Ond,
I may have some time the week after next to assist. Any contributions I'd
have would be external.
On 01/05/18 11:41 +0100, Ondřej Surý wrote:
Yes, the maintainer is active.
I started cyrus-imapd 3.0 packaging while ago and it's noticeable amount
of work, so if anybody else want to join
patch to cyrus sasl debian package?
There is a partially implemented, and undocumented 'pwcheck_method:
auxprop-hashed' feature in the code. I believe it supports both sql and
sasldb auxprop backends but not ldapdb.
See git commit 62ce0768aa375cf0d16102570970b232dcb1cb28
--
Dan White
On 09/11/15 11:06 +0200, David Cure wrote:
Package: sasl2-bin
Version: 2.1.26.dfsg1-13
Severity: normal
Dear Maintainer,
I configure saslauthd (for use with sendmail) to use rimap to
authenticate against dovecote-imapd.
Every time, I get this error message :
saslauthd[8707]: do_auth
:18:19 mail kernel: [641466.650182] saslauthd[18764]: segfault at
0 ip 7fdf751b8c8a sp 7ffd3cf92e58 error 4 in libc-2.19.so
[7fdf75137000+19f000]
After this peak was over, there have been no more segfaults for the next 8
hours.
On Tue, May 12, 2015 at 3:42 PM, Dan White dwh...@olp.net wrote
and had no segfaults for the last 3 days.
Seem like only the shadow backend has this issue.
On Fri, May 8, 2015 at 9:10 AM, Thomas Kupka itchy...@gmail.com wrote:
On Wed, 6 May 2015 09:10:15 -0500 Dan White dwh...@olp.net wrote:
Can you get a backtrace from the core dump, and debug output, e.g
:
/etc/default/saslauthd changed:
START=yes
DESC=SASL Authentication Daemon
NAME=saslauthd
MECHANISMS=shadow
This backend doesn't get used much these days. pam should functionally
replace it. Does it also produce a segfault?
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ
,
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
is that this type of issue is due to a memory leak in the
specific PAM module, or due to the way saslauthd uses pam - it only uses
the auth and account facilities and not the session or password facilities,
which may prevent the module from performing it's memory cleanup.
--
Dan White
a new process (-n 0) with each
authentication attempt. The memory gets freed when the process ends even
though there's a memory leak. You'll hide the problem at the expense of
process setup/tear down overhead.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
are at play here.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
.
This functionality has not been implemented in all auxprop plugins
(including ldapdb), due to the fact that it is undocumented.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
-modules 2.1.25.dfsg1-6
ii libssl1.0.0 1.0.1e-1
libsasl2-modules-gssapi-mit recommends no packages.
libsasl2-modules-gssapi-mit suggests no packages.
-- no debconf information
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe
server (or networking)
failure properly, and require a restart of that process in the event an
ldap connection times out.
Bind is also at fault here for not taking such conditions into account.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject
-inside 4
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
from Wheezy repo...
Regards,
Timm Wunderlich
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
developers as appropriate.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
/sasl2/slapd.conf?
the former is an empty directory, the latter file does not exist in
that dir.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On 11/06/11 18:45 -0700, Richard A Nelson wrote:
On Sat, 11 Jun 2011, Dan White wrote:
Yes, interestingly, this shows up for both failure modes:
Jun 11 15:37:02 sparks-ave ldapwhoami: canonuserfunc error -7
Jun 11 15:37:02 sparks-ave ldapwhoami: _sasl_plugin_load failed
the same version of libsasl2-modules-gssapi-*?
Do you see anything useful in your /var/log/auth.log on the server or
client? What kerberos server are you using, and do you see anything in it's
syslog output?
Would you mind sharing an anonymized copy of your /etc/ldap.conf and
~/.ldaprc?
--
Dan White
if you use ldap://hostname instead?
When there's a failure, are you getting the ldap/hostname@REALM service
ticket from your kerberos server? Does klist look the same between failures
and successes?
