Bug#638045: warning: xsasl_cyrus_server_get_mechanism_list: no mechanism available
Sven Joachim
svenjoac at gmx.de
Wed Aug 17 13:05:32 UTC 2011
[ CC'ing postfix maintainer for his opinion. ]
On 2011-08-17 13:53 +0200, Luca Capello wrote:
> On Wed, 17 Aug 2011 11:59:19 +0200, Stefano Zacchiroli wrote:
>> On Tue, Aug 16, 2011 at 09:54:14PM +0200, Johnny Morano wrote:
>>> Postfix is unable to receive mail and unable to send mail via SASL
>>> authentication, after installing the updates of today. These are the
>>> error messages:
>>
>> I can reproduce this in Sid.
>
> /me too.
>
>> Reverting both "libsasl2-2" and "libsasl2-modules" to version
>> 2.1.23.dfsg1-7 fixes the problem.
>
> FWIW, reverting to 2.1.24~rc1.dfsg1+cvs2011-05-23-4 is enough.
>
> BTW, if you use Cyrus SASL authentication in Postfix, you can not
> actually revert libsasl2-2 and libsasl2-modules only, but you need
> to revert sasl2-bin as well because of its versioned dependency.
>
>> I'm setting severity as serious, as it breaks pretty heavily mail
>> delivery for SASL-based postfix configuration. I'm also marking the bug
>> as affecting postfix, as many people will probably look for some issue
>> there.
>
> Thank you, indeed I did not find it during a first look, maybe the title
> should be changed to reflect the IMHO most common error? In my case:
>
> C61E120DDD 2071 Wed Aug 17 10:45:55 luca at pca.it
> (SASL authentication failed; cannot authenticate to server \
> home.pca.it[83.211.85.135]: no mechanism available)
> debian-publicity at lists.debian.org
Here is what I got:
,----
| Aug 17 14:16:59 turtle postfix/smtp[28566]: warning: SASL authentication failure: No worthy mechs found
| Aug 17 14:16:59 turtle postfix/smtp[28566]: 4BD0A3F4F6: SASL authentication failed; cannot authenticate to server mail.gmx.net[213.165.64.20]: no mechanism available
`----
Postfix's SASL_README has this interesting information:
,----
| SASL authentication failure: No worthy mechs found
|
| Note
|
| This same error message will also be logged when the libplain.so or
| liblogin.so modules are not installed in the /usr/lib/sasl2 directory.
`----
And /usr/lib/sasl2 is hardcoded in postfix, see
src/xsasl/xsasl_cyrus_log.c:
int xsasl_getpath(void * context, char ** path)
{
#if SASL_VERSION_MAJOR >= 2
*path = concatenate(var_config_dir, "/", "sasl:/usr/lib/sasl2", (char *) 0);
#else
*path = concatenate(var_config_dir, "/", "sasl:/usr/lib/sasl", (char *) 0);
#endif
return SASL_OK;
}
So this bug has been triggered by the switch to multiarch paths in
cyrus-sasl2, and postfix is to blame for hardcoding /usr/lib/sasl2.
Cheers,
Sven
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list