LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (http://www.linuxquestions.org/questions/linux-software-2/)
-   -   dovecot SSL/TLS non-PAM config went awry (http://www.linuxquestions.org/questions/linux-software-2/dovecot-ssl-tls-non-pam-config-went-awry-712865/)

molafish 03-19-2009 12:47 PM

dovecot SSL/TLS non-PAM config went awry
 
I installed dovecot 1.1.3 from slackbuilds.org for Slackware 12.2. I'm using the following for the config:

Code:

# 1.1.3: /etc/dovecot.conf
protocols: imaps
ssl_cert_file: /etc/ssl/www.myhostname.net.crt
ssl_key_file: /etc/ssl/www.myhostname.net.key
login_dir: /var/run/dovecot/login
login_executable: /usr/libexec/dovecot/imap-login
auth default:
  passdb:
    driver: shadow
  userdb:
    driver: passwd

Problem is, when I try connecting with Outlook Express, it says none of the auth methods are possible:

Code:

IMAP: 01:22:24 [db] Connecting to 'www.myhostname.net' on port 993.
IMAP: 01:22:24 [db] OnNotify: asOld = 0, asNew = 4, ae = 0
IMAP: 01:22:24 [db] Negotiating secure connection with 'Microsoft Unified Security Protocol Provider'.
IMAP: 01:22:24 [db] OnNotify: asOld = 4, asNew = 6, ae = 2
IMAP: 01:22:24 [db] OnNotify: asOld = 6, asNew = 6, ae = 4
IMAP: 01:22:25 [db] OnNotify: asOld = 6, asNew = 5, ae = 2
IMAP: 01:22:25 [db] OnNotify: asOld = 5, asNew = 5, ae = 3
IMAP: 01:22:25 [rx] * OK Dovecot ready.
IMAP: 01:22:25 [tx] joj4 CAPABILITY
IMAP: 01:22:25 [db] OnNotify: asOld = 5, asNew = 5, ae = 3
IMAP: 01:22:25 [rx] * CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS UIDPLUS LIST-EXTENDED I18NLEVEL=1 AUTH=PLAIN
IMAP: 01:22:25 [rx] joj4 OK Capability completed.
IMAP: 01:22:25 [db] ERROR: "PLAIN authentication failed. None of the authentication methods supported by your IMAP server (if any) are supported on this computer.", hr=0x800CCCDF
IMAP: 01:22:25 [db] Connection to 'www.myhostname.net' closed.
IMAP: 01:22:25 [db] OnNotify: asOld = 5, asNew = 0, ae = 5

I see SASL-IR, and I see AUTH-PLAIN. How do I config dovecot to check the shadow file? I thought I had that right...

When I try adding other mechanisms in dovecot.conf:
Code:

mechanisms = plain login digest-md5 cram-md5
dovecot fails to start complaining that:

dovecot: Fatal: auth(default): DIGEST-MD5 mechanism can't be supported with given passdbs

and when digest is removed, this:

dovecot: Fatal: auth(default): CRAM-MD5 mechanism can't be supported with given passdbs

What do I have to do to easily enable imaps only connections using a SSL/TLS conection with non-PAM user and passwd lookup?

molafish 03-20-2009 12:59 AM

dovecot seems to be configured fine, meaning I can connect to it and authenticate just fine with openssl s_client connect.

So that leaves OE as the offender. What is OE expecting dovecot to offer for authentication mechanisms?


All times are GMT -5. The time now is 03:31 AM.