Package: libsasl2-modules-gssapi-mit Version: 2.1.24~rc1.dfsg1+cvs2011-05-23-2 Severity: grave
I use Kerberos 5 for my IMAP and SMTP servers. Previously, everything worked flawlessly. Now, mutt crashes on trying to store a message in the Sent folder, and cyrus-clients-2.4's imtest and smtptest report failure to authenticate with GSSAPI: lakeview ok % imtest -t "" -m GSSAPI -a bmc -u bmc imap.crustytoothpaste.net S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS LOGINDISABLED AUTH=GSSAPI] Dovecot ready. C: S01 STARTTLS S: S01 OK Begin TLS negotiation now. verify error:num=20:unable to get local issuer certificate verify error:num=27:certificate not trusted verify error:num=21:unable to verify the first certificate TLS connection established: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) C: C01 CAPABILITY S: * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=GSSAPI S: C01 OK Pre-login capabilities listed, post-login capabilities have more. C: A01 AUTHENTICATE GSSAPI YIICiwYJKoZIhvcSAQICAQBuggJ6MIICdqADAgEFoQMCAQ6iBwMFAAAAAACjggGHYYIBgzCCAX+gAwIBBaEWGxRDUlVTVFlUT09USFBBU1RFLk5FVKIuMCygAwIBA6ElMCMbBGltYXAbG2Nhc3Ryby5jcnVzdHl0b290aHBhc3RlLm5ldKOCAS4wggEqoAMCARKhAwIBA6KCARwEggEY5reXqwcg0WR+ETBz73n1QUtnDTrjSe5vCjmFmk26vFaNU880mW+rcoV4hID9uw6OgTooVQE72qtjeRVhucou5f2Pio5cIJbiHQC6J5vDX8hFwXVT6I7kUJDYxKk35FoO2Ibg48Qr6GWURsuJB5sat8ckKuf4Ak64bCginAO+axm4kwFHHWG+6Kjzdheavd79YpToY5eyY8BoxRcqI3tDIwQOrX1xYK3mQWx38UaVojFDWpy96bpmLARKkxrPrxquzqAlmBTM/mevVMO8QtA6D7zwTSXa69qIi/zrb4c6ooZLtco2VoC996RLxxKWTYHoQGjKDAswkTEG9WqkyJslBap1Xba/s+fs3xQzLrInxLRl+FQTiI4RYqSB1TCB0qADAgESooHKBIHHtDYwVHiLz7F+4HJ+YuBGC+TIbFylSvVX0B8afUMUxyKXYQ4eVu4700nJ5Pj0K3ipY4sZIEZ6TYhSlcMH4TNWwBSb/GV0GM1FC+B9WCwJ0RSEfKf0C49r+De51SUwXPW5rM5aMauKnmbaAiEQ1MCjTnvwTrWHYo/2T21OkouvSrt/2p7aZKaM+P6c5rwVW+DlsGoSooezWVxRvLCf4wArFK2IVbwIsYRXJ38puE2qq8UNyqx1RT6nmM7DUzHfbTATOhQLSdy4nA== S: + C: * Authentication failed. generic failure Security strength factor: 256 A01 BAD Authentication aborted by client. L01 LOGOUT * BYE Logging out L01 OK Logout completed. Connection closed. lakeview ok % smtptest -t "" -m GSSAPI -a bmc -u bmc smtp.crustytoothpaste.net S: 220 castro.crustytoothpaste.net ESMTP Sendmail 8.14.4/8.14.4/Debian-2; Sun, 29 May 2011 19:45:44 GMT; (No UCE/UBE) logging access from: [IPv6:2001:470:1f05:79:216:d3ff:feb3:801e](FAIL)-[IPv6:2001:470:1f05:79:216:d3ff:feb3:801e] C: EHLO smtptest S: 250-castro.crustytoothpaste.net Hello [IPv6:2001:470:1f05:79:216:d3ff:feb3:801e], pleased to meet you S: 250-ENHANCEDSTATUSCODES S: 250-PIPELINING S: 250-EXPN S: 