[Dovecot] auth problem with secure authentication (cram-md5)

Adrian Stoica adrian.stoica at dacris.net
Fri Mar 2 09:09:56 EET 2007 

I use dovecot 1.0rc25
in dovecot.conf:
auth default {
mechanisms = LOGIN CRAM-MD5 DIGEST-MD5 PLAIN APOP
passdb sql {
args=/etc/dovecot-crammd5.conf
}
passdb sql {
args=/etc/dovecot-sql.conf
}
userdb sql {
args=/etc/dovecot-sql.conf
}
}

in dovecot-sql.conf:
driver = mysql
connect = host=/var/run/mysql/mysql.sock port= dbname=mail 
user=vmailuser password=vmailpassword
password_query = SELECT clear AS password , user FROM mailbox WHERE user 
= '%n' AND IF('%d'='',clear = '%w',domain = '%d') AND status ='1' LIMIT 1
user_query = SELECT CONCAT(home,'/',maildir) AS home, '1001' AS uid, 
'1001' AS gid,CONCAT('maildir:storage=', quota * 1024 ) AS quota FROM 
mailbox WHERE (user = '%n' AND status = '1') OR (user = '%n' AND domain 
= '%d' AND status = '1')
default_pass_scheme = CLEARTEXT

in dovecot-crammd5.conf:
driver = mysql
connect = host=/var/run/mysql/mysql.sock port= dbname=mail 
user=vmailuser password=vmailpassword
password_query = SELECT crypt AS password , user FROM mailbox WHERE user 
= '%n' AND status = '1' LIMIT 1
default_pass_scheme = CRAM-MD5

wen i "use secure authentication" and try login with thunderbird :

dovecot: Mar 02 10:49:39 Info: Dovecot v1.0.rc25 starting up
dovecot: Mar 02 10:49:40 Info: auth-worker(default): mysql: Connected to 
/var/run/mysql/mysql.sock (mail)
dovecot: Mar 02 10:49:40 Info: auth-worker(default): mysql: Connected to 
/var/run/mysql/mysql.sock (mail)
dovecot: Mar 02 10:49:47 Info: auth(default): client in: AUTH   1       
CRAM-MD5        service=IMAP    secured lip=192                 
.168.0.157      rip=192.168.0.64
dovecot: Mar 02 10:49:47 Info: auth(default): client out: CONT  1       
PDY3MTAzMjE0OTY4NDA0MTguMTE3MjgzMjU4N0B0ZXN0Pg=                 =
dovecot: Mar 02 10:49:47 Info: auth(default): client in: CONT   1       
YWRpIGU4N2JjYTZiYzA5OTZkYjY0MDk5ZTZjZmQ2YjUxNWE                 2
dovecot: Mar 02 10:49:47 Info: auth-worker(default): 
sql(adi,192.168.0.64): query: SELECT crypt AS password , user 
FROM                  mailbox WHERE user = 'adi' AND status = '1' LIMIT 1
dovecot: Mar 02 10:49:47 Info: auth(default): 
password(adi,192.168.0.64): Credentials: 
abd122fc9335009004012948209313d3                 
b31b6fdbc502bab773e90f7a195d341b
dovecot: Mar 02 10:49:47 Info: auth(default): client out: OK    1       
user=adi
dovecot: Mar 02 10:49:47 Info: auth(default): master in: REQUEST        
1       4319    1
dovecot: Mar 02 10:49:47 Info: auth-worker(default): 
sql(adi,192.168.0.64): SELECT CONCAT(home,'/',maildir) AS home, 
'1                 001' AS uid, '1001' AS gid,CONCAT('maildir:storage=', 
quota * 1024 ) AS quota FROM mailbox WHERE (user = 'adi' AND 
stat                 us = '1') OR (user = 'adi' AND domain = '' AND 
status = '1')
dovecot: Mar 02 10:49:47 Info: auth(default): master out: USER  1       
adi     home=/srv/vmail/adrian.eu/adi/  uid=100                 1       
gid=1001        quota=maildir:storage=512000
dovecot: Mar 02 10:49:47 Info: imap-login: Login: user=<adi>, 
method=CRAM-MD5, rip=192.168.0.64, lip=192.168.0.157, TLS
dovecot: Mar 02 10:49:48 Info: auth(default): client in: AUTH   1       
CRAM-MD5        service=IMAP    secured lip=192                 
.168.0.157      rip=192.168.0.64
dovecot: Mar 02 10:49:48 Info: auth(default): client out: CONT  1       
PDE0NjQxNTExNDY4MDE5MTQuMTE3MjgzMjU4OEB0ZXN0Pg=                 =
dovecot: Mar 02 10:49:49 Info: auth(default): client in: CONT   1       
YWRpIGI5YjliNmM3ZmMxMzUxMTU0Y2JiMGU2M2U4YmQxMzR                 k
dovecot: Mar 02 10:49:49 Info: auth(default): 
password(adi,192.168.0.64): Credentials: 
abd122fc9335009004012948209313d3                 
b31b6fdbc502bab773e90f7a195d341b
dovecot: Mar 02 10:49:49 Error: child 4311 (auth) killed with signal 11

