saslatuthd and opendlap

liuli- at 263 dot net
Date: Fri Jun 04 2004 - 23:54:04 EDT

  • Next message: Igor Brezac: "Re: saslatuthd and opendlap"

         I have install cyrus-sasl-2.1.18 and openldap-2.1.30 in FreeBSD 4.10,I try auth against ldap using saslauthd,but I've a difficulty in getting testsaslauthd to test for an authentication.
         What I did is creating /usr/local/etc/saslauthd.conf:
    ldap_servers: ldap://localhost/
    ldap_search_base: o=postfix,dc=sww,dc=com
    ldap_auth_method: custom
    ldap_port: 389
    ldap_filter: (&(mail=%u)(objectclass=inetMailUser))
    ldap_password_attr: userPassword
        and start saslauthd with "/usr/local/sbin/saslauthd -a ldap -O /usr/local/etc/saslauthd.conf"
        When I test using "testsaslauthd -u postmaster at sww dot com dot cn -p admin ", I get "0: NO "authentication failed""
        The following is openldap's log :

    _________________________________________________________________________________________
    daemon: activity on 1 descriptors
    daemon: activity on: 18r
    daemon: read activity on 18
    connection_get(18)
    connection_get(18): got connid=11
    connection_read(18): checking for input on id=11
    ber_get_next
    ldap_read: want=8, got=8
      0000: 30 7c 02 01 03 63 77 04 0|...cw.
    ldap_read: want=118, got=118
      0000: 18 6f 3d 70 6f 73 74 66 69 78 2c 64 63 3d 73 77 .o=postfix,dc=sw
      0010: 77 2c 64 63 3d 63 6f 6d 20 0a 01 02 0a 01 00 02 w,dc=com .......
      0020: 01 01 02 01 05 01 01 00 a0 3c a3 1d 04 04 6d 61 .........<....ma
      0030: 69 6c 04 15 70 6f 73 74 6d 61 73 74 65 72 40 73 il dot dot postmaster at s
      0040: 77 77 2e 63 6f 6d 2e 63 6e a3 1b 04 0b 6f 62 6a ww.com.cn....obj
      0050: 65 63 74 63 6c 61 73 73 04 0c 69 6e 65 74 4d 61 ectclass..inetMa
      0060: 69 6c 55 73 65 72 30 0e 04 0c 75 73 65 72 50 61 ilUser0...userPa
      0070: 73 73 77 6f 72 64 ssword
    ber_get_next: tag 0x30 len 124 contents:
    ber_dump: buf=0x08286f80 ptr=0x08286f80 end=0x08286ffc len=124
      0000: 02 01 03 63 77 04 18 6f 3d 70 6f 73 74 66 69 78 ...cw..o=postfix
      0010: 2c 64 63 3d 73 77 77 2c 64 63 3d 63 6f 6d 20 0a ,dc=sww,dc=com .
      0020: 01 02 0a 01 00 02 01 01 02 01 05 01 01 00 a0 3c ...............<
      0030: a3 1d 04 04 6d 61 69 6c 04 15 70 6f 73 74 6d 61 ....mail..postma
      0040: 73 74 65 72 40 73 77 77 2e 63 6f 6d 2e 63 6e a3 ster at sww dot com dot cn dot
      0050: 1b 04 0b 6f 62 6a 65 63 74 63 6c 61 73 73 04 0c ...objectclass..
      0060: 69 6e 65 74 4d 61 69 6c 55 73 65 72 30 0e 04 0c inetMailUser0...
      0070: 75 73 65 72 50 61 73 73 77 6f 72 64 userPassword
    ber_get_next
    ldap_read: want=8 error=Resource temporarily unavailable
    ber_get_next on fd 18 failed errno=35 (Resource temporarily unavailable)
    do_search
    ber_scanf fmt ({miiiib) ber:
    ber_dump: buf=0x08286f80 ptr=0x08286f83 end=0x08286ffc len=121
      0000: 63 77 04 18 6f 3d 70 6f 73 74 66 69 78 2c 64 63 cw..o=postfix,dc
      0010: 3d 73 77 77 2c 64 63 3d 63 6f 6d 20 0a 01 02 0a =sww,dc=com ....
      0020: 01 00 02 01 01 02 01 05 01 01 00 a0 3c a3 1d 04 ............<...
      0030: 04 6d 61 69 6c 04 15 70 6f 73 74 6d 61 73 74 65 .mail..postmaste
      0040: 72 40 73 77 77 2e 63 6f 6d 2e 63 6e a3 1b 04 0b r at sww dot com dot cn dot dot dot dot
      0050: 6f 62 6a 65 63 74 63 6c 61 73 73 04 0c 69 6e 65 objectclass..ine
      0060: 74 4d 61 69 6c 55 73 65 72 30 0e 04 0c 75 73 65 tMailUser0...use
      0070: 72 50 61 73 73 77 6f 72 64 rPassword
    >>> dnPrettyNormal: <o=postfix,dc=sww,dc=com >
    => ldap_bv2dn(o=postfix,dc=sww,dc=com ,0)
    <= ldap_bv2dn(o=postfix,dc=sww,dc=com ,0)=0
    => ldap_dn2bv(272)
    <= ldap_dn2bv(o=postfix,dc=sww,dc=com,272)=0
    => ldap_dn2bv(272)
    <= ldap_dn2bv(o=postfix,dc=sww,dc=com,272)=0
    <<< dnPrettyNormal: <o=postfix,dc=sww,dc=com>, <o=postfix,dc=sww,dc=com>
