[Akonadi] [Bug 456022] New: sasl2-kdexoauth2 does not work when support packet for xoauth2 via postfix (sasl-xoauth2) is used
Freek de Kruijf
bugzilla_noreply at kde.org
Mon Jun 27 10:43:59 BST 2022
https://bugs.kde.org/show_bug.cgi?id=456022
Bug ID: 456022
Summary: sasl2-kdexoauth2 does not work when support packet for
xoauth2 via postfix (sasl-xoauth2) is used
Product: Akonadi
Version: unspecified
Platform: openSUSE RPMs
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: Gmail resource
Assignee: dvratil at kde.org
Reporter: freekdekruijf at kde.nl
CC: kdepim-bugs at kde.org
Target Milestone: ---
I have a workstation which uses KDE Kontact, but also has a postfix server,
mainly used as client. Since Google requires xoauth2 for sending email via
KMail and via postfix, postfix needs the packet sasl-xoauth2 which puts a
plugin in /usr/lib64/sasl2/ for supporting xoauth2 in postfix. There is also a
plugin kdexoauth2 which supports xoauth2 for e-mail send by KMail via
smtp.gmail.com using akonadi.
When the plugin from sasl-xoauth2 is present in /usr/lib64/sasl2/ I am unable
to send email from KMail via smtp.gmail.com. Removing the plugin restores the
KMail functionality.
Apparently the akonadi process to send email using authorization with xoauth2
does not use the plugin kdexoauth2, but more likely the plugin from
sasl-xoauth2, which fails.
"pluginviewer -c" with both plugins present shows:
Installed and properly configured SASL (client side) mechanisms are:
GSS-SPNEGO GSSAPI DIGEST-MD5 EXTERNAL CRAM-MD5 XOAUTH2 XOAUTH2 PLAIN LOGIN
ANONYMOUS
Available SASL (client side) mechanisms matching your criteria are:
GSS-SPNEGO GSSAPI DIGEST-MD5 EXTERNAL CRAM-MD5 XOAUTH2 XOAUTH2 PLAIN LOGIN
ANONYMOUS
List of client plugins follows
Plugin "gssapiv2" [loaded], API version: 4
SASL mechanism: GSS-SPNEGO, best SSF: 256
security flags:
NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features:
WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN|SUPPORTS_HTTP
Plugin "gssapiv2" [loaded], API version: 4
SASL mechanism: GSSAPI, best SSF: 256
security flags:
NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN
Plugin "digestmd5" [loaded], API version: 4
SASL mechanism: DIGEST-MD5, best SSF: 128
security flags: NO_ANONYMOUS|NO_PLAINTEXT|MUTUAL_AUTH
features: PROXY_AUTHENTICATION|NEED_SERVER_FQDN|SUPPORTS_HTTP
Plugin "EXTERNAL" [loaded], API version: 4
SASL mechanism: EXTERNAL, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_DICTIONARY
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "crammd5" [loaded], API version: 4
SASL mechanism: CRAM-MD5, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT
features: SERVER_FIRST
Plugin "sasl-xoauth2" [loaded], API version: 4
SASL mechanism: XOAUTH2, best SSF: 60
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "kdexoauth2" [loaded], API version: 4
SASL mechanism: XOAUTH2, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "plain" [loaded], API version: 4
SASL mechanism: PLAIN, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "login" [loaded], API version: 4
SASL mechanism: LOGIN, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: SERVER_FIRST
Plugin "anonymous" [loaded], API version: 4
SASL mechanism: ANONYMOUS, best SSF: 0
security flags: NO_PLAINTEXT
features: WANT_CLIENT_FIRST
Note "sasl-xoauth2" shows an SSF of 60, which to my knowledge is a priority,
which differs from the SSF of "kdexoauth2", which is 0. From the information in
the packet sasl-xoauth2 this 60 is needed to make it work in postfix.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Kdepim-bugs
mailing list