection on the right port,
and when I change the listen="mupdate" to something silly, it says it
cant "find" the mupdate server at all
here are my imtests
works not
---
imtest backend-A1 -a cyrus-backend -w backend -m PLAIN
S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED]
backend-A1.bla1.mailcluster Cyrus IMAP4 (Murder)
v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED ACL RIGHTS=kxte
QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH
S: C01 OK Completed
C: A01 AUTHENTICATE PLAIN
S: A01 NO mechanism too weak for this user
Authentication failed. generic failure
Security strength factor: 0
works:
--
imtest backend-A1 -a cyrus-backend -w backend -m PLAIN -t
/etc/pki/cyrus-imapd/server.pem
S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED]
backend-A1.bla1.mailcluster Cyrus IMAP4 (Murder)
v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ STARTTLS LOGINDISABLED ACL RIGHTS=kxte
QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH
S: C01 OK Completed
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now
verify error:num=18:self signed certificate
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ AUTH=PLAIN SASL-IR ACL RIGHTS=kxte
QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH
S: C01 OK Completed
C: A01 AUTHENTICATE PLAIN AGN5cnVzLWJhY2tlbmQAYmFja2VuZA==
S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdater-A1/ LOGINDISABLED ACL RIGHTS=kxte QUOTA
MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN
MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (tls protection)
Authenticated.
Security strength factor: 256
works on old machine
--
imtest backend -u ralf at blub.local -a ralf at blub.local -m PLAIN -w ralf
S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdate.test.local/ STARTTLS AUTH=PLAIN SASL-IR]
backend.test.local Cyrus IMAP4 (Murder) v2.3.9-Fedora-RPM-2.3.9-7.fc8
server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdate.test.local/ STARTTLS AUTH=PLAIN SASL-IR ACL
RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME
UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE
CONDSTORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH
S: C01 OK Completed
C: A01 AUTHENTICATE PLAIN cmFsZkBibHViLmxvY2FsAHJhbGZAYmx1Yi5sb2NhbAByYWxm
S: A01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID
MUPDATE=mupdate://mupdate.test.local/ LOGINDISABLED ACL RIGHTS=kxte
QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT
CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH] Success (no protection)
Authenticated.
Security strength factor: 0
On Mon, Feb 4, 2008 at 9:23 AM, rupert <rupertt at gmail.com> wrote:
> Hello,
> i transfered my murder from some x86 VM machine to some real x64
> machines, and I cant get the frontend/backend and mupdate servers to
> talk to each others.
> imtest only works with the -t option. I use pam and a mysql DB with
> hashed paswords.
> Local testsaslauth works and also i can do a mupdatest with the same
> parameters as in the imapd.conf.
>
> on the frontend I have these messages repeating,
>
> 08:21:00 frontend-A1 mupdate[5198]: couldn't connect to mupdate server
> Feb 4 08:21:00 frontend-A1 mupdate[5198]: retrying connection to
> mupdate server in 25 seconds
> Feb 4 08:21:12 frontend-A1 mupdate[5196]: couldn't authenticate to
> backend server: no mechanism available
>
> also I can find this line
>
> frontend-A1 saslauthd[1617]: pam_unix_acct(imap:account): could not
> identify user (from getpwnam(albert at test.local))
>
> looks like pam tries to look for a local user?
>
> Since I am using as mech only PLAIN, how can I force the deamons to
> use TLS to talk to each other?
>
>
> cheers
>
> rupertt
>
thx ()
More information about the Info-cyrus
mailing list