Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com X-Sent: 2 Aug 2003 04:04:45 GMT From: "Abe Backus" To: Subject: RE: imapd: several problems with each version Date: Fri, 1 Aug 2003 21:04:36 -0700 Message-ID: <001901c358ab$33863070$5400a8c0@xppro8200> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Priority: 3 (Normal) X-MSMail-Priority: Normal In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id h72456k15861 Kevin, I removed the sections of the README that have to do with modifying /etc/passwd because from what I've seen, the latest imapd (or maybe it's the latest cygwin?) is able to authenticate properly without having your password encrypted in /etc/passwd. I haven't tried the cram-md5 stuff, so I can't really guess whether anything changed there, although the code has changed quite a bit from 2000a to 2002d. A few months ago, I encountered a windows permissions issue that prevented my inetd service from working properly. Check your NT Event Log for messages from uw-imapd or inetd. Mine said something about "Socket Operation on Non Socket". I don't get these anymore with 1.5.x cygwin :) -Abe -----Original Message----- 1) The README.cygwin needs to be updated in the 2002d Cygwin package. It leaves out the bullet which states that "Everyone" and "SYSTEM" must be added to the /etc/passwd file. This statement was previously included in the Sourceforge port, but seems to have been taken out. My vanilla Cygwin install had the SYSTEM account at UID 18, but Everyone at UID 0 had to be added manually. If it's not a security issue, maybe that could be added to the base install, or fixed with a postinstall script. The uw-imapd doc even states that the README.cygwin was taken from the Sourceforge port, which really threw me off since I never thought to look back at the port docs... 2) When I compile the Sourceforge 2000a code from source, I get a server which works perfectly, except the SSL certificate chain is not followed properly. I can initiate a TLS session, but imapd does not use my trust chain. I did properly link /usr/ssl/certs/uw-imapd.pem to the file /usr/ssl/certs/chain.pem, which contains my private key, public key, and intermediate trust key, all in that order. I know this is no longer the version supported by Cygwin, but I thought I'd mention it anyway for others out there. 3) When I install the latest Cygwin package, 2002d-1, I get a server which will launch fine, traverses my certificate chain fine (the intermediate authority I appended to the PEM file is found and used), but will not authenticate anyone! I tried all different types of authentication (unencrypted plain, encrypted plain, and CRAM-MD5), but the service just doesn't accept my password. I know that my /etc/cram-md5.pwd file is OK, since it worked with the 2000a version, unless the code base for using that file has changed since then. I have tried all the obvious stuff -- making sure the file is mode 400 and owned by SYSTEM:None, making sure it has UNIX newlines, making sure the users are mirrored in /etc/passwd -- but nothing will get imapd to accept the password. I am running the daemon in both cases with inetd, which is running as a service on Windows 2000. If anyone has any ideas on what could be causing the logins to fail on the latest version, I would be forever grateful. It's the only thing left not working after days of trying. Thanks! Kevin -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/