On 29/05/11 19:51 +0000, brian m. carlson wrote:
Package: libsasl2-modules-gssapi-mit
Version: 2.1.24~rc1.dfsg1+cvs2011-05-23-2
Severity: grave
I use Kerberos 5 for my IMAP and SMTP servers. Previously, everything
worked flawlessly. Now, mutt crashes on trying to store a message in
the Sent folder, and cyrus-clients-2.4's imtest and smtptest report
failure to authenticate with GSSAPI:
lakeview ok % imtest -t "" -m GSSAPI -a bmc -u bmc imap.crustytoothpaste.net
S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
STARTTLS LOGINDISABLED AUTH=GSSAPI] Dovecot ready.
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now.
verify error:num=20:unable to get local issuer certificate
verify error:num=27:certificate not trusted
verify error:num=21:unable to verify the first certificate
TLS connection established: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
AUTH=PLAIN AUTH=GSSAPI
S: C01 OK Pre-login capabilities listed, post-login capabilities have more.
C: A01 AUTHENTICATE GSSAPI
YIICiwYJKoZIhvcSAQICAQBuggJ6MIICdqADAgEFoQMCAQ6iBwMFAAAAAACjggGHYYIBgzCCAX+gAwIBBaEWGxRDUlVTVFlUT09USFBBU1RFLk5FVKIuMCygAwIBA6ElMCMbBGltYXAbG2Nhc3Ryby5jcnVzdHl0b290aHBhc3RlLm5ldKOCAS4wggEqoAMCARKhAwIBA6KCARwEggEY5reXqwcg0WR+ETBz73n1QUtnDTrjSe5vCjmFmk26vFaNU880mW+rcoV4hID9uw6OgTooVQE72qtjeRVhucou5f2Pio5cIJbiHQC6J5vDX8hFwXVT6I7kUJDYxKk35FoO2Ibg48Qr6GWURsuJB5sat8ckKuf4Ak64bCginAO+axm4kwFHHWG+6Kjzdheavd79YpToY5eyY8BoxRcqI3tDIwQOrX1xYK3mQWx38UaVojFDWpy96bpmLARKkxrPrxquzqAlmBTM/mevVMO8QtA6D7zwTSXa69qIi/zrb4c6ooZLtco2VoC996RLxxKWTYHoQGjKDAswkTEG9WqkyJslBap1Xba/s+fs3xQzLrInxLRl+FQTiI4RYqSB1TCB0qADAgESooHKBIHHtDYwVHiLz7F+4HJ+YuBGC+TIbFylSvVX0B8afUMUxyKXYQ4eVu4700nJ5Pj0K3ipY4sZIEZ6TYhSlcMH4TNWwBSb/GV0GM1FC+B9WCwJ0RSEfKf0C49r+De51SUwXPW5rM5aMauKnmbaAiEQ1MCjTnvwTrWHYo/2T21OkouvSrt/2p7aZKaM+P6c5rwVW+DlsGoSooezWVxRvLCf4wArFK2IVbwIsYRXJ38puE2qq8UNyqx1RT6nmM7DUzHfbTATOhQLSdy4nA==
S: +
C: *
Authentication failed. generic failure
Security strength factor: 256
A01 BAD Authentication aborted by client.
L01 LOGOUT
Do you also receive an error without starttls? I just installed
2.1.24~rc1.dfsg1+cvs2011-05-23-2 and was able to reproduce this error, but
only while doing '-t ""', or '-s' (against cyrus imap). I was able to
successfully authenticate with:
$ imtest -m gssapi imap.example.org
I get a segfault with mutt (with or without -s or -t), so this may actually
be two different problems. For both problems, I get the same result
regardless of whether I have libsasl2-modules-gssapi-heimdal or
libsasl2-modules-gssapi-mit installed.
I'll try to do some more troubleshooting, probably later in the week.
--
Dan White
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