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject
On 02/06/11 21:22 -0500, Dan White wrote:
I'm starting to suspect this is a client side problem (with imtest). With
the patch below, this command works:
cyradm --auth gssapi --tlskey imap.example.org
but this command still produces the error you're seeing:
imtest -m gssapi -t
On 02/06/11 18:43 +, brian m. carlson wrote:
On Tue, May 31, 2011 at 09:13:26AM -0500, Dan White wrote:
Do you also receive an error without starttls? I just installed
2.1.24~rc1.dfsg1+cvs2011-05-23-2 and was able to reproduce this error,
but only while doing '-t ', or '-s' (against cyrus
troubleshooting, probably later in the week.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
fixed in upstream. See:
http://bugzilla.cyrusimap.org/bugzilla3/show_bug.cgi?id=3444
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
___
Pkg-openldap-devel mailing list
pkg-openldap-de...@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-openldap-devel
--
Dan White
BTC Broadband
Ph 918.366.0248 (direct) main: (918)366-8000
Fax 918.366.6610email: dwh...@olp.net
http
On 27/04/11 17:48 +0200, Frank Meisschaert wrote:
On 04/27/11 15:30, Dan White wrote:
Using the SASL_CONF_PATH environment variable to use different sasl
parameters (by using different directories containing a slapd.conf file)
for different slapd instances does not work. Same problem
) to generate otp challenges (based on
the password stored with saslpasswd2).
I would recommend testing by simply removing the build dependency on opie,
which should do the right thing.
If that doesn't work correctly, please let me know and I'll do some testing
to figure out why.
--
Dan White
so in
your next upload.
Thank you!
Hauke
For what it's worth, I've been using the cyrus otp plugin without opie for
a while. If no opie libraries are found during build, otp should build
itself to use auxprop as it's token store instead.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs
IGNOREQUOTA
Authenticated.
Security strength factor: 0
Only if I specify a -m option does the client attempt to authenticate.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On 01/02/11 22:21 -0600, Dan White wrote:
On 01/02/11 22:49 -0200, Henrique de Moraes Holschuh wrote:
This does not appear to be related specifically to smtptest, but possibly
to several of the *test binaries using the imtest.c source.
Only if I specify a -m option does the client attempt
. However, since I'm both the Debian maintainer
and upstream I'm a bit biased.
I'll offer an unbiased +1 for libnss-ldapd.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
of your PAM modules.
Can you monitor /proc/saslauthdpids/fd/ to see if you can find out what
type of file descriptors are being left open?
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
saslauthd uses pam.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On 27/07/10 21:59 +0200, Bastian Blank wrote:
On Tue, Jul 27, 2010 at 02:08:00PM -0500, Dan White wrote:
What are the contents of your /etc/default/saslauthd and
/etc/saslauthd.conf? What's the output of 'grep -r auth /etc/*syslog*?
| # grep -v ^# /etc/default/saslauthd | grep -v ^$
| START
On 28/07/10 10:28 +0200, Bastian Blank wrote:
On Wed, Jul 28, 2010 at 12:56:40AM -0500, Dan White wrote:
On 27/07/10 21:59 +0200, Bastian Blank wrote:
It's because of the 'auth,authpriv.*' line in rsyslogd.conf (it also exists
the same way in the sysklogd package).
Yes, this is the correct
On 28/07/10 16:07 +0200, Bastian Blank wrote:
On Wed, Jul 28, 2010 at 08:24:51AM -0500, Dan White wrote:
On 28/07/10 10:28 +0200, Bastian Blank wrote:
No. The tools must not send debug messages without being asked to do
so. Why does libsasl use syslog for interactive usage anyway?
It's
.
What are the contents of your /etc/default/saslauthd and
/etc/saslauthd.conf? What's the output of 'grep -r auth /etc/*syslog*?
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
/README.Debian.debug.gz and enable telemetry
logging.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
an administrator's mailbox (cyrus).
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On 17/01/10 10:38 +0100, Alessandro Polverini wrote:
Dan White wrote:
[...]
This does not work for any top-level mailboxes. The dot in the above (in
the case where unixhierarchysep is set to yes) is not relevant:
zek.olp.net cm user/test
zek.olp.net setacl user/test cyrus all
zek.olp.net
On 17/01/10 21:53 +0100, Sergio Gelato wrote:
* Dan White [2010-01-16 21:58:33 -0600]:
a1 id (vendor Zimbra os Linux os-version 12)
* ID (name Cyrus IMAPD version v2.2.13-Debian-2.2.13-10 2006/11/13 16:17:53 vendor Project Cyrus support-url
http://asg.web.cmu.edu/cyrus; os Linux os-version
On 17/01/10 17:35 -0600, Dan White wrote:
I agree. The server should be sending a NIL/OK.
