How to make sync_client invoke STARTTLS for replication
Wesley Craig
wes at umich.edu
Fri Jun 4 16:32:25 EDT 2010
On 03 Jun 2010, at 04:38, Rudy Gevaert wrote:
> master side:
> Jun 3 10:39:12 cyrdev1 maild1/sync_client[3519]: starttls: TLSv1 with
> cipher DHE-RSA-AES256-SHA (256/256 bits new client) no authentication
> Jun 3 10:40:12 cyrdev1 maild1/sync_client[3519]: Doing a peer verify
> Jun 3 10:40:12 cyrdev1 maild1/sync_client[3519]: Doing a peer verify
> Jun 3 10:40:12 cyrdev1 maild1/sync_client[3519]: Doing a peer verify
> Jun 3 10:40:12 cyrdev1 maild1/sync_client[3519]: Doing a peer verify
> Jun 3 10:40:12 cyrdev1 maild1/sync_client[3519]: received server
> certificate
> Jun 3 10:40:12 cyrdev1 maild1/sync_client[3519]: starttls: TLSv1 with
> cipher DHE-RSA-AES256-SHA (256/256 bits new client) no authentication
And that's all? At a minimum, if authN is failing, you should get
this syslog:
if ((r = backend_authenticate(ret, prot, &mlist, userid,
cb, auth_status))) {
syslog(LOG_ERR, "couldn't authenticate to backend
server: %s",
sasl_errstring(r, NULL, NULL));
if (!ret_backend) free(ret);
close(sock);
ret = NULL;
}
If you're not, I guess you're in some sort of loop in
backend_authenticate(). Do you get a backtrace?
:wes
More information about the Info-cyrus
mailing list