liuli- at 263 dot net
Date: Fri Jun 04 2004 - 23:54:04 EDT
I have install cyrus-sasl-2.1.18 and openldap-2.1.30 in FreeBSD 4.10,I try auth against ldap using saslauthd,but I've a difficulty in getting testsaslauthd to test for an authentication.
What I did is creating /usr/local/etc/saslauthd.conf:
ldap_servers: ldap://localhost/
ldap_search_base: o=postfix,dc=sww,dc=com
ldap_auth_method: custom
ldap_port: 389
ldap_filter: (&(mail=%u)(objectclass=inetMailUser))
ldap_password_attr: userPassword
and start saslauthd with "/usr/local/sbin/saslauthd -a ldap -O /usr/local/etc/saslauthd.conf"
When I test using "testsaslauthd -u postmaster at sww dot com dot cn -p admin ", I get "0: NO "authentication failed""
The following is openldap's log :
_________________________________________________________________________________________
daemon: activity on 1 descriptors
daemon: activity on: 18r
daemon: read activity on 18
connection_get(18)
connection_get(18): got connid=11
connection_read(18): checking for input on id=11
ber_get_next
ldap_read: want=8, got=8
0000: 30 7c 02 01 03 63 77 04 0|...cw.
ldap_read: want=118, got=118
0000: 18 6f 3d 70 6f 73 74 66 69 78 2c 64 63 3d 73 77 .o=postfix,dc=sw
0010: 77 2c 64 63 3d 63 6f 6d 20 0a 01 02 0a 01 00 02 w,dc=com .......
0020: 01 01 02 01 05 01 01 00 a0 3c a3 1d 04 04 6d 61 .........<....ma
0030: 69 6c 04 15 70 6f 73 74 6d 61 73 74 65 72 40 73 il dot dot postmaster at s
0040: 77 77 2e 63 6f 6d 2e 63 6e a3 1b 04 0b 6f 62 6a ww.com.cn....obj
0050: 65 63 74 63 6c 61 73 73 04 0c 69 6e 65 74 4d 61 ectclass..inetMa
0060: 69 6c 55 73 65 72 30 0e 04 0c 75 73 65 72 50 61 ilUser0...userPa
0070: 73 73 77 6f 72 64 ssword
ber_get_next: tag 0x30 len 124 contents:
ber_dump: buf=0x08286f80 ptr=0x08286f80 end=0x08286ffc len=124
0000: 02 01 03 63 77 04 18 6f 3d 70 6f 73 74 66 69 78 ...cw..o=postfix
0010: 2c 64 63 3d 73 77 77 2c 64 63 3d 63 6f 6d 20 0a ,dc=sww,dc=com .
0020: 01 02 0a 01 00 02 01 01 02 01 05 01 01 00 a0 3c ...............<
0030: a3 1d 04 04 6d 61 69 6c 04 15 70 6f 73 74 6d 61 ....mail..postma
0040: 73 74 65 72 40 73 77 77 2e 63 6f 6d 2e 63 6e a3 ster at sww dot com dot cn dot
0050: 1b 04 0b 6f 62 6a 65 63 74 63 6c 61 73 73 04 0c ...objectclass..
0060: 69 6e 65 74 4d 61 69 6c 55 73 65 72 30 0e 04 0c inetMailUser0...
0070: 75 73 65 72 50 61 73 73 77 6f 72 64 userPassword
ber_get_next
ldap_read: want=8 error=Resource temporarily unavailable
ber_get_next on fd 18 failed errno=35 (Resource temporarily unavailable)
do_search
ber_scanf fmt ({miiiib) ber:
ber_dump: buf=0x08286f80 ptr=0x08286f83 end=0x08286ffc len=121
0000: 63 77 04 18 6f 3d 70 6f 73 74 66 69 78 2c 64 63 cw..o=postfix,dc
0010: 3d 73 77 77 2c 64 63 3d 63 6f 6d 20 0a 01 02 0a =sww,dc=com ....
0020: 01 00 02 01 01 02 01 05 01 01 00 a0 3c a3 1d 04 ............<...
