Date: Tue, 28 Jul 2015 21:24:05 +0200 From: Pietro Cerutti <gahr@FreeBSD.org> To: "Herbert J. Skuhra" <herbert@oslo.ath.cx> Cc: freebsd-ports@FreeBSD.org Subject: Re: opensmtpd-5.7.1 - cannot authenticate Message-ID: <20150728192405.GQ45849@ptrcrt.ch> In-Reply-To: <20150728132433.GB45930@oslo.ath.cx> References: <20150727184747.GK45849@ptrcrt.ch> <20150728132433.GB45930@oslo.ath.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
--DiL7RhKs8rK9YGuF Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2015-Jul-28, 15:24, Herbert J. Skuhra wrote: > On Mon, Jul 27, 2015 at 08:47:47PM +0200, Pietro Cerutti wrote: > > Hi, > >=20 > > I tried to upgrade from 5.4.6 to 5.7.1, and suddenly I am unable to > > authenticate. This is from the log file: > >=20 > > Jul 27 17:05:03 mail smtpd[12146]: smtp-in: Failed command on session > > a0516551dc7a4dc4: "AUTH PLAIN (...)" =3D> 501 5.5.2 Syntax error: Syntax > > error > >=20 > > Relevant config lines area > >=20 > > pki mydomain certificate "/usr/local/etc/mail-admin/tls/server.crt" > > pki mydomain key "/usr/local/etc/mail-admin/tls/server.key" > > table credentials file:/usr/local/etc/mail-admin/db/auth-smtp.db > > listen on 192.168.1.1 secure auth-optional <credentials> pki mydomain >=20 > What's the output of 'file /usr/local/etc/mail-admin/db/auth-smtp.db'? > Maybe you need db: not file:? it's an ASCII file, as it was with 5.4.6. As I said, no config (including backend table files) has changed. > > I am able to switch from the 5.4.6 to the 5.7.1 binary and reproduce > > that I can send mail with the former and cannot with the latter. No > > config has changed. >=20 > Have you tried to run 'smtpd -dv' or 'smtpd -dv -T all'? Here's the output from smtpd -dv -T all. Thank you! smtp: 0x802523000: >>> 220 mail.example.com ESMTP OpenSMTPD smtp: 0x802523000: IO_LOWAT <io:0x802523048 fd=3D4 to=3D300000 fl=3DW ib=3D= 0 ob=3D0> smtp: 0x802523000: IO_DATAIN <io:0x802523048 fd=3D4 to=3D300000 fl=3DR ib= =3D16 ob=3D0> smtp: 0x802523000: <<< EHLO example.com filter: new query QK_QUERY QUERY_HELO filter: filter_drain_query 1746ec4c96a16e71[QK_QUERY,QUERY_HELO=3Dexample.c= om,filter_session@0x8024c7480[datalen=3D0,eom=3D0x0,ofile=3D0x0]] filter: filter_end_query 1746ec4c96a16e71[QK_QUERY,QUERY_HELO=3Dexample.com= ,filter_session@0x8024c7480[datalen=3D0,eom=3D0x0,ofile=3D0x0]] filter: query 1746ec4c96a16e71 done: status=3DFILTER_OK code=3D0 response= =3D"(null)" smtp: 0x802523000: STATE_CONNECTED -> STATE_HELO smtp: 0x802523000: >>> 250-mail.example.com Hello example.com [192.168.1.1]= , pleased to meet you smtp: 0x802523000: >>> 250-8BITMIME smtp: 0x802523000: >>> 250-ENHANCEDSTATUSCODES