[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [pysieved] Authentication problem
- From: Koen Vermeer <koen at vermeer dot tv>
- Subject: Re: [pysieved] Authentication problem
- Date: Thu, 19 Apr 2007 20:24:51 +0200
I did a quick hack to get dovecot-auth to work - see attachment.
Currently, it just does plaintext authentication, but I guess I could
try to add more methods if people need that. Any comments are welcome!
Koen
Op do, 19-04-2007 te 16:35 +0200, schreef Koen Vermeer:
> I did some more testing, and it seems that the sasl authentication just
> doesn't work with dovecot-auth. Did anyone actually managed to use this?
>
> According to dovecot's docs, there should be some handshaking first. In
> the pysieved file auth/sasl.py, I couldn't find anything resembling
> that. Instead, pysieved just sends the authentication details, and reads
> from the socket. So, in effect, it reads the handshake data, and
> interprets that as the response to the authentication. Obviously, that
> fails.
>
> Do we need a dovecot-auth specific sasl.py?
>
> Koen
>
>
> On Thu, 2007-04-19 at 10:48 +0200, Koen Vermeer wrote:
> > Hi,
> >
> > I'm trying to get pysieved to work, but I'm having some trouble. After
> > log in in Squirrelmail and clicking on 'Filters' (avelsieve plugin), I
> > get an error in pysieved as shown below:
> >
> > black:/usr/local/lib/pysieved# python ./pysieved.py -d -d -d -c
> > pysieved.ini
> > 1176971740.02 == Connect from ('127.0.0.1', 2408)
> > 1176971740.02 S: '"IMPLEMENTATION" "pysieved 0.9+DEV"\r\n'
> > 1176971740.03 S: '"SASL" "PLAIN"\r\n'
> > 1176971740.03 S: '"SIEVE" "fileinto reject envelope vacation imapflags
> > notify subaddress relational comparator-i;ascii-numeric"\r\n'
> > 1176971740.04 C: 'OK\r\n'
> > 1176971740.04 C: 'AUTHENTICATE "PLAIN" {48+}'
> > 1176971740.04 C: '[===removed===]'
> > 1176971740.04 C: ''
> > AUTH: Auth returns 'CH\tPLAIN\tplaintext\nVERSION\t1\t0\nSPID\t2395
> > \nCUID\t6769\nDONE\n'
> > 1176971740.08 C: 'NO "Bad username or password"\r\n'
> > 1176971740.32 == done
> >
> > I login with my full email address in squirrelmail, which I also use in
> > dovecot. I have attached my pysieved.ini. Can anyone give me a clue on
> > why it fails?
> >
> > Thanks!
> >
> > Koen
>
>
#! /usr/bin/python
## dovecot-auth - Dovecot sasl authentication for pysieved
## Copyright (C) 2007 Neale Pickett, Koen Vermeer
## Based on auth.py, part of pysieved, copyright Neale Pickett
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; either version 2 of the License, or (at
## your option) any later version.
## This program is distributed in the hope that it will be useful, but
## WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
## General Public License for more details.
## You should have received a copy of the GNU General Public License
## along with this program; if not, write to the Free Software
## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
## USA
import __init__
import socket
import struct
import base64
import os
def pack(s):
return struct.pack('!H', len(s)) + s
class new(__init__.Auth):
def init(self, config):
self.mux = config.get('SASL', 'mux', '/var/run/saslauthd/mux')
self.service = config.get('SASL', 'service', 'pysieved')
self.pid = os.getpid()
def sasl(self, *args):
s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
s.connect(self.mux)
handshake_string = s.recv(1024)
# print handshake_string
s.sendall('VERSION\t1\t0\nCPID\t%d\n' % self.pid)
# print args
auth_string = 'AUTH\t%d\tPLAIN\tservice=%s\tresp=%s' % (self.pid, args[2], base64.b64encode(args[0] + '\0' + args[0] + '\0' + args[1]))
# print auth_string
s.sendall(auth_string + '\n')
r = s.recv(1024)
return r
def auth(self, username, passwd):
ret = self.sasl(username, passwd, self.service, '')
self.log(2, 'Auth returns %r' % ret)
if ret.startswith('OK'):
return True
return False
if __name__ == '__main__':
import sys
class C:
def get(self, section, key, default):
return default
n = new(C())
print n.auth(*sys.argv[1:])