According to http://www.rfc-editor.org/rfcxx00.html, 2971 is still current.
I'll work on a bug report for upstream and see how difficult it'll be to
patch existing behavior.
I've opened a bug upstream
that
response has been seen; keeping only particularly interesting parts
of responses; and only logging responses of users who actually log
in.
This 'functionality' may be Cyrus's way of circumventing a denial of
service attack by a string of unauthenticated users.
--
Dan White
the message to my INBOX rather than INBOX.spam.
This seems to be consistent with the existing man page for cyrdeliver.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
in June? Have you encountered
it again?
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
I confirmed this still occurs on the latest upstream release (2.3.16).
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On 17/01/10 00:06 -0600, Dan White wrote:
zek.olp.net create user/cyrus.test
zek.olp.net setacl user/cyrus.test cyrus all
zek.olp.net rename user/cyrus.test user/test.cyrus
renamemailbox: Operation is not supported on mailbox
zek.olp.net
This does not work for any top-level mailboxes. The dot
a:
$sieveport = 'sieve';
instead of
$sieveport = 2000;
in my PHP Avelsieve config, but no go. PHP, or Avelsieve, will not do
service name resolution like Cyrus, unfortunately.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe
Package: avelsieve
Version: 1.9.7-6+lenny1
Severity: normal
Tags: patch
See Bug#555664 for reference. IANA has assigned port 4190 to the Managesieve
protocol, and package netbase has included the new default.
The default Avelsieve configuration specifies port 2000, and should be changed.
See
.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
/services.
The default /etc/cyrus.conf shipped only include an lmtpunix service and
does not attempt to listen on inet port lmtp.
I've always manually added lmtp/csync/mupdate to /etc/services.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject
Steve Langasek wrote:
Hi folks,
The libsasl2-2 package states quite explicitly that:
If you intend to use this package on a server that provides SASL
authentication, then you must install some of the libsasl2-modules*
packages.
This suggests that the modules should actually be
Steve Langasek wrote:
How does this show anything other than that most users have left the sasl
library in an unusable state on their systems?
libsasl2-2 does contain the EXTERNAL mech, and the sasldb auxprop plugin
(I believe).
The following common packages contain dependencies on
this month back and Dan White and myself had
been using it any both forget to worry about getting the code committed.
It seems though that the Cyrus SASL people aren't watching their
Bugzilla and mailing list that much these days.
Regards,
Torsten
Torsten Schlabach wrote:
Fabian Fagerholm wrote:
we need help from someone who can (has the ability to, and has the time to) read
the code and figure out what's happening here.
I decided to start investigating this, especially as the problem gets
worse with Exim - Cyrus SASL - ldapdb. Other
Richard A Nelson wrote:
On Wed, 12 Dec 2007, Richard A Nelson wrote:
/etc/mail/authinfo:
AuthInfo:fqdn U:? P:? R:REALM M:GSSAPI
With that format of entry, the odd error is gone:
GSSAPI Error: An unsupported mechanism was requested (unknown mech-code
0 for mech unknown)
But smtptest still
Richard,
The cyrus-sasl list might also be a good resource for this question.
You can try 'saslpluginviewer' to make sure that the GSSAPI
mechanism is installed.
You can also try 'smtptest', from the cyrus-clients-2.x package,
for a second opinion.
Also, might not be a bad idea to try the
Roberto,
canon user functionality is described in the SASL Plugin
Programmer's Guide:
http://www.sendmail.org/~ca/email/cyrus2/plugprog.html
We're using it to allow customers to authenticate as multiple
identities but canonize to a single username when opening their
mailbox (cyrus-imapd and
Package: libsasl2-modules-ldap
Version: 2.1.22.dfsg1-13
Severity: wishlist
This is a combination of a couple of patches from the cyrus-sasl mailing
list:
http://osdir.com/ml/security.cyrus.sasl/2007-01/msg00053.html
http://archives.free.net.ph/message/20070522.142310.c4df1ddd.en.html
Both
Roberto C. Sánchez wrote:
On Sun, Apr 15, 2007 at 01:21:42PM -0500, Dan White wrote:
The following modifications give me a functioning heimdal module
(inside of libsasl2-modules-gssapi-mit), which I'm using
successfully so far on a test server:
Modified debian/control
Replaced build
61 matches
Mail list logo