smtp: 0x802523000: >>> 250-SIZE 36700160 smtp: 0x802523000: >>> 250-DSN smtp: 0x802523000: >>> 250-STARTTLS smtp: 0x802523000: >>> 250 HELP smtp: 0x802523000: IO_LOWAT <io:0x802523048 fd=3D4 to=3D300000 fl=3DW ib=3D= 0 ob=3D0> smtp: 0x802523000: IO_DATAIN <io:0x802523048 fd=3D4 to=3D300000 fl=3DR ib= =3D10 ob=3D0> smtp: 0x802523000: <<< STARTTLS smtp: 0x802523000: >>> 220 2.0.0: Ready to start TLS smtp: 0x802523000: STATE_HELO -> STATE_TLS smtp: 0x802523000: IO_LOWAT <io:0x802523048 fd=3D4 to=3D300000 fl=3DW ib=3D= 0 ob=3D0> mproc: pony -> lka : 272 IMSG_SMTP_TLS_INIT imsg: lka <- pony: IMSG_SMTP_TLS_INIT (len=3D272) debug: lka: looking up pki "example.com" mproc: lka -> pony : 2176 IMSG_SMTP_TLS_INIT imsg: pony <- lka: IMSG_SMTP_TLS_INIT (len=3D2176) debug: session_start_ssl: switching to SSL debug: pony: rsae_priv_enc mproc: pony -> ca: allocating 128 mproc: pony -> ca: realloc 128 -> 256 mproc: pony -> ca : 130 IMSG_CA_PRIVENC (flush) imsg: ca <- pony: IMSG_CA_PRIVENC (len=3D130) mproc: ca -> pony: allocating 128 mproc: ca -> pony: realloc 128 -> 1024 mproc: ca -> pony : 535 IMSG_CA_PRIVENC imsg: pony <- ca: IMSG_CA_PRIVENC (len=3D535) smtp: 0x802523000: IO_TLSREADY <io:0x802523048 fd=3D4 to=3D300000 fl=3DR ss= l=3DTLSv1/SSLv3:ECDHE-RSA-AES256-GCM-SHA384:256 ib=3D0 ob=3D0> smtp-in: session 1746ec49080e52e3: TLS started version=3DTLSv1/SSLv3 (TLSv1= =2E2), cipher=3DECDHE-RSA-AES256-GCM-SHA384, bits=3D256 mproc: pony -> control : 43 IMSG_STAT_INCREMENT smtp: 0x802523000: STATE_TLS -> STATE_HELO ramstat: increment: smtp.tls ramstat: smtp.tls (0x802418101): 0 -> 1 smtp: 0x802523000: IO_DATAIN <io:0x802523048 fd=3D4 to=3D300000 fl=3DR ssl= =3DTLSv1/SSLv3:ECDHE-RSA-AES256-GCM-SHA384:256 ib=3D16 ob=3D0> smtp: 0x802523000: <<< EHLO example.com filter: new query QK_QUERY QUERY_HELO filter: filter_drain_query 1746ec4d6ecf7513[QK_QUERY,QUERY_HELO=3Dexample.c= om,filter_session@0x8024c7480[datalen=3D0,eom=3D0x0,ofile=3D0x0]] filter: filter_end_query 1746ec4d6ecf7513[QK_QUERY,QUERY_HELO=3Dexample.com= ,filter_session@0x8024c7480[datalen=3D0,eom=3D0x0,ofile=3D0x0]] filter: query 1746ec4d6ecf7513 done: status=3DFILTER_OK code=3D0 response= =3D"(null)" smtp: 0x802523000: STATE_HELO -> STATE_HELO smtp: 0x802523000: >>> 250-mail.example.com Hello example.com [192.168.1.1]= , pleased to meet you smtp: 0x802523000: >>> 250-8BITMIME smtp: 0x802523000: >>> 250-ENHANCEDSTATUSCODES smtp: 0x802523000: >>> 250-SIZE 36700160 smtp: 0x802523000: >>> 250-DSN smtp: 0x802523000: >>> 250-AUTH PLAIN LOGIN smtp: 0x802523000: >>> 250 HELP smtp: 0x802523000: IO_LOWAT <io:0x802523048 fd=3D4 to=3D300000 fl=3DW ssl= =3DTLSv1/SSLv3:ECDHE-RSA-AES256-GCM-SHA384:256 