    SRCH "o=postfix,dc=sww,dc=com " 2 0 1 5 0
    begin get_filter
    AND
    begin get_filter_list
    begin get_filter
    EQUALITY
    ber_scanf fmt ({mm}) ber:
    ber_dump: buf=0x08286f80 ptr=0x08286fb0 end=0x08286ffc len=76
      0000: a3 1d 04 04 6d 61 69 6c 04 15 70 6f 73 74 6d 61 ....mail..postma
      0010: 73 74 65 72 40 73 77 77 2e 63 6f 6d 2e 63 6e a3 ster at sww dot com dot cn dot
      0020: 1b 04 0b 6f 62 6a 65 63 74 63 6c 61 73 73 04 0c ...objectclass..
      0030: 69 6e 65 74 4d 61 69 6c 55 73 65 72 30 0e 04 0c inetMailUser0...
      0040: 75 73 65 72 50 61 73 73 77 6f 72 64 userPassword
    end get_filter 0
    begin get_filter
    EQUALITY
    ber_scanf fmt ({mm}) ber:
    ber_dump: buf=0x08286f80 ptr=0x08286fcf end=0x08286ffc len=45
      0000: 00 1b 04 0b 6f 62 6a 65 63 74 63 6c 61 73 73 04 ....objectclass.
      0010: 0c 69 6e 65 74 4d 61 69 6c 55 73 65 72 30 0e 04 .inetMailUser0..
      0020: 0c 75 73 65 72 50 61 73 73 77 6f 72 64 .userPassword
    end get_filter 0
    end get_filter_list
    end get_filter 0
        filter: (&(mail=postmaster at sww dot com dot cn)(objectClass=inetMailUser))
    ber_scanf fmt ({M}}) ber:
    ber_dump: buf=0x08286f80 ptr=0x08286fec end=0x08286ffc len=16
      0000: 00 0e 04 0c 75 73 65 72 50 61 73 73 77 6f 72 64 ....userPassword
        attrs: userPassword
    conn=11 op=2 SRCH base="o=postfix,dc=sww,dc=com" scope=2 filter="(&(mail=postmaster at sww dot com dot cn)(objectClass=inetMailUser))"
    conn=11 op=2 SRCH attr=userPassword
    => ldbm_back_search
    dn2entry_r: dn: "o=postfix,dc=sww,dc=com"
    => dn2id( "o=postfix,dc=sww,dc=com" )
    ====> cache_find_entry_dn2id("o=postfix,dc=sww,dc=com"): 3 (1 tries)
    <= dn2id 3 (in cache)
    => id2entry_r( 3 )
    ====> cache_find_entry_id( 3 ) "o=postfix,dc=sww,dc=com" (found) (1 tries)
    <= id2entry_r( 3 ) 0x8245ac0 (cache)
    search_candidates: base="o=postfix,dc=sww,dc=com" s=2 d=0
    => filter_candidates
            AND
    => list_candidates 0xa0
    => filter_candidates
            DN SUBTREE
    => dn2idl( "@o=postfix,dc=sww,dc=com" )
    => ldbm_cache_open( "dn2id.dbb", 73, 600 )
    <= ldbm_cache_open (cache 0)
    <= filter_candidates 1
    => filter_candidates
            OR
    => list_candidates 0xa1
    => filter_candidates
            EQUALITY
    => equality_candidates
    => ldbm_cache_open( "objectClass.dbb", 73, 600 )
    <= ldbm_cache_open (cache 3)
    => key_read
    <= index_read 0 candidates
    <= equality_candidates NULL
    <= equality_candidates 0
    <= filter_candidates 0
    => filter_candidates
            AND
    => list_candidates 0xa0
    => filter_candidates
            EQUALITY
    => equality_candidates
    => ldbm_cache_open( "mail.dbb", 73, 600 )
    <= ldbm_cache_open (cache 4)
    => key_read
    <= index_read 0 candidates
    <= equality_candidates NULL
    <= equality_candidates 0
    <= filter_candidates 0
    <= list_candidates NULL
    idl_free: called with NULL pointer
    <= filter_candidates 0
    <= list_candidates 0
    <= filter_candidates 0
    <= list_candidates NULL
    <= filter_candidates 0
    ====> cache_return_entry_r( 3 ): returned (0)
    ldbm_search: no candidates
    send_search_result: err=0 matched="" text=""
    send_ldap_response: msgid=3 tag=101 err=0
    ber_flush: 14 bytes to sd 18
      0000: 30 0c 02 01 03 65 07 0a 01 00 04 00 04 00 0....e........
    ldap_write: want=14, written=14
      0000: 30 0c 02 01 03 65 07 0a 01 00 04 00 04 00 0....e........
    conn=11 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
    daemon: select: listen=8 active_threads=0 tvp=NULL

    __________________________________________________________________________________

    Can anyone tell me what did I do wrongly?
    Thanks!

    ==========================
    263电子邮件-信赖邮自专业


  • Next message: Igor Brezac: "Re: saslatuthd and opendlap"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD