I'm having a similar problem. I was using 2.0.15 with sasl_pwcheck_method: pam, and just upgraded to 2.1.1 with SASL 2.1.0 on RedHat 7.0. I have set up saslauthd to use pam, and changed imapd.conf to sasl_pwcheck_method: saslauthd. imapd authenticates fine through that, but I can't seem to get timsieved authenticating properly.
It looks like it's not allowing PLAIN auth type. I added "allowplaintext: yes" to the imapd.conf file, but I still get this: $ imtest -m plain localhost C: C01 CAPABILITY S: * OK cronus Cyrus IMAP4 v2.1.1 server ready S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE AUTH=DIGEST-MD5 AUTH=CRAM-MD5 S: C01 OK Completed C: A01 AUTHENTICATE PLAIN S: A01 NO Error authenticating Authentication failed. generic failure Security strength factor: 0 I did create the symlink as advised in the docs: # ls -l /usr/lib/sasl2 lrwxrwxrwx 1 root root 20 Jan 29 15:47 /usr/lib/sasl2 -> /usr/local/lib/sasl2 And it looks like the libraries for plain auth are in this directory: # cd /usr/lib/sasl2 # ls -l libplain* -rwxr-xr-x 1 root root 685 Jan 25 23:38 libplain.la lrwxrwxrwx 1 root root 17 Jan 25 23:38 libplain.so -> libplain.so.2.0.0 lrwxrwxrwx 1 root root 17 Jan 25 23:38 libplain.so.2 -> libplain.so.2.0.0 -rwxr-xr-x 1 root root 73124 Jan 25 23:38 libplain.so.2.0.0 I probably missed some key point in the documentation, but I just can't find it. Any suggestions? -Jules On Tue, 2002-01-15 at 10:44, Ferdinand Goldmann wrote: > Hello again... > > On Sat, 5 Jan 2002, Ken Murchison wrote: > > > Quoting Ferdinand Goldmann <[EMAIL PROTECTED]>: > > > > > > > > > > > On Fri, 4 Jan 2002, Lawrence Greenfield wrote: > > > > > > > try: > > > > > > > > ln -s /usr/local/lib/sasl /usr/lib/sasl > > > > > > > > libsasl looks in /usr/lib/sasl for the plugins but installs them into > > > > /usr/local/lib/sasl. > > > > > > Yes, I know, I already did this after SASL installation: > > > # ls -l /usr/lib/sasl > > > lrwxrwxrwx 1 root system 19 Oct 23 12:46 /usr/lib/sasl -> > > > /usr/local/lib/sasl > > > # ls /usr/local/lib/sasl > > > libanonymous.a libcrammd5.a libdigestmd5.a > > > libplain.a > > > libanonymous.la libcrammd5.la libdigestmd5.la > > > libplain.la > > > libanonymous.so.1 libcrammd5.so.1 libdigestmd5.so.0 > > > libplain.so.1 > > > libanonymous.so.1.0.15 libcrammd5.so.1.0.15 libdigestmd5.so.0.0.17 > > > libplain.so.1.0.14 > > > > > > I still have no idea, why my plugins are not detected, or why SASL does not > > > anounce anything when connecting to imapd or popd. Still, everyone can log > > > in > > > fine to their POP3/IMAP accounts, I guess because I am running a pwcheck > > > daemon. > > > > The reason that your users can login to IMAP and POP3 is probably because they > > are not using the AUTHENTICATE or AUTH commands (ie, SASL) respectively. IMAP > > and POP3 each have their own built-in plaintext commands (LOGIN and USER/PASS). > > I finally found the time to dig a little bit into this problem: > SASL expects DLL files which end in '.so'. However, AIX seems to be a bit > tricky here. In my installation, I had only .a and .so.<versionnumber> files. > > So I did the following: I symlinked the .a files to .so files and edited the > respective .la-files (which hold the configuration information for libtool): > library_names='libplain.so.1.0.14 libplain.so.1 libplain.a libplain.so' > ^^^^^^^^^^^ > and added another name so the libtool wrapper can find the library under > this name. > > And: > # telnet localhost sieve > Trying... > Connected to localhost > Escape character is '^]'. > "IMPLEMENTATION" "Cyrus timsieved v1.0.0" > "SASL" "PLAIN" > "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress regex" > OK > > So am finally seeing some plugins. Now I am running into a different problem: > I created a user 'test' using saslpasswd: > # sasldblistusers > user: test realm: yoda mech: CRAM-MD5 > user: test realm: yoda mech: PLAIN > user: test realm: yoda mech: DIGEST-MD5 > > auth.debug: > Jan 15 19:18:59 yoda syslog: PLAIN: set secret for test > Jan 15 19:18:59 yoda syslog: DIGEST-MD5: set secret for test > Jan 15 19:18:59 yoda syslog: CRAM-MD5: set secret for test > > However, upon connecting to the imap port, I don't see CRAM-MD5/DIGEST-MD5 > announced: > C01 CAPABILITY > * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS > ID NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT > THREAD=REFERENCES IDLE AUTH=PLAIN X-NETSCAPE > C01 OK Completed > > I created a symlink from /usr/local/etc/sasldb to /etc/sasldb (since this > location is mentioned in the manpage), but with no success so far. > > Any ideas where I might continue looking? BTW, what is the correct realm > to set in sasldb? The FQDN of my IMAP server? > > Kind regards, > Ferdinand >
