imapd is not talking to saslauthd

Tue, 30 Jan 2018 14:07:12 -0800 

Hi

(btw. i was Guest39278 on IRC yesterday and got the chance to introduce myself 
on googletalk)

I’m trying to set up imapd to use saslauthd for authentication.

I have already a running saslauthd which uses PAM. I can run this

root@cyrus3:/ # testsaslauthd -u mike -p mike
0: OK "Success.“

and if i run

root@cyrus3:/ # testsaslauthd -u mike -p abc
0: NO "authentication failed“

i get that logged in auth.log like this

Jan 30 21:43:53 cyrus3 saslauthd[88721]: do_auth         : auth failure: 
[user=mike] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]

In imapd.conf i have

sasl_pwcheck_method: saslauthd

Now i’m authenticate against imapd

root@cyrus3:~ # imtest -t "" -u mike -a mike -w mike localhost
S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS LOGINDISABLED 
AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=NTLM SASL-IR] 
cyrus3.intern.rueger.me Cyrus IMAP 3.0.5 server ready
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now
verify error:num=18:self signed certificate
TLS connection established: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 
(256/256 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxten QUOTA 
MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN 
MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH SEARCH=FUZZY SORT SORT=MODSEQ 
SORT=DISPLAY SORT=UID THREAD=ORDEREDSUBJECT THREAD=REFERENCES THREAD=REFS 
ANNOTATEMORE ANNOTATE-EXPERIMENT-1 METADATA LIST-EXTENDED LIST-STATUS 
LIST-MYRIGHTS LIST-METADATA WITHIN QRESYNC SCAN XLIST XMOVE MOVE SPECIAL-USE 
CREATE-SPECIAL-USE DIGEST=SHA1 X-REPLICATION URLAUTH URLAUTH=BINARY 
AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=NTLM AUTH=PLAIN AUTH=LOGIN 
SASL-IR COMPRESS=DEFLATE X-QUOTA=STORAGE X-QUOTA=MESSAGE 
X-QUOTA=X-ANNOTATION-STORAGE X-QUOTA=X-NUM-FOLDERS IDLE
S: C01 OK Completed
C: A01 AUTHENTICATE SCRAM-SHA-1 
bixhPW1pa2Usbj1taWtlLHI9Z2Z1Ukp1cVc1Z1BybHhaWTdFcjVYUDR2WUtuMVhRNHc=
S: A01 NO authentication failure
Authentication failed. generic failure
Security strength factor: 256

Nothing is reported in auth.conf

If i do this

root@cyrus3:~ # saslpasswd2 -c m...@cyrus3.intern.rueger.me
…<entering „mike“ twice here>
root@cyrus3:~ # imtest -t "" -u mike -a mike -w mike localhost
S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS LOGINDISABLED 
AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=NTLM SASL-IR] 
cyrus3.intern.rueger.me Cyrus IMAP 3.0.5 server ready
C: S01 STARTTLS
…
Authenticated.
Security strength factor: 256

it is working against local db BUT NOT against saslauthd.

How do i setup imapd to talk to saslauthd?

BTW i’m using
* cyrus-imapd30-3.0.5
* cyrus-sasl-2.1.26_13
* cyrus-sasl-saslauthd-2.1.26_3
on FreeBSD 11.1

Thank you for any help,
Mike

Attachment: signature.asc
Description: Message signed with OpenPGP

Reply via email to