On 2012-05-24 at 23:08 +0200, Wolfgang Breyha wrote: > On 2012-05-24 17:50, Wolfgang Breyha wrote: > > Wolfgang Breyha wrote, on 24.05.2012 16:11: > >> I tried to activate RC5 and fail badly with > >>> May 24 15:58:00 moorhuhn exim[31647]: [1\2] 2012-05-24 15:58:00 > >>> sasl_cram_md5 authenticator (CRAM-MD5): > >>> May 24 15:58:00 moorhuhn exim[31647]: [2/2] Cyrus SASL SSF 141300024 > >>> not supported by Exim > > I think, I found the cause... > http://bugs.exim.org/show_bug.cgi?id=1254
Fixed, thanks, and sorry. I use SASL extensively and had expected that if I broke this I'd have noticed, but had forgotten that since I wrote the heimdal_gssapi auth driver I didn't have any Cyrus SASL drivers left, and I haven't yet figured out a decent test for this to go in the test suite. What happens is that SASL, in some mechanisms, is able to negotiate a "protection layer". Actually using SASL protection layers is not very widely supported by most software, because the world moved on and uses SSL/TLS instead. I adjusted the Cyrus SASL integration to tell Cyrus about external protection from TLS and to check afterwards to see if SASL had negotiated its own protection. If SASL has, Exim declares a failure because Exim won't do the wrap/unwrap needed. Wolfgang's fix is correct and has been applied. -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
