Subject: Re: Next Step : postfix / sasl / tls - pkgsrc 2004Q4
To: Christos Zoulas <christos@tac.gw.com>
From: Asmodehn Shade <asmodehn@9online.fr>
List: netbsd-users
Date: 02/22/2005 15:50:16
Christos Zoulas a écrit :
>In article <421A65F3.8060004@9online.fr>,
>Asmodehn Shade <asmodehn@9online.fr> wrote:
>
>
>>Hello again,
>>
>>continuing the story...
>>
>>
>
>You have not installed any of the mech's. Try installing some cy2-* packages.
>This belongs in a FAQ or in the message for cyrus-sasl. Too many people
>stumble into this.
>
>christos
>
>
>
Continuing the story...
I already have the cy2-plain package installed (and crammd5 /
digestmd5), but I don't use it I guess, because I use cyrus-saslauthd.
I don't understand how this is working, but I achieve sasl
authentication on netBSD local password with saslauthd. I wish to use
sasldb mech (cy2-carmmd5), but auxprop don't seem to work... (login
failed in cyradm...)
Anyway, I achieve TLS handshake and plaintext authentication on
cyrus-imapd without any problem, and with the same certificates than the
one used in postfix/main.cf
Feb 22 15:31:16 Asmodehn master[12217]: process started
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[16060]: recovering cyrus databases
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[16060]: skiplist: recovered
/var/imap/mailboxes.db (18 records, 3788 bytes) in 0 seconds
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[16060]: skiplist: recovered
/var/imap/annotations.db (0 records, 144 bytes) in 0 seconds
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[16060]: done recovering cyrus databases
Feb 22 15:31:16 Asmodehn master[12217]: ready for work
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[22993]: checkpointing cyrus databases
Feb 22 15:31:16 Asmodehn ctl_cyrusdb[22993]: done checkpointing cyrus
databases
Feb 22 15:35:56 Asmodehn imaps[2047]: TLS server engine: cannot load CA data
Feb 22 15:35:56 Asmodehn imaps[2047]: starttls: SSLv3 with cipher
AES256-SHA (256/256 bits reused) no authentication
Feb 22 15:35:56 Asmodehn imaps[2047]: login: [192.168.0.200] root
plaintext+TLS User logged in
Feb 22 15:35:56 Asmodehn imaps[2047]: skiplist: recovered
/var/imap/user/r/root.seen (1 record, 628 bytes) in 0 seconds
I suppose postfix could be waiting for a client side certificate? I'll
look for any clue this way...
Any hint someone ?
--
Alexandre VINCENT