On Thu, 2007-08-02 at 16:00 +0200, Steffen Brunk wrote:
Hello list,
my name is Steven and of course: I got a problem... we are using dovecot 0.99 because it´s the actual stable version for RedHat 4 Enterprise.
You will save yourself a lot of trouble in the long run if you build a package of dovecot 1.0.x for yourself, or grab a pre-made package from e.g. atrpms.
I am trying to authenticate using "PLAIN" but I don´t know how.
what do I have to send after receiving the "+"-symbol?
PLAIN auth expects "username<NUL>authname<NUL>password" encoded in base64. Usually, username and authname will be the same, and you probably won't need to worry about cases where they're different.
One easy way to encode the authentication information (because of the embedded NULs) is to use perl on the command line, e.g.: perl -MMIME::Base64 -e 'print encode_base64("user\0user\0password")'
An easier way to test various authentication mechanisms is with the imtest utility from Cyrus (packaged in cyrus21-clients in Debian and cyrus-imapd-utils on RHEL4.) The package containing the clients doesn't require you to actually install the Cyrus imap daemon, and it also contains smtptest, pop3test, and nntptest which are handy for testing other sorts of servers.
Here's example output, so you can see exactly what's sent/received from the IMAP server (S: = server, C: = client, and after the 'Security strength factor' line, the session is connected to the terminal in much the same way as telnetting to the server.)
(rain@spock:~) imtest localhost S: * OK [CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5 AUTH=NTLM] Server ready. C: C01 CAPABILITY S: * CAPABILITY IMAP4rev1 SASL-IR SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5 AUTH=NTLM S: C01 OK Capability completed. C: A01 AUTHENTICATE PLAIN S: + Please enter your password: C: cmFpbgByYWluAGhlbGxvLGRvdmVjb3Qh S: A01 OK Logged in. Authenticated. Security strength factor: 0 0 logout
- BYE Logging out 0 OK Logout completed. Connection closed.
HTH,
Ben Winslow <rain@bluecherry.net>