[exim] exim 4.80 and dovecot auth with dovecot 2.1.7 and alp…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jasper Wallace
Date:  
À: exim-users
Sujet: [exim] exim 4.80 and dovecot auth with dovecot 2.1.7 and alpine

Hi,

I had a working dovecot auth setup with exim 4.72 and then upgraded to
4.80 (debian squeeze to wheezy upgrade), auth attempts with alpine now
fail with exim saying:

2013-05-18 04:10:00 +0100 dovecot_plain authenticator failed for
boole.london.hackspace.org.uk (limpit.dhcp.lan.london.hackspace.org.uk)
[82.69.229.6]:51109: 501 Authentication cancelled
2013-05-18 04:10:00 +0100 SMTP syntax error in "[base64 encoded username
+ password]" H=boole.london.hackspace.org.uk (limpit.dhcp.lan.london.hackspace.org.uk)
[82.69.229.6]:51109 unrecognized command

and dovecot saying:

May 18 04:10:00 monstrosity dovecot: auth: Warning: auth client 0
disconnected with 1 pending requests: EOF

stracing the dovecot auth process (this is a 2nd connection, i might not
of caught the whole conversation), fd 16 is the conversation with exim:

accept(9, {sa_family=AF_FILE, NULL}, [2]) = 16
fcntl(16, F_GETFL)                      = 0x2 (flags O_RDWR)
fcntl(16, F_SETFL, O_RDWR|O_NONBLOCK)   = 0
write(5, "\347\24\0\0=\5\0\0\347\3\0\0", 12) = 12
read(4, "Mu\244f\30\231\215\365\232\367\22\261~\214\266,", 16) = 16
fstat(16, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
lseek(16, 0, SEEK_CUR)                  = -1 ESPIPE (Illegal seek)
getsockname(16, {sa_family=AF_FILE, path="/var/run/dovecot/auth-clie\227\177"}, [31]) = 0
epoll_ctl(13, EPOLL_CTL_ADD, 16, {EPOLLIN|EPOLLPRI|EPOLLERR|EPOLLHUP, {u32=3599404560, u64=140290116193808}}) = 0
write(16, "VERSION\t1\t1\nMECH\tPLAIN\tplaintext\nMECH\tLOGIN\tplaintext\nSPID\t5351\nCUID\t4\nCOOKIE\t4d75a46618998df59af712b17e8cb62c\nDONE\n", 116) = 116
gettimeofday({1368846623, 356182}, NULL) = 0
epoll_wait(13, {{EPOLLIN, {u32=3599404560, u64=140290116193808}}}, 11, 270916) = 1
gettimeofday({1368846623, 356621}, NULL) = 0
read(16, "VERSION\t1\t0\nCPID\t5356\nAUTH\t1\tPLAIN\tservice=smtp\tsecured\trip=82.69.229.6\tlip=91.209.244.43\tnologin\tresp=\n", 8192) = 104
gettimeofday({1368846623, 357190}, NULL) = 0
writev(12, [{"PENALTY-GET\t82.69.229.6", 23}, {"\n", 1}], 2) = 24
gettimeofday({1368846623, 357807}, NULL) = 0
epoll_wait(13, {{EPOLLIN, {u32=3599387152, u64=140290116176400}}}, 11, 150000) = 1
gettimeofday({1368846623, 358245}, NULL) = 0
read(12, "0 0\n", 1012)                 = 4
writev(16, [{"CONT\t1\t", 7}, {"\n", 1}], 2) = 8
read(12, 0x7f97d68ad380, 1008)          = -1 EAGAIN (Resource temporarily unavailable)
gettimeofday({1368846623, 359211}, NULL) = 0
epoll_wait(13, {{EPOLLIN|EPOLLHUP, {u32=3599404560, u64=140290116193808}}}, 11, 149998) = 1
gettimeofday({1368846623, 366209}, NULL) = 0
read(16, "", 8088)                      = 0
write(2, "\1\0035351 auth client 0 disconnected with 1 pending requests: EOF\n", 63) = 63


Wierdly if i use openssl s_client and to do the AUTH PLAIN [base64
encoded username + password] manually it works fine. It also work with
swaks.

If I change the authenticator in exim to use saslauthd it works with
alpine!

Unfortunatly I can't seem to get a trace of the smtp session out of
alpine, so I'm not sure what it's doing that triggers this, or where
exactly the problem lies.

I guess alpine is sending "AUTH PLAIN" in one packet and
the username and password in another. The "AUTH PLAIN" bit triggers the
dovecot auth, which has nothing to work on (resp=\n), it then dosen't
understand "CONT\t1\t\n" (?) and dosn't read the encoded username and
password from the smtp session and returns, exim then trys to handle the
encoded username and password and can't, producing the "SMTP syntax error"
/ "unrecognized command" in the logs.

dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}

-- 
[http://pointless.net/]                                   [0x2ECA0975]