From owner-freebsd-ports Fri Aug 30 0:30:11 2002 Delivered-To: freebsd-ports@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DBFD237B400 for ; Fri, 30 Aug 2002 00:30:04 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5D6C143E6A for ; Fri, 30 Aug 2002 00:30:04 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g7U7U3JU074591 for ; Fri, 30 Aug 2002 00:30:03 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g7U7U3Zc074589; Fri, 30 Aug 2002 00:30:03 -0700 (PDT) Date: Fri, 30 Aug 2002 00:30:03 -0700 (PDT) Message-Id: <200208300730.g7U7U3Zc074589@freefall.freebsd.org> To: freebsd-ports@FreeBSD.org Cc: From: Seva Gluschenko Subject: Re: ports/38801: sasl_apop_patch.gz breaks LOGIN mech (SMTP AUTH) Reply-To: Seva Gluschenko Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR ports/38801; it has been noted by GNATS. From: Seva Gluschenko To: "Scot W. Hetzel" Cc: FreeBSD-gnats-submit@FreeBSD.ORG, Subject: Re: ports/38801: sasl_apop_patch.gz breaks LOGIN mech (SMTP AUTH) Date: Fri, 30 Aug 2002 11:27:03 +0400 (MSD) Hello, Scot, Message of Scot W. Hetzel at Aug 29 22:38 ... SWH> The only problem I had was a mismatch between the servers SWH> 'hostname' and DNS. The problem is that saslpasswd uses SWH> `hostname` found on the system for the default realm. While SWH> sendmail does a DNS lookup to determine the hostname of the mail SWH> server, and then uses it for the SASL realm name. A-ha, got it. That's maybe a real root of problem, 'cause I never tried to reuse another realm. The domain name might be completely different, not just a case variant (that host serves several domains). Pityfully, sendmail provides no information about the realm it asked in its logs, so I didn't recognized the problem myself. Thank you for your point. SWH> I also tested the SASL library without the APOP patch and had the SWH> same problem due to mismatched realms between sendmail and the SWH> sasldb database. SWH> I don't know why you had success with the removal of the APOP SWH> patch, unless someone had changed the case of the DNS entry for SWH> the server, while you were testing. nope, for sure. I'm using cyrus-sasl compiled by hand (not from ports) on several hosts serving many virtual domains and I never had negative experience with that. Right now I have successfully authorized SASL users which use realm taken from 'hostname' while it couldn't be taken from DNS back-resolve at all. SWH> If you could setup a test server, give it another try with the SWH> APOP patch and let us know the results. Not right now, but I'll put it onto pending state. If I have newer information, I'll report. Thank you again. SY, Seva Gluschenko, just stranger on The Road. | http://gvs.rinet.ru/ Cronyx Plus / RiNet network administrator. | GVS-RIPE | GVS3-RIPN To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message