[Dovecot] Dovecot CRAM-MD5 & DIGEST-MD5

Tue, 08 Jul 2008 08:39:02 -0700 

Hello all.

Im try to make a SMTP Auth using Docecot SASL.
Im use swaks for tests.

Im store users in LDAP.
As im understand for CRAM & DIGEST MD5 we need to store pass in a clear text?... Ok. 

mail: [EMAIL PROTECTED]
userPassword: 123 <- Clear text


What im do


%swaks -a CRAM-MD5 -au [EMAIL PROTECTED] -ap 123
To: [EMAIL PROTECTED]
=== Trying mx.domain.off:25...
=== Connected to mx.domain.off.
<-  220 mx.domain.off ESMTP Exim 4.69 Tue, 08 Jul 2008 19:14:24 +0000
 -> EHLO mx.domain.off
<-  250-mx.domain.off Hello mx.domain.off [172.16.1.19]
<-  250-SIZE 13631488
<-  250-PIPELINING
<-  250-AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5
<-  250-STARTTLS
<-  250 HELP
 -> AUTH CRAM-MD5
<-  334 PDM4ODYwNTQ1MjEzMTA3NDEuMTIxNTU0NDQ2NEBteC5kb21haW4ub2ZmPg==
 -> YWRtaW4zQGRvbWFpbi5vZmYgMGJlYzIzOTA5Zjg4OTc3MDdkYTJmZmNmOTEzMDBhMmM=
<** 535 Incorrect authentication data
*** No authentication type succeeded
 -> QUIT
<-  221 mx.domain.off closing connection
=== Connection closed with remote host.


Exim says:

SMTP<< AUTH CRAM-MD5
 9657 dovecot authentication
9657 AUTH 12 CRAM-MD5 service=smtp secured rip=172.16.1.19 lip=172.16.1.19 resp= 9657 received: CONT 12 PDM0MTMzMjg1NTUyOTE0MjMuMTIxNTU0NDcwMUBteC5kb21haW4ub2ZmPg== 9657 SMTP>> 334 PDM0MTMzMjg1NTUyOTE0MjMuMTIxNTU0NDcwMUBteC5kb21haW4ub2ZmPg== 
 9657 received: FAIL    12      [EMAIL PROTECTED]
 9657 SMTP>> 535 Incorrect authentication data
9657 auth_cram_md5 authenticator failed for mx.domain.off [172.16.1.19] I=[172.16.1.19]:26: 535 Incorrect authentication data ([EMAIL PROTECTED]) 
 9657 SMTP<< QUIT


Dovecot logs:

Info: auth(default): new auth connection: pid=9713
Info: auth(default): client in: AUTH 11 CRAM-MD5 service=smtp secured rip=172.16.1.19 lip=172.16.1.19 resp=<hidden> Info: auth(default): client out: CONT 11 PDU5MjUzNjc0Mjg1NDAyNjUuMTIxNTU0NDkyN0BteC5kb21haW4ub2ZmPg== 
Info: auth(default): client in: CONT<hidden>
Info: auth(default): ldap([EMAIL PROTECTED],172.16.1.19): pass search: base=dc=Virtual-Domains,dc=DOMAIN scope=subtree filter=(&(objectClass=mailUser)([EMAIL PROTECTED])) fields=mail,userPassword Info: auth(default): ldap([EMAIL PROTECTED],172.16.1.19): result: mail(user)[EMAIL PROTECTED] userPassword(password)=<hidden> Error: auth(default): password([EMAIL PROTECTED],172.16.1.19): Invalid password format for scheme CRAM-MD5 
Info: auth(default): client out: FAIL  11      [EMAIL PROTECTED]

---
password([EMAIL PROTECTED],172.16.1.19): Invalid password format for scheme CRAM-MD5 

Hm... as im see - something wrong in my dovecot-ldap.conf ?
Main idea of it is mail = user, userPassword = password.


dovecot-ldap.conf:

hosts = 127.0.0.1
dn = uid=Dovecot,ou=System-Users,dc=DOMAIN
dnpass = 123
debug_level = 0
ldap_version = 3
base = dc=Virtual-Domains,dc=DOMAIN
deref = never
scope = subtree
user_attrs =
user_filter = (&(objectClass=mailUser)(mail=%u))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=mailUser)(mail=%u))
default_pass_scheme = CRAM-MD5


Dovecot logs with debug_level=1 in attachment.


Help me please - I running out of ideas. :-(

--
Best regards,
Proskurin Kirill

dovecot: Jul 08 19:20:42 Info: auth(default): new auth connection: pid=9663
dovecot: Jul 08 19:20:42 Info: auth(default): client in: AUTH   13      
CRAM-MD5        service=smtp    secured rip=172.16.1.19 lip=172.16.1.19 
resp=<hidden>
dovecot: Jul 08 19:20:42 Info: auth(default): client out: CONT  13      
PDQzMTQ1ODQxMzA2NDgxODguMTIxNTU0NDg0MkBteC5kb21haW4ub2ZmPg==
dovecot: Jul 08 19:20:42 Info: auth(default): client in: CONT<hidden>
dovecot: Jul 08 19:20:42 Info: auth(default): ldap([EMAIL 
PROTECTED],172.16.1.19): pass search: base=dc=Virtual-Domains,dc=ForexClub 
scope=subtree filter=(&(objectClass=mailUser)([EMAIL PROTECTED])
) fields=mail,userPassword
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_search
dovecot: Jul 08 19:20:42 Error: auth(default): put_filter: 
"(&(objectClass=mailUser)([EMAIL PROTECTED]))"
dovecot: Jul 08 19:20:42 Error: auth(default): put_filter: AND
dovecot: Jul 08 19:20:42 Error: auth(default): put_filter_list 
"(objectClass=mailUser)([EMAIL PROTECTED])"
dovecot: Jul 08 19:20:42 Error: auth(default): put_filter: 
"(objectClass=mailUser)"
dovecot: Jul 08 19:20:42 Error: auth(default): put_filter: simple
dovecot: Jul 08 19:20:42 Error: auth(default): put_simple_filter: 
"objectClass=mailUser"
dovecot: Jul 08 19:20:42 Error: auth(default): put_filter: "([EMAIL PROTECTED])"
dovecot: Jul 08 19:20:42 Error: auth(default): put_filter: simple
dovecot: Jul 08 19:20:42 Error: auth(default): put_simple_filter: "[EMAIL 
PROTECTED]"
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_send_initial_request
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_send_server_request
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_result ld 0x18529160 msgid 
-1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList ld 
0x18529160 msgid -1 all 1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList returns ld 
0x18529160 NULL
dovecot: Jul 08 19:20:42 Error: auth(default): wait4msg ld 0x18529160 msgid -1 
(timeout 0 usec)
dovecot: Jul 08 19:20:42 Error: auth(default): wait4msg continue ld 0x18529160 
msgid -1 all 1
dovecot: Jul 08 19:20:42 Error: auth(default): ** ld 0x18529160 Connections:
dovecot: Jul 08 19:20:42 Error: auth(default): * host: 127.0.0.1  port: 389  
(default)
dovecot: Jul 08 19:20:42 Error: auth(default):   refcnt: 2  status: Connected
dovecot: Jul 08 19:20:42 Error: auth(default):   last used: Tue Jul  8 19:20:42 
2008
dovecot: Jul 08 19:20:42 Error: auth(default):
dovecot: Jul 08 19:20:42 Error: auth(default): ** ld 0x18529160 Outstanding 
Requests:
dovecot: Jul 08 19:20:42 Error: auth(default):  * msgid 4,  origid 4, status 
InProgress
dovecot: Jul 08 19:20:42 Error: auth(default):    outstanding referrals 0, 
parent count 0
dovecot: Jul 08 19:20:42 Error: auth(default): ** ld 0x18529160 Response Queue:
dovecot: Jul 08 19:20:42 Error: auth(default):    Empty
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList ld 
0x18529160 msgid -1 all 1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList returns ld 
0x18529160 NULL
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_int_select
dovecot: Jul 08 19:20:42 Error: auth(default): read1msg: ld 0x18529160 msgid -1 
all 1
dovecot: Jul 08 19:20:42 Error: auth(default): read1msg: ld 0x18529160 msgid 4 
message type search-entry
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_result ld 0x18529160 msgid 
-1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList ld 
0x18529160 msgid -1 all 1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList returns ld 
0x18529160 NULL
dovecot: Jul 08 19:20:42 Error: auth(default): wait4msg ld 0x18529160 msgid -1 
(timeout 0 usec)
dovecot: Jul 08 19:20:42 Error: auth(default): wait4msg continue ld 0x18529160 
msgid -1 all 1
dovecot: Jul 08 19:20:42 Error: auth(default): ** ld 0x18529160 Connections:
dovecot: Jul 08 19:20:42 Error: auth(default): * host: 127.0.0.1  port: 389  
(default)
dovecot: Jul 08 19:20:42 Error: auth(default):   refcnt: 2  status: Connected