ib=3D0 ob=3D0> smtp: 0x802523000: IO_DATAIN <io:0x802523048 fd=3D4 to=3D300000 fl=3DR ssl= =3DTLSv1/SSLv3:ECDHE-RSA-AES256-GCM-SHA384:256 ib=3D65 ob=3D0> smtp: 0x802523000: <<< AUTH PLAIN Z2FockBnYWhyLmNoAGdhaHJAZ2Foci5jaABQNkNyd= DcsZ2Focg=3D=3D smtp: 0x802523000: STATE_HELO -> STATE_AUTH_INIT smtp: 0x802523000: >>> 501 5.5.2 Syntax error: Syntax error smtp-in: Failed command on session 1746ec49080e52e3: "AUTH PLAIN (...)" =3D= > 501 5.5.2 Syntax error: Syntax error smtp: 0x802523000: STATE_AUTH_INIT -> STATE_HELO smtp: 0x802523000: IO_LOWAT <io:0x802523048 fd=3D4 to=3D300000 fl=3DW ssl= =3DTLSv1/SSLv3:ECDHE-RSA-AES256-GCM-SHA384:256 ib=3D0 ob=3D0> smtp: 0x802523000: IO_DISCONNECTED <io:0x802523048 fd=3D4 to=3D300000 fl=3D= R ssl=3DTLSv1/SSLv3:ECDHE-RSA-AES256-GCM-SHA384:256 ib=3D0 ob=3D0> smtp-in: session 1746ec49080e52e3: connection from host 192.168.1.1 [192.16= 8.1.1] closed (client disconnected) debug: smtp: 0x802523000: deleting session: disconnected filter: new query QK_EVENT EVENT_DISCONNECT filter: filter_drain_query 1746ec4e1b373188[QK_EVENT,EVENT_DISCONNECT,filte= r_session@0x8024c7480[datalen=3D0,eom=3D0x0,ofile=3D0x0]] filter: filter_end_query 1746ec4e1b373188[QK_EVENT,EVENT_DISCONNECT,filter_= session@0x8024c7480[datalen=3D0,eom=3D0x0,ofile=3D0x0]] mproc: pony -> control : 43 IMSG_STAT_DECREMENT mproc: pony -> control : 47 IMSG_STAT_DECREMENT ramstat: decrement: smtp.tls ramstat: smtp.tls (0x802418101): 1 -> 0 ramstat: decrement: smtp.session ramstat: smtp.session (0x802418101): 1 -> 0 --=20 Pietro Cerutti The FreeBSD Project gahr@FreeBSD.org PGP Public Key: http://gahr.ch/pgp --DiL7RhKs8rK9YGuF Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJVt9bVXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREQTZERTEwNkE1Qjg1NEI4NUREODZENDlB REQwRDM4RUExOTIwODlFAAoJEK3Q046hkgieewUP/2TQg7XTpfGU/6Px0TC2lQJe mrmJhhBhCA2yxGV2OnBMy0YaOHAwyKVK+TsuWUEqSbMrFpEGLhRcnPwZFeOA6OxT 4kA/O1YrjFP3p0N0YUfwUcv1Bvh2t8Er9/7rBCuXA1xnV/TvioDoMwtQmR39Y9j9 xyj+cW+4LpZ1e8+ouGijtFh470YWyH6yJ5Fi4c/FE2Lgjcbl6rr01/eYekiLYg1A pBkxlyQgwL4DB9JF6Q2KTyS2v/c3eB6Fs+tvvTjCR76I32juevk11fjHDsRXtyGc HLIWw2/sPkuQ/ivKvnwC6dWDX7GH+ZIYan3toL93oykfrKLK5whxV8Bp6GegCeNi ERGN0d7Z3tqBOOpGPdjPMYNdTs4yWBcn3JPuoXTS+MDEEFLHxxrI8veXnCgZr1zh WSEHLEiMv8eg7Z0d8hpVS6kG4Z06KN0wXZtHYAIsSyLw3B3C77U51rs9kuvw36NZ xZTUmS04XzPf79aYcd7Q5eCjvO2IJyCYxayC2RnYq1VbJSdHHVSkrMwOPtAiQ3GA hRi6O+qlaTZrnR+l7r85fKJCF0QCs1EWGX9v1uDN9KLuOQrlATLOkSI6nL8Tfgj/ nubaNktqKLd7mZyO8AUgreTxS8CijVrpHx0qlzRpOZT995FxQpQPHI9EKIIX4ibv r975DuZr/GyYhWP/MLX8 =JhIr -----END PGP SIGNATURE----- --DiL7RhKs8rK9YGuF--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150728192405.GQ45849>