netbsd-users: Re: Next Step : postfix / sasl / tls

Subject: Re: Next Step : postfix / sasl / tls - pkgsrc 2004Q4
To: Christos Zoulas <christos@tac.gw.com>
From: Asmodehn Shade <asmodehn@9online.fr>
List: netbsd-users
Date: 02/22/2005 15:50:16

Christos Zoulas a écrit :

>In article <421A65F3.8060004@9online.fr>,
>Asmodehn Shade  <asmodehn@9online.fr> wrote:
>  
>
>>Hello again,
>>
>>continuing the story...
>>    
>>
>
>You have not installed any of the mech's. Try installing some cy2-* packages.
>This belongs in a FAQ or in the message for cyrus-sasl. Too many people
>stumble into this.
>
>christos
>
>  
>
Continuing the story...

I already have the cy2-plain package installed (and crammd5 / 
digestmd5), but I don't use it I guess, because I use cyrus-saslauthd.
I don't understand how this is working, but I achieve sasl 
authentication on netBSD local password with saslauthd. I wish to use 
sasldb mech (cy2-carmmd5), but auxprop don't seem to work... (login 
failed in cyradm...)
Anyway, I achieve TLS handshake and plaintext authentication on 
cyrus-imapd without any problem, and with the same certificates than the 
one used in postfix/main.cf

Feb 22 15:31:16 Asmodehn master[12217]: process started
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[16060]: recovering cyrus databases
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[16060]: skiplist: recovered 
/var/imap/mailboxes.db (18 records, 3788 bytes) in 0 seconds
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[16060]: skiplist: recovered 
/var/imap/annotations.db (0 records, 144 bytes) in 0 seconds
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[16060]: done recovering cyrus databases
Feb 22 15:31:16 Asmodehn master[12217]: ready for work
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[22993]: checkpointing cyrus databases
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[22993]: done checkpointing cyrus 
databases
Feb 22 15:35:56 Asmodehn imaps[2047]: TLS server engine: cannot load CA data
Feb 22 15:35:56 Asmodehn imaps[2047]: starttls: SSLv3 with cipher 
AES256-SHA (256/256 bits reused) no authentication
Feb 22 15:35:56 Asmodehn imaps[2047]: login: [192.168.0.200] root 
plaintext+TLS User logged in
Feb 22 15:35:56 Asmodehn imaps[2047]: skiplist: recovered 
/var/imap/user/r/root.seen (1 record, 628 bytes) in 0 seconds

I suppose postfix could be waiting for a client side certificate? I'll 
look for any clue this way...

Any hint someone ?

--
Alexandre VINCENT