Bug#635246: saslauthd authentication error with rimap
Sven Vollbehr
sven at vollbehr.eu
Sun Jul 24 09:24:50 UTC 2011
Package: sasl2-bin
Version: 2.1.24~rc1.dfsg1+cvs2011-05-23-4
Severity: important
Tags: squeeze patch
Courier is setup to use userdb.
# authtest -s imap <myuser> <myuserpasswd>
Authentication succeeded.
[...]
I can authenticate users. However, the same doesn't work through saslauthd (rimap).
# testsaslauthd -u <myuser> -p <myuserpasswd>
0: NO "authentication failed"
The actual authentication seems to pass as shown in the logs /var/log/mail.log:
Jul 24 10:38:27 <myhost> imapd: Connection, ip=[::ffff:127.0.0.1]
Jul 24 10:38:27 <myhost> authdaemond: received auth request, service=imap, authtype=login
Jul 24 10:38:27 <myhost> authdaemond: authuserdb: trying this module
Jul 24 10:38:27 <myhost> authdaemond: userdb: looking up '<myuser>'
Jul 24 10:38:27 <myhost> authdaemond: userdb: home=.../<myuser>/, uid=..., gid=..., shell=/bin/false, mail=..., quota=<unset>, gecos=<unset>, options=<unset>
Jul 24 10:38:27 <myhost> authdaemond: found imappw in userdbshadow
Jul 24 10:38:27 <myhost> authdaemond: authuserdb: sysusername=<null>, sysuserid=..., sysgroupid=..., homedir=..., address=<myuser>, fullname=<null>, maildir=.../<myuser>/, quota=<null>, options=<null>
Jul 24 10:38:27 <myhost> authdaemond: authuserdb: clearpasswd=<null>, passwd=...
Jul 24 10:38:27 <myhost> authdaemond: password matches successfully
Jul 24 10:38:27 <myhost> authdaemond: Authenticated: sysusername=<null>, sysuserid=10000, sysgroupid=10000, homedir=..., address=<myuser>, fullname=<null>, maildir=.../<myuser>/, quota=<null>, options=<null>
Jul 24 10:38:27 <myhost> authdaemond: Authenticated: clearpasswd=<myuserpasswd>, passwd=...
Jul 24 10:38:27 <myhost> imapd: LOGIN, user=<myuser>, ip=[::ffff:127.0.0.1], port=[56186], protocol=IMAP
Jul 24 10:38:27 <myhost> imapd: DISCONNECTED, user=<myuser>, ip=[::ffff:127.0.0.1], headers=0, body=0, rcvd=0, sent=178, time=0
The same setup works in lenny.
There seems to be similar issue in FreeBSD forums at http://forums.freebsd.org/archive/index.php/t-8953.html and a possible patch is also provided at http://netvor.sk/~johnny/hacks/cyrus-sasl-2.1.23/lib:checkpw.c.diff.
-- System Information:
Debian Release: 6.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.18-028stab070.14 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages sasl2-bin depends on:
ii db-util 5.1.4 Berkeley Database Utilities
ii debconf 1.5.36.1 Debian configuration management sy
ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib
ii libcome 1.41.12-4stable1 common error description library
ii libdb5. 5.1.25-10 Berkeley v5.1 Database Libraries [
ii libgssa 1.8.3+dfsg-4squeeze1 MIT Kerberos runtime libraries - k
ii libk5cr 1.8.3+dfsg-4squeeze1 MIT Kerberos runtime libraries - C
ii libkrb5 1.8.3+dfsg-4squeeze1 MIT Kerberos runtime libraries
ii libldap 2.4.23-7.2 OpenLDAP libraries
ii libpam0 1.1.1-6.1 Pluggable Authentication Modules l
ii libsasl 2.1.24~rc1.dfsg1+cvs2011-05-23-4 Cyrus SASL - authentication abstra
ii libssl1 1.0.0d-3 SSL shared libraries
ii lsb-bas 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip
sasl2-bin recommends no packages.
sasl2-bin suggests no packages.
-- Configuration Files:
/etc/courier/authdaemonrc
authmodulelist="authuserdb"
daemons=1
version=""
authdaemonvar=/var/run/courier/authdaemon
DEBUG_LOGIN=2
/etc/default/saslauthd changed:
START=yes
MECHANISMS="rimap"
MECH_OPTIONS="127.0.0.1"
NAME="saslauthd"
THREADS=0
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
-- debconf information:
cyrus-sasl2/upgrade-sasldb2-failed:
cyrus-sasl2/backup-sasldb2: /var/backups/sasldb2.bak
cyrus-sasl2/upgrade-sasldb2-backup-failed:
cyrus-sasl2/purge-sasldb2: false
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list