imapd: several problems with each version

Fri Aug 1 17:52:00 GMT 2003

I have spent days scavenging the list archives and the web, and pieced 
together a lot of helpful info, but I'm not out of the woods yet...  I 
can't get a single version of imapd fully functional, between the 
latest Cygwin package (2002d) and the last to be posted on the 
Sourceforge project (2000a).  Here is a list of what I'm seeing:

1) The README.cygwin needs to be updated in the 2002d Cygwin package.  
It leaves out the bullet which states that "Everyone" and "SYSTEM" must 
be added to the /etc/passwd file.  This statement was previously 
included in the Sourceforge port, but seems to have been taken out.  My 
vanilla Cygwin install had the SYSTEM account at UID 18, but Everyone 
at UID 0 had to be added manually.  If it's not a security issue, maybe 
that could be added to the base install, or fixed with a postinstall 
script.  The uw-imapd doc even states that the README.cygwin was taken 
from the Sourceforge port, which really threw me off since I never 
thought to look back at the port docs...

2) When I compile the Sourceforge 2000a code from source, I get a 
server which works perfectly, except the SSL certificate chain is not 
followed properly.  I can initiate a TLS session, