2 messages in net.sourceforge.lists.courier-users[courier-users] imaplogin and SSL not...
FromSent OnAttachments
Andy BradfordOct 2, 2001 11:24 pm 
Andy BradfordOct 3, 2001 12:14 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:[courier-users] imaplogin and SSL not authenticating.Actions...
From:Andy Bradford (brad@xmission.com)
Date:Oct 2, 2001 11:24:42 pm
List:net.sourceforge.lists.courier-users

Hello all,

I have setup courier-imap to use stunnel so we can use peer certificates. The certificates are working fine, however, it appears that the password is not being accepted in the IMAP login. Here is an strace of the pertinent dialog:

[root@clavin /tmp]# ps auxwww | grep stunnel root 19707 0.2 0.2 3504 1420 ? S 00:09 0:00 /usr/sbin/stunnel
-f -p /etc/ssl/private/clavin.key-crt -a /etc/ssl/ca/certs/ trusted -l
/usr/lib/courier-imap/sbin/imaplogin
/usr/lib/courier-imap/libexec/authlib/authdaemon /usr/lib/courier-imap/bin/imapd
Maildir [root@clavin /tmp]# strace -p 19707 -f -o stunnel.strace [root@clavin /tmp]# cat stunnel.strace 19707 select(6, [0 5], [], NULL, NULL) = 1 (in [0]) 19707 read(0, "\27\3\0\0&", 5) = 5 19707 read(0, "H\244g`Z\3\333\240dI\2378\312\375\377r\35\212\1\312\3\334"...,
38) = 38 19707 select(6, [0 5], [5], NULL, NULL) = 1 (out [5]) 19707 write(5, "2 authenticate plain\r\n", 22) = 22 19707 select(6, [0 5], [], NULL, NULL) = 1 (in [5]) 19707 read(5, "+ \r\n", 8192) = 4 19707 select(6, [0 5], [0], NULL, NULL) = 1 (out [0]) 19707 write(0, "\27\3\0\0\24\326\213\344\345\214|\353\270\343\t\224\"\377"...,
25) = 25 19707 select(6, [0 5], [], NULL, NULL) = 1 (in [0]) 19707 read(0, "\27\3\0\0&", 5) = 5 19707 read(0, "\5\352\274\276\317\v\20\2729\267\220\251\330\222\230\220"..., 38)
= 38 19707 select(6, [0 5], [5], NULL, NULL) = 1 (out [5]) 19707 write(5, "AGFuZHliAHRlc3Rpbmc=\r\n", 22) = 22 19707 select(6, [0 5], [], NULL, NULL) = ? ERESTARTNOHAND (To be restarted) 19707 --- SIGCHLD (Child exited) --- 19707 select(6, [0 5], [], NULL, NULL) = 1 (in [5]) 19707 read(5, "", 8192) = 0 19707 getpid() = 19707 19707 write(2, "LOG5[19707:1024]: Connection clo"..., 84) = 84 19707 close(5) = 0 19707 close(0) = 0 19707 _exit(0) = ?

Why is the login being passed as "AGFuZHliAHRlc3Rpbmc=" which is just a base64 encoded concatenation of my username and password (maybe null delimited)? Authentication works fine without SSL. Any ideas? If I haven't provided enough information I will be willing to provide whatever else you think may be helpful.

Andy

-- GnuPG ID 0xA63888C9 (D2DA 68C9 BB2B 26B4 8204 2219 A43E F450 A638 88C9) [-----------[system uptime]--------------------------------------------] 12:24am up 10 days, 7:20, 6 users, load average: 1.28, 1.27, 1.27