NTLM: incorrect bytecount for NEGPROT response data
in [Debian]
|
From: Alexey Lobanov on 26 Jul 2010 04:20 Hello all. I use several Debian servers running since 2005. All them use Samba->NTLM->Cyrus SASL authentication chain for Cyrus IMAP and Postfix SMTP services, in very trivial form: pwcheck_method: saslauthd mech_list: plain ntlm ntlm_server: 127.0.0.1 The problem: upon upgrade from Samba 3.0 to Samba 3.2, the NTLM athentication dies both for SMTP and IMAP clients, with the following log records: Jul 22 17:40:22 obolon postfix/smtpd[26140]: NTLM server step 1 Jul 22 17:40:22 obolon postfix/smtpd[26140]: client flags: ffff8207 Jul 22 17:40:22 obolon postfix/smtpd[26140]: NTLM: incorrect bytecount for NEGPROT response data Same happens both with Debian-provided Samba (3.2.5 in Lenny) and with self-built Samba 3.2.4; no difference. Old self-built Samba 3.0.25 authenticates SASL clents fine, without any problems. Can anyone offer any explanations, configuration changes or diagnostic tests? Alexey -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4C4D43A0.4040509(a)gctrials.com
From: Alexey Lobanov on 28 Jul 2010 09:10 Self-reply. The essence of problem seems to be the stalled Cyrus SASL version in Debian. Both 2.1.22 in Stable and 2.1.23 in Testing have "plugins/ntlm.c" code unchanged since 2005. This piece of code had been patched by CMU team intensively in 2009 only, in version 2.1.24. So, I still do not know what to do with production servers. Either to freeze Samba at 3.0.X or compile Cyrus SASL 2.1.24 from source. Alexey On 26/07/10 12:13, Alexey Lobanov wrote: > Hello all. > > I use several Debian servers running since 2005. All them use > Samba->NTLM->Cyrus SASL authentication chain for Cyrus IMAP and Postfix > SMTP services, in very trivial form: > > pwcheck_method: saslauthd > mech_list: plain ntlm > ntlm_server: 127.0.0.1 > > The problem: upon upgrade from Samba 3.0 to Samba 3.2, the NTLM > athentication dies both for SMTP and IMAP clients, with the following > log records: > > Jul 22 17:40:22 obolon postfix/smtpd[26140]: NTLM server step 1 > Jul 22 17:40:22 obolon postfix/smtpd[26140]: client flags: ffff8207 > Jul 22 17:40:22 obolon postfix/smtpd[26140]: NTLM: incorrect bytecount > for NEGPROT response data > > Same happens both with Debian-provided Samba (3.2.5 in Lenny) and with > self-built Samba 3.2.4; no difference. Old self-built Samba 3.0.25 > authenticates SASL clents fine, without any problems. > > Can anyone offer any explanations, configuration changes or diagnostic > tests? > > Alexey > > -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4C502B60.2010804(a)gctrials.com
|
Pages: 1 Prev: Error during safe-upgrade: unable to stat `./mnt' Next: COM-port (RS-232) problems |