0030: 04 6d 61 69 6c 04 15 70 6f 73 74 6d 61 73 74 65 .mail..postmaste
0040: 72 40 73 77 77 2e 63 6f 6d 2e 63 6e a3 1b 04 0b r at sww dot com dot cn dot dot dot dot
0050: 6f 62 6a 65 63 74 63 6c 61 73 73 04 0c 69 6e 65 objectclass..ine
0060: 74 4d 61 69 6c 55 73 65 72 30 0e 04 0c 75 73 65 tMailUser0...use
0070: 72 50 61 73 73 77 6f 72 64 rPassword
>>> dnPrettyNormal: <o=postfix,dc=sww,dc=com >
=> ldap_bv2dn(o=postfix,dc=sww,dc=com ,0)
<= ldap_bv2dn(o=postfix,dc=sww,dc=com ,0)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(o=postfix,dc=sww,dc=com,272)=0
=> ldap_dn2bv(272)
<= ldap_dn2bv(o=postfix,dc=sww,dc=com,272)=0
<<< dnPrettyNormal: <o=postfix,dc=sww,dc=com>, <o=postfix,dc=sww,dc=com>
SRCH "o=postfix,dc=sww,dc=com " 2 0 1 5 0
begin get_filter
AND
begin get_filter_list
begin get_filter
EQUALITY
ber_scanf fmt ({mm}) ber:
ber_dump: buf=0x08286f80 ptr=0x08286fb0 end=0x08286ffc len=76
0000: a3 1d 04 04 6d 61 69 6c 04 15 70 6f 73 74 6d 61 ....mail..postma
0010: 73 74 65 72 40 73 77 77 2e 63 6f 6d 2e 63 6e a3 ster at sww dot com dot cn dot
0020: 1b 04 0b 6f 62 6a 65 63 74 63 6c 61 73 73 04 0c ...objectclass..
0030: 69 6e 65 74 4d 61 69 6c 55 73 65 72 30 0e 04 0c inetMailUser0...
0040: 75 73 65 72 50 61 73 73 77 6f 72 64 userPassword
end get_filter 0
begin get_filter
EQUALITY
ber_scanf fmt ({mm}) ber:
ber_dump: buf=0x08286f80 ptr=0x08286fcf end=0x08286ffc len=45
0000: 00 1b 04 0b 6f 62 6a 65 63 74 63 6c 61 73 73 04 ....objectclass.
0010: 0c 69 6e 65 74 4d 61 69 6c 55 73 65 72 30 0e 04 .inetMailUser0..
0020: 0c 75 73 65 72 50 61 73 73 77 6f 72 64 .userPassword
end get_filter 0
end get_filter_list
end get_filter 0
filter: (&(mail=postmaster at sww dot com dot cn)(objectClass=inetMailUser))
ber_scanf fmt ({M}}) ber:
ber_dump: buf=0x08286f80 ptr=0x08286fec end=0x08286ffc len=16
0000: 00 0e 04 0c 75 73 65 72 50 61 73 73 77 6f 72 64 ....userPassword
attrs: userPassword
conn=11 op=2 SRCH base="o=postfix,dc=sww,dc=com" scope=2 filter="(&(mail=postmaster at sww dot com dot cn)(objectClass=inetMailUser))"
conn=11 op=2 SRCH attr=userPassword
=> ldbm_back_search
dn2entry_r: dn: "o=postfix,dc=sww,dc=com"
=> dn2id( "o=postfix,dc=sww,dc=com" )
====> cache_find_entry_dn2id("o=postfix,dc=sww,dc=com"): 3 (1 tries)
<= dn2id 3 (in cache)
=> id2entry_r( 3 )
====> cache_find_entry_id( 3 ) "o=postfix,dc=sww,dc=com" (found) (1 tries)
<= id2entry_r( 3 ) 0x8245ac0 (cache)
search_candidates: base="o=postfix,dc=sww,dc=com" s=2 d=0
=> filter_candidates
AND
=> list_candidates 0xa0
=> filter_candidates
DN SUBTREE
=> dn2idl( "@o=postfix,dc=sww,dc=com" )
=> ldbm_cache_open( "dn2id.dbb", 73, 600 )
<= ldbm_cache_open (cache 0)
<= filter_candidates 1
=> filter_candidates
OR
=> list_candidates 0xa1
=> filter_candidates
EQUALITY
=> equality_candidates
=> ldbm_cache_open( "objectClass.dbb", 73, 600 )
<= ldbm_cache_open (cache 3)
=> key_read
<= index_read 0 candidates
<= equality_candidates NULL
<= equality_candidates 0
<= filter_candidates 0
=> filter_candidates
AND
=> list_candidates 0xa0
=> filter_candidates
EQUALITY
=> equality_candidates
=> ldbm_cache_open( "mail.dbb", 73, 600 )
<= ldbm_cache_open (cache 4)
=> key_read
<= index_read 0 candidates
<= equality_candidates NULL
<= equality_candidates 0
<= filter_candidates 0
<= list_candidates NULL
idl_free: called with NULL pointer
<= filter_candidates 0
<= list_candidates 0
<= filter_candidates 0
<= list_candidates NULL
<= filter_candidates 0
====> cache_return_entry_r( 3 ): returned (0)
ldbm_search: no candidates
send_search_result: err=0 matched="" text=""
send_ldap_response: msgid=3 tag=101 err=0
ber_flush: 14 bytes to sd 18
0000: 30 0c 02 01 03 65 07 0a 01 00 04 00 04 00 0....e........
ldap_write: want=14, written=14
0000: 30 0c 02 01 03 65 07 0a 01 00 04 00 04 00 0....e........
conn=11 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
daemon: select: listen=8 active_threads=0 tvp=NULL
__________________________________________________________________________________
Can anyone tell me what did I do wrongly?
Thanks!
==========================
263电子邮件-信赖邮自专业
|
|
|