Upgrade to 2.2.9 breaks sasl auth
Hi This is my 1st time here so please be gentle.
I have encountered one problem since upgrading from 2.0.19 to 2.2.9 which has me beat. The system provides sasl auth services via inet to a postfix 2.11 system. Since the upgrade postfix complains of no sasl methods available. The same dovecot configuration is used on both versions. Now I get these results looking at the inet connection
Version 2.0.19 root@larch:~# telnet 192.168.3.15 12345 Trying 192.168.3.15... Connected to 192.168.3.15. Escape character is '^]'. VERSION 1 1 MECH PLAIN plaintext MECH LOGIN plaintext MECH CRAM-MD5 dictionary active SPID 23223 CUID 1 COOKIE d0b71942d48585303f9ae4681baabf87 DONE
Version 2.2.9 root@larch:~# telnet 192.168.3.112 12345 Trying 192.168.3.112... Connected to 192.168.3.112. Escape character is '^]'. VERSION 1 1 SPID 5300
Seems be something lacking in the response from 2.2.9 that fits the "no sasl methods" response from postfix
I believe I should supply root@larchvm:/etc/dovecot-sasl# dovecot -n -c dovecot.conf # 2.2.9: dovecot.conf # OS: Linux 3.13.0-88-generic i686 Ubuntu 14.04.4 LTS auth_mechanisms = plain login cram-md5 auth_verbose_passwords = plain base_dir = /var/run/dovecot-sasl/ disable_plaintext_auth = no instance_name = sasl mail_chroot = /chroot/mail mail_location = maildir:~/Maildir mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacati on subaddress comparator-i;ascii-numeric relational regex imap4flags copy includ e variables body enotify environment mailbox date ihave namespace { inbox = yes location = prefix = INBOX. type = private } passdb { args = /etc/dovecot-sasl/dovecot-sqlmd5.conf driver = sql } plugin { deleted_to_trash_folder = Trash quota = maildir:User quota quota:noenforcing quota_rule = Trash:ignore sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service auth { inet_listener auth-userdb { address = 192.168.3.112 port = 12345 ssl = yes } unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { mode = 0600 } } service imap-login { inet_listener imap { address = 213.210.16.65 port = 143 } inet_listener imaps { address = 213.210.16.65 port = 993 ssl = yes } } service managesieve-login { inet_listener sieve { address = 213.210.16.65 port = 4190 } } ssl_cert = </etc/ssl/certs/pe.pem ssl_key = </etc/ssl/private/pe.pem userdb { args = /etc/dovecot-sasl/dovecot-sql.conf driver = sql } protocol imap { mail_plugins = quota imap_quota deleted_to_trash }
Any help or suggestion warmly welcomed
On June 15, 2016 at 1:50 AM Paul <paul@enlund.co.uk> wrote:
Hi This is my 1st time here so please be gentle.
I have encountered one problem since upgrading from 2.0.19 to 2.2.9 which has me beat. The system provides sasl auth services via inet to a postfix 2.11 system. Since the upgrade postfix complains of no sasl methods available. The same dovecot configuration is used on both versions. Now I get these results looking at the inet connection
Version 2.0.19 root@larch:~# telnet 192.168.3.15 12345 Trying 192.168.3.15... Connected to 192.168.3.15. Escape character is '^]'. VERSION 1 1 MECH PLAIN plaintext MECH LOGIN plaintext MECH CRAM-MD5 dictionary active SPID 23223 CUID 1 COOKIE d0b71942d48585303f9ae4681baabf87 DONE
Version 2.2.9 root@larch:~# telnet 192.168.3.112 12345 Trying 192.168.3.112... Connected to 192.168.3.112. Escape character is '^]'. VERSION 1 1 SPID 5300
Seems be something lacking in the response from 2.2.9 that fits the "no sasl methods" response from postfix
have you checked
doveadm log errors
Aki Tuomi
Hi
On 15/06/2016 09:04, aki.tuomi@dovecot.fi wrote:
On June 15, 2016 at 1:50 AM Paul <paul@enlund.co.uk> wrote:
Hi This is my 1st time here so please be gentle.
I have encountered one problem since upgrading from 2.0.19 to 2.2.9 which has me beat. The system provides sasl auth services via inet to a postfix 2.11 system. Since the upgrade postfix complains of no sasl methods available. The same dovecot configuration is used on both versions. Now I get these results looking at the inet connection
Version 2.0.19 root@larch:~# telnet 192.168.3.15 12345 Trying 192.168.3.15... Connected to 192.168.3.15. Escape character is '^]'. VERSION 1 1 MECH PLAIN plaintext MECH LOGIN plaintext MECH CRAM-MD5 dictionary active SPID 23223 CUID 1 COOKIE d0b71942d48585303f9ae4681baabf87 DONE
Version 2.2.9 root@larch:~# telnet 192.168.3.112 12345 Trying 192.168.3.112... Connected to 192.168.3.112. Escape character is '^]'. VERSION 1 1 SPID 5300
Seems be something lacking in the response from 2.2.9 that fits the "no sasl methods" response from postfix
have you checked
doveadm log errors
Aki Tuomi
I had not so here they are
root@larch:/var/log# doveadm log errors ( no output)
root@larch:/var/log# doveadm -D log errors doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin .so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/d oveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() faile d: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbo l: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() fa iled: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this mes sage) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_dove adm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_dove adm_sieve_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() faile d: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbo l: fts_backend_rescan (this is usually intentional, so just ignore this message)
A note if I change postfix to use the unix socket defined in the same service auth section that the inet listener is defined in postfix sasl auth works fine. Stiil getting short response to telnet connection to sasl inet port compared to 2.0.19 response
Paul
Hi
Sorted....
After reading changelog of latest sources and noting comments about corrected problems with inet_listener <name> I made the following change which resolved the short response from the sasl inet socket as seen with telnet
inet_listener auth-userdb { address = 192.168.3.112 port = 12345 ssl = yes }
to inet_listener { address = 192.168.3.112 port = 12345 ssl = yes } or
inet_listener auth-inet { address = 192.168.3.112 port = 12345 ssl = yes }
seems auth-userdb as a name screws something.
auth sasl over inet socket no working 100% ok
Paul
On 15/06/2016 09:04, aki.tuomi@dovecot.fi wrote:
On June 15, 2016 at 1:50 AM Paul <paul@enlund.co.uk> wrote:
Hi This is my 1st time here so please be gentle.
I have encountered one problem since upgrading from 2.0.19 to 2.2.9 which has me beat. The system provides sasl auth services via inet to a postfix 2.11 system. Since the upgrade postfix complains of no sasl methods available. The same dovecot configuration is used on both versions. Now I get these results looking at the inet connection
Version 2.0.19 root@larch:~# telnet 192.168.3.15 12345 Trying 192.168.3.15... Connected to 192.168.3.15. Escape character is '^]'. VERSION 1 1 MECH PLAIN plaintext MECH LOGIN plaintext MECH CRAM-MD5 dictionary active SPID 23223 CUID 1 COOKIE d0b71942d48585303f9ae4681baabf87 DONE
Version 2.2.9 root@larch:~# telnet 192.168.3.112 12345 Trying 192.168.3.112... Connected to 192.168.3.112. Escape character is '^]'. VERSION 1 1 SPID 5300
Seems be something lacking in the response from 2.2.9 that fits the "no sasl methods" response from postfix
have you checked
doveadm log errors
Aki Tuomi
participants (2)
-
aki.tuomi@dovecot.fi
-
Paul