250-VERB S: 250-8BITMIME S: 250-SIZE S: 250-DSN S: 250-ETRN S: 250-AUTH GSSAPI CRAM-MD5 DIGEST-MD5 S: 250-STARTTLS S: 250-DELIVERBY S: 250 HELP C: STARTTLS S: 220 2.0.0 Ready to start TLS verify error:num=18:self signed certificate TLS connection established: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) C: EHLO smtptest S: 250-castro.crustytoothpaste.net Hello [IPv6:2001:470:1f05:79:216:d3ff:feb3:801e], pleased to meet you S: 250-ENHANCEDSTATUSCODES S: 250-PIPELINING S: 250-EXPN S: 250-VERB S: 250-8BITMIME S: 250-SIZE S: 250-DSN S: 250-ETRN S: 250-AUTH GSSAPI CRAM-MD5 DIGEST-MD5 PLAIN S: 250-DELIVERBY S: 250 HELP C: AUTH GSSAPI S: 334 C: YIICiwYJKoZIhvcSAQICAQBuggJ6MIICdqADAgEFoQMCAQ6iBwMFAAAAAACjggGHYYIBgzCCAX+gAwIBBaEWGxRDUlVTVFlUT09USFBBU1RFLk5FVKIuMCygAwIBA6ElMCMbBHNtdHAbG2Nhc3Ryby5jcnVzdHl0b290aHBhc3RlLm5ldKOCAS4wggEqoAMCARKhAwIBAqKCARwEggEYV0x6ecoU3d3mHm6z9vwtboNFpb3KkkkZQ5rDf8Mlz9XV+Gi7ogvv5bXEECNDfFqXfTsal+vIyUsy8ItMGEUzXHvj6SoYDMM//umHk/q6LCKTrZmj0YkhwFEa6hXloRRpg9f8RLznOIPppHCfqUYzMEdhPIM3sH9bddRThTL3SwjHO/HzBjxinB6HJLNZUIxHn4uE39qNR5H4P/cbnGP8kprt28JN1LqTS9jcRXaJ4jm986cDvoBrEZ6xhXiUAniNuVMKlcGkWYTkoeDxRfJRUdxwhHQV40GJvgyIQG7/BEjRYMghAmWQzQwGRWASIDKluAxVbGuPRsgYdpcRNLv0yooATABCtdOdNRPED1iQQrkTnVJvCYTfdqSB1TCB0qADAgESooHKBIHHOinl6v8FtOdETIIWX8xkpzk8CNOS032OYgZRiPyaLeZ1cAZlLLyadZ4b1XhajP/L+HmQw4/sUuEEBDKVjzGssR5WbczQsvzn7rqrgyy7BnXof+GERDWiivU3zNRV2YArA0FB1KsXhpr2/Ujf9ZsaHKGTv73AXTtUw4j0ZNETgG8NTHZ+2bUMMYgZbQ7wLSWcSkXgjx8e3LO5Z1j1adbjsY1f9y2NxVnQEcFMNjAi389sFbxEOHd7Q/rNJWhYxIKuanM1V7WeHg== S: 334 C: * Authentication failed. generic failure Security strength factor: 256 501 5.0.0 AUTH aborted QUIT 221 2.0.0 castro.crustytoothpaste.net closing connection Connection closed. If I downgrade to version 2.1.24~rc1.dfsg1+cvs2011-05-23-1, I still see the bug, but 2.1.23.dfsg1-8 works fine. -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.39-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libsasl2-modules-gssapi-mit depends on: ii libc6 2.13-4 Embedded GNU C Library: Shared lib ii libcome 1.41.12-4 common error description library ii libgssa 1.9+dfsg-1+b1 MIT Kerberos runtime libraries - k ii libk5cr 1.9+dfsg-1+b1 MIT Kerberos runtime libraries - C ii libkrb5 1.9+dfsg-1+b1 MIT Kerberos runtime libraries ii libsasl 2.1.24~rc1.dfsg1+cvs2011-05-23-2 Cyrus SASL - pluggable authenticat ii libssl1 1.0.0d-2 SSL shared libraries libsasl2-modules-gssapi-mit recommends no packages. libsasl2-modules-gssapi-mit suggests no packages. -- no debconf information -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
