Uh... I'm trying to debug an application and keep running into this: DEBUG: Sending: 1 AUTHENTICATE CRAM-MD5 DEBUG: Sent 25 bytes DEBUG: Read: 1 NO Authentication failed: Unsupported authentication mechanism DEBUG: Read: * BYE Disconnected for inactivity. So is this really asking for "digest-md5" or am I S.O.L? IIRC these are different protocols, but it's a bit early for my head to get this together.
On Sun, 2004-12-19 at 07:33 -0500, Tom Allison wrote:> Uh... > I'm trying to debug an application and keep running into this: > DEBUG: Sending: 1 AUTHENTICATE CRAM-MD5 > DEBUG: Sent 25 bytes > DEBUG: Read: 1 NO Authentication failed: Unsupported authentication > mechanism > DEBUG: Read: * BYE Disconnected for inactivity. > > So is this really asking for "digest-md5" or am I S.O.L?0.99.x doesn't support CRAM-MD5 without patching it. And in any case you need to enable cram/digest before it can be used from auth_mechanisms setting. That client shouldn't have even tried the AUTHENTICATE CRAM-MD5 command if server didn't give AUTH=CRAM-MD5 capability.. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20041219/c5d8523e/attachment-0001.bin>
Timo Sirainen wrote:> On Sun, 2004-12-19 at 07:33 -0500, Tom Allison wrote: > >>Uh... >>I'm trying to debug an application and keep running into this: >>DEBUG: Sending: 1 AUTHENTICATE CRAM-MD5 >>DEBUG: Sent 25 bytes >>DEBUG: Read: 1 NO Authentication failed: Unsupported authentication >>mechanism >>DEBUG: Read: * BYE Disconnected for inactivity. >> >>So is this really asking for "digest-md5" or am I S.O.L? > > > 0.99.x doesn't support CRAM-MD5 without patching it. And in any case you > need to enable cram/digest before it can be used from auth_mechanisms > setting. > > That client shouldn't have even tried the AUTHENTICATE CRAM-MD5 command > if server didn't give AUTH=CRAM-MD5 capability.. >OK, so the client should have done a capability check first? I'll have to ask about that one.