dovecot: Jul 08 19:20:42 Error: auth(default):   last used: Tue Jul  8 19:20:42 
2008
dovecot: Jul 08 19:20:42 Error: auth(default):
dovecot: Jul 08 19:20:42 Error: auth(default): ** ld 0x18529160 Outstanding 
Requests:
dovecot: Jul 08 19:20:42 Error: auth(default):  * msgid 4,  origid 4, status 
InProgress
dovecot: Jul 08 19:20:42 Error: auth(default):    outstanding referrals 0, 
parent count 0
dovecot: Jul 08 19:20:42 Error: auth(default): ** ld 0x18529160 Response Queue:
dovecot: Jul 08 19:20:42 Error: auth(default):  * msgid 4,  type 100
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList ld 
0x18529160 msgid -1 all 1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList returns ld 
0x18529160 NULL
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_int_select
dovecot: Jul 08 19:20:42 Error: auth(default): read1msg: ld 0x18529160 msgid -1 
all 1
dovecot: Jul 08 19:20:42 Error: auth(default): read1msg: ld 0x18529160 msgid 4 
message type search-result
dovecot: Jul 08 19:20:42 Error: auth(default): new result:  res_errno: 0, 
res_error: <>, res_matched: <>
dovecot: Jul 08 19:20:42 Error: auth(default): read1msg: ld 0x18529160 0 new 
referrals
dovecot: Jul 08 19:20:42 Error: auth(default): read1msg:  mark request 
completed, ld 0x18529160 msgid 4
dovecot: Jul 08 19:20:42 Error: auth(default): request done: ld 0x18529160 
msgid 4
dovecot: Jul 08 19:20:42 Error: auth(default): res_errno: 0, res_error: <>, 
res_matched: <>
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_free_request (origid 4, 
msgid 4)
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_free_connection 0 1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_free_connection: refcnt 1
dovecot: Jul 08 19:20:42 Error: auth(default): adding response ld 0x18529160 
msgid 4 type 101:
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_parse_result
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_first_attribute
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_get_values
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_next_attribute
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_get_values
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_next_attribute
dovecot: Jul 08 19:20:42 Info: auth(default): ldap([EMAIL 
PROTECTED],172.16.1.19): result: mail(user)[EMAIL PROTECTED] 
userPassword(password)=<hidden>
dovecot: Jul 08 19:20:42 Error: auth(default): password([EMAIL 
PROTECTED],172.16.1.19): Invalid password format for scheme CRAM-MD5
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_msgfree
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_result ld 0x18529160 msgid 
-1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList ld 
0x18529160 msgid -1 all 1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList returns ld 
0x18529160 NULL
dovecot: Jul 08 19:20:42 Error: auth(default): wait4msg ld 0x18529160 msgid -1 
(timeout 0 usec)
dovecot: Jul 08 19:20:42 Error: auth(default): wait4msg continue ld 0x18529160 
msgid -1 all 1
dovecot: Jul 08 19:20:42 Error: auth(default): ** ld 0x18529160 Connections:
dovecot: Jul 08 19:20:42 Error: auth(default): * host: 127.0.0.1  port: 389  
(default)
dovecot: Jul 08 19:20:42 Error: auth(default):   refcnt: 1  status: Connected
dovecot: Jul 08 19:20:42 Error: auth(default):   last used: Tue Jul  8 19:20:42 
2008
dovecot: Jul 08 19:20:42 Error: auth(default):
dovecot: Jul 08 19:20:42 Error: auth(default): ** ld 0x18529160 Outstanding 
Requests:
dovecot: Jul 08 19:20:42 Error: auth(default):    Empty
dovecot: Jul 08 19:20:42 Error: auth(default): ** ld 0x18529160 Response Queue:
dovecot: Jul 08 19:20:42 Error: auth(default):    Empty
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList ld 
0x18529160 msgid -1 all 1
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_chkResponseList returns ld 
0x18529160 NULL
dovecot: Jul 08 19:20:42 Error: auth(default): ldap_int_select
dovecot: Jul 08 19:20:44 Info: auth(default): client out: FAIL  13      [EMAIL 
PROTECTED]

Reply via email to