similar to: SASL AUTH LOGIN mechanism problems

Hi All, I've been reading about Phil Zimmermann's ZRTP encryption scheme for SIP clients. This seems attactive but I don't use soft phones. I'm guessing that we'd need ZRTP support in Asterisk in order to use it to secure calls from hard phones. There seem to be issues with SRTP key exhange between various devices. So much so that the IETF is working on a standardization

Hello, attached patch (1.0-test29) adds LOGIN authentication mechanism. Tested with KMail and seems working. Please consider applying. Best regards. P.S. I also have NTLM authentication working and plan to submit it RSN. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- diff -urpNX /usr/share/dontdiff

Hello all, this patch add APOP authentication mechanism to dovecot 1.0-test23. Please take a look. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part -------------- diff -udrpN -X /usr/share/dontdiff -x Makefile dovecot-1.0-test23.vanilla/src/auth/Makefile.am dovecot-1.0-test23/src/auth/Makefile.am ---

Hello, this patch reworks old-style SASL discovery code. With this patch applied it advertises all configured SASL mechanisms. It makes possible for MS Outlook to use all installed security service providers (SSP), so if someone crazy enough will write CRAM-MD5 or DIGEST-MD5 SSP we'll support it readily :) Please consider applying. Best regards. -- Andrey Panin | Linux and UNIX system

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Attached is a patch against current CVS that adds support for the GSSAPI SASL mechanism. It was written from scratch, after reading the patch from Colin Walters against a much older version of dovecot. Other then support for the 'GSSAPI' mechanism, it contains the following changes: - - Added 'auth_krb5_keytab' option for

Hello all, attached patch implements Compuserve RPA athentication mechanism. Tested with: - Eudora 6 (uses Compuserve "Virtual Key" RPA software); - TheBat! 2.11 (uses it's own RPA implementation). I hope it can be useful for someone. Best regards. -- Andrey Panin | Linux and UNIX system administrator pazke at donpac.ru | PGP key: wwwkeys.pgp.net -------------- next part

Hi This is my 1st time here so please be gentle. I have encountered one problem since upgrading from 2.0.19 to 2.2.9 which has me beat. The system provides sasl auth services via inet to a postfix 2.11 system. Since the upgrade postfix complains of no sasl methods available. The same dovecot configuration is used on both versions. Now I get these results looking at the inet connection Version

Hi, I understand from earlier discussions that the reason dovecot doesn't support proxying of other SASL mechanisms than those which supply the plaintext password is that in general it would be possible to proxy any SASL mechanism since it might protect against man-in-the-middle attacks (which would prevent proxying). However, that has led to choice between letting users use PLAIN (or

Version 4.0.0alpha18-GIT-567f05e Ubuntu 11.10 Attempting to bind from nss-ldapd: ldb_wrap open of secrets.ldb GSS server Update(krb5)(1) Update failed: An unsupported mechanism was requested: unknown mech-code 0 for mech 1 2 840 113554 1 2 2 The call is from here: base dc=hh3,dc=site map passwd uid samAccountName map passwd homeDirectory unixHomeDirectory sasl_mech

Hi, I have successfully setup a tinc network between five hosts (in switch mode). Two of the hosts have static and known IP addresses (S1 and S2). Other hosts (H3-H5) connect one (or both) of them. The traffic flows nicely between all hosts. The initial edges (ConnectTo configuration directives) in my test network are: S1<->S2 H3 -> S1 and S2 H4 -> S1 H5 -> S2 As far as I have

I''m trying to submit data in JSPWiki (edit page). I can read the data in the form, but nothings get saved when I submit the page. Cancel doesn''t work either. I don''t get any errors. There is no JavaScript used to submit the form. After I''m logged in I do the following: def save(page, content) @agent.get(@base_url + "Edit.jsp?page=#{page}")

Hi. I had working Exim 4.71 and Dovecot 1.2.9 SASL configuration on Ubuntu Lucid, but needed some features from dovecot2, so I installed 2.0.13 from https://launchpad.net/~carsten-uppenbrink-net/+archive/dovecot2 . Now I get Subj error while trying to authenticate via dovecot auth-client socket. However IMAP auth works fine with 2.0.13 and smtp auth worked fine until upgrade, so I think

Howdy, I know i've asked this before, but i think i got really no answer. I'd like to have dovecot SASL, to check AUTH against an SQL table, instead of dovecot SASL use the AUTH MECH for imap/pop3. I want this, to have the same behavior as I have now, where i use postfix with cyrus SASL on a different table (with the same login details), and when i have an user that his accounts

On 25 Feb 2015, at 20:59, Peter Mogensen <apm at one.com> wrote: > So, why not just extend the support for proxy authentication forwarding > to any single-handskake SASL-IR mechanism, which doesn't use > channel-binding? (which includes PLAIN, but also GS2-KRB5, and possibly > others). Yeah, I guess it would work for several of the auth mechanisms. It's a lot of work

The next combination of parameters makes 100% LDAP connections unsuccessful (the log snippet form the previous mail). sasl_bind = yes sasl_mech = gssapi tls = yes Looks like this combination is utterly incorrect and should be prohibited (tls must not be used when mech is gssapi). https://lists.fedorahosted.org/archives/list/sssd-users at

Howdy, I'm going back to this matter, to finish the replacement os cyrus SASL per dovecot-SASL. I want to have the same functionality that i had before, that is, SASL check's AUTH agains a different table than the users one. I was looking in the dovecot-SASL docs, and i see nothing related. (https://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL) Does someone have an ideia on how to

That's right. GSS-API is not used anywhere else. Do you like to inspect my full configuration? I can dump connection session and send pcap file here. On August 15, 2019 7:27:20 AM GMT+03:00, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: >> On 15/08/2019 00:34 Eugene via dovecot <dovecot at dovecot.org> wrote: >> >> >> The next combination of

Code which supports cyrus SASL library (src/auth/mech-cyrus-sasl2.c) is broken. Following is the workaround patch for Dovecot Rel 0.99.11, and it worked fine on FreeBSD 4.10 BOX. It will not work with current development version. Application for that version might not be so difficult. Recently I found the CVS log which appeals that cyrus SASL support is discontinued. It's very sad. Regards

Since upgrding to Debian squeeze, the web mail system (Imp4/Horde3) suffers delays every time a new IMAP connection is needed. Tracing the authentication conversation, we find: 08:45:55.270609: 00000000 AUTHENTICATE GSSAPI 08:45:55.271277: + 08:45:55.271761: * 08:45:55.271782: 00000000 BAD Authentication aborted by client. 08:45:55.271815: 00000001 AUTHENTICATE PLAIN 08:46:00.271008: + and the

Hi All, I have an extremely frustrating problem and I kind of think this is an error in rails, but you never know. I have a hash of objects that I am iterating through in order to display the needed info. As I am doing that and displaying half a dozen values, one value is being interrupted by rails as a hash and giving me this error: --- !map:HashWithIndifferentAccess comm: "1"