restart thunderbird and try again to login:

dovecot: Mar 02 10:55:16 Info: auth(default): client in: AUTH   1       
CRAM-MD5        service=IMAP    secured lip=192.168.0.157      
rip=192.168.0.64
dovecot: Mar 02 10:55:16 Info: auth(default): client out: CONT  1       
PDMwMTQ0NjI3Njc3MTYzODEuMTE3MjgzMjkxNkB0ZXN0Pg==
dovecot: Mar 02 10:55:16 Info: auth(default): client in: CONT   1       
YWRpIGMzYTRlODYwMTk1NjVkZDE1NDUzYzI5NGYxNWVhNjVm
dovecot: Mar 02 10:55:16 Info: auth(default): 
password(adi,192.168.0.64): Credentials: 
abd122fc9335009004012948209313d3b31b6fdbc502bab773e90f7a195d341b
dovecot: Mar 02 10:55:16 Error: child 4347 (auth) killed with signal 11
dovecot: Mar 02 10:55:18 Info: auth-worker(default): mysql: Connected to 
/var/run/mysql/mysql.sock (mail)
dovecot: Mar 02 10:55:18 Info: auth-worker(default): mysql: Connected to 
/var/run/mysql/mysql.sock (mail)
(In thunderbird : "Login to server failed.")

After that the login works ok :

dovecot: Mar 02 10:55:18 Info: auth-worker(default): mysql: Connected to 
/var/run/mysql/mysql.sock (mail)
dovecot: Mar 02 10:55:18 Info: auth-worker(default): mysql: Connected to 
/var/run/mysql/mysql.sock (mail)
dovecot: Mar 02 10:57:46 Info: imap-login: Aborted login: 
method=CRAM-MD5, rip=192.168.0.64, lip=192.168.0.157, TLS
dovecot: Mar 02 10:57:53 Info: auth(default): client in: AUTH   1       
CRAM-MD5        service=IMAP    secured lip=192.168.0.157      
rip=192.168.0.64
dovecot: Mar 02 10:57:53 Info: auth(default): client out: CONT  1       
PDc2NzE5MTcwMzE4MzI1NzUuMTE3MjgzMzA3M0B0ZXN0Pg==
dovecot: Mar 02 10:57:53 Info: auth(default): client in: CONT   1       
YWRpIGIxOGQ3NmFmMGIwYmU3OTkyMjk4MmI1OWRlYTQzNTQz
dovecot: Mar 02 10:57:53 Info: auth-worker(default): 
sql(adi,192.168.0.64): query: SELECT crypt AS password , user FROM 
mailbox WHERE user = 'adi' AND status = '1' LIMIT 1
dovecot: Mar 02 10:57:53 Info: auth(default): 
password(adi,192.168.0.64): Credentials: 
abd122fc9335009004012948209313d3b31b6fdbc502bab773e90f7a195d341b
dovecot: Mar 02 10:57:53 Info: auth(default): client out: OK    1       
user=adi
dovecot: Mar 02 10:57:53 Info: auth(default): master in: REQUEST        
6       4337    1
dovecot: Mar 02 10:57:53 Info: auth-worker(default): 
sql(adi,192.168.0.64): SELECT CONCAT(home,'/',maildir) AS home, '1001' 
AS uid, '1001' AS gid,CONCAT('maildir:storage=', quota * 1024 ) AS quota 
FROM mailbox WHERE (user = 'adi' AND status = '1') OR (user = 'adi' AND 
domain = '' AND status = '1')
dovecot: Mar 02 10:57:53 Info: auth(default): master out: USER  6       
adi     home=/srv/vmail/adrian.eu/adi/  uid=1001        
gid=1001quota=maildir:storage=512000
dovecot: Mar 02 10:57:53 Info: imap-login: Login: user=<adi>, 
method=CRAM-MD5, rip=192.168.0.64, lip=192.168.0.157, TLS

Everytime i have to input password for 2-3 times to login with secure 
authentication.

More information about the dovecot mailing list