LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 09-11-2009, 05:08 AM   #1
xiutuo
Member
 
Registered: Mar 2008
Posts: 52

Rep: Reputation: 15
postfix cyrus sasl md5 problem


env:
postfix-2.6.2
cyrus-sasl-2.1.23
dovecot-1.2.4
mysql5 install path: /usr/local/mysql

these were installed by source ..

configure parameter:
cryus sasl:
# ./configure --bindir=/usr/bin \
--sbindir=/usr/sbin \
--includedir=/usr/include \
--enable-login --enable-plain --enable-digest --enable-cram \
--enable-sql --with-mysql=/usr/local/mysql \
# vi /usr/lib/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
auto_transition: yes
log_level: 5
sql_engine: mysql
sql_database: postfix
sql_user: root
sql_passwd: mypasswd
sql_select: SELECT password FROM mailbox WHERE name='%u' and domain='%r' and active='1'

# ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
# cp /usr/local/lib/libsasl* /usr/lib/
#

postfix
# make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include \
-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L /usr/local/mysql/lib -lmysqlclient -lz -lm \
-L/usr/local/lib -lsasl2'
# make install

and other configure file ready.,.

then i test mail system,

finally found a problem...

i configure cyrus sasl enable sql \mysql,and digest md5,
but i cant use md5 method. or got error:sasl auth fail.

on the mail client with smtp auth password i used md5 encryption as my plain password,it works,,


my question:

how to use md5 authentication mechanisms straightly.


cyus sasl need some patch or something,,,

anyone suggestion will be help me out..

thx,...

Last edited by xiutuo; 09-14-2009 at 03:34 AM.
 
Old 09-12-2009, 05:25 PM   #2
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,094
Blog Entries: 2

Rep: Reputation: 111Reputation: 111
cyrus sasl stores the passwords in recoverable manner and not via any hashing mechanism, cram-md5 and digest-md5 are auth methods that use the password, so you can't encrypt them and then store them in the sasl db. In other words, its working as designed and you'll need to patch sasl if you want to store the password encrypted.
 
Old 09-14-2009, 03:42 AM   #3
xiutuo
Member
 
Registered: Mar 2008
Posts: 52

Original Poster
Rep: Reputation: 15
i got sasl patch
http://www.gergely.risko.hu/cyrus-sasl.en.html
I read this documention.

and configure cyrus sasl

$ cd cyrus-sasl-2.1.23
$ cat ../cyrus-sasl-auxcrypt.patch | patch -p1
$ aclocal -I cmulocal -I config
$ automake
$ autoconf

$ ./configure --bindir=/usr/bin \
--sbindir=/usr/sbin \
--includedir=/usr/include \
--enable-login --enable-plain --enable-digest --enable-cram \
--enable-sql --with-mysql=/usr/local/mysql

$ make;make install

postfix

$ make -f Makefile.init makefiles 'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include \
-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl' 'AUXLIBS=-L /usr/local/mysql/lib -lmysqlclient -lz -lm \
-L/usr/local/lib -lsasl2'


it dont work just like the first posted..

i still dont know why.....
 
Old 09-14-2009, 10:30 AM   #4
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,094
Blog Entries: 2

Rep: Reputation: 111Reputation: 111
did you add the crypt method to the front of the password?

quote from that webpage:
Quote:
The trick is to embed the encoding of the password to the beginning of the stored ciphertext. For example 'foobar' encoded with traditional unix crypt is '{CRYPT}I8wBo3nJ1ux.2'. The prefix is not case-sensitive.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
slackware + postfix + cyrus-sasl (not using system users) zux Slackware 3 03-06-2009 07:39 AM
Postfix and cyrus-sasl -failed to make install :( OTIM Linux - Server 1 11-27-2007 06:10 AM
Postfix problem:: SASL MD5 support adrianmak Linux - Software 0 08-16-2005 05:36 AM
Cyrus SASL & Postfix RPM Build ghight Suse/Novell 0 06-03-2005 09:46 AM
postfix+cyrus-sasl+impd installation conf..help Robin01 Linux - Newbie 0 02-29-2004 05:24 PM


All times are GMT -5. The time now is 03:15 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration