[imp] How to force LOGIN auth?

Tornoci Laszlo torlasz@xenia.sote.hu
Tue, 28 May 2002 11:40:35 +0200 (CEST)

Previous message: [imp] Addressbook-Groups
Next message: [imp] version of kernel, Redhat for imp running
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I would like to use imp, cyrus-imapd, with mysql backend for auth.
I set up cyrus to use saslauthd, saslauthd to use pam, and pam to use
mysql for imap service. It works all right with imtest:

[root@kortan-test bin]# imtest -a test1 -m login localhost
C: C01 CAPABILITY
S: * OK kortan-test.sote.hu Cyrus IMAP4 v2.1.4 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS 
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT 
THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=OTP 
AUTH=DIGEST-MD5 AUTH=CRAM-MD5
S: C01 OK Completed
Password: xxxx
C: L01 LOGIN test1 {6}
+ go ahead
C: <omitted>
L01 OK User logged in
Authenticated.
Security strength factor: 0

I understand cyrus-imapd will advertise AUTH=LOGIN only through SSL,
but the mechanism works if the client requests it (as the above test 
proves it).

However, if I try to login through IMP, I get in /var/log/messages:
May 28 11:09:19 kortan-test imapd[13965]: no secret in database
May 28 11:09:19 kortan-test imapd[13965]: badlogin: 
localhost.localdomain[127.0.0.1] CRAM-MD5 [SASL(-13): user not found: no 
secret in database]

Clearly, IMP wants to use the CRAM-MD5 auth mechanism. If I add the 
login/password with saslpasswd2, it works indeed. However, I would like to 
store all auth data in mysql. How can I force IMP to use the plain LOGIN
IMAP command? I plan to use IMP->IMAP only through the "lo" device and 
drop all non-ssl imap connections through eth0 with iptables, so there is 
no problem with security, I guess.

I know this is more of a php question, than IMP, but maybe you can help 
me. This is a RedHat 7.3 box, with imap-devel-2001a-10.rpm. I compiled
php-4.2.1 using:
./configure --with-mysql=/usr \
            --with-gettext \
            --with-xml \
            --with-ldap \
            --with-openssl \
            --with-imap \
            --with-imap-ssl \
            --with-kerberos=/usr/kerberos/ \
            --with-apxs=/usr/local/apache/bin/apxs
 
I guess I have to change something either in the php, or the 
imap-2001a client-lib source, but I am not much of a php or C hacker.
Maybe someone with more experience/knowledge can help me.

                                    Yours: Laszlo


-- 

----------------------------------------------------------------------
Laszlo L Tornoci                            Inst Pathophysiology
E-mail: torlasz@xenia.sote.hu               Semmelweis Univ Med School
        torlasz@net.sote.hu                 Nagyvarad ter 4.
fax:    (36-1)-210-4409                     Budapest, H-1089, Hungary
----------------------------------------------------------------------

Previous message: [imp] Addressbook-Groups
Next message: [imp] version of kernel, Redhat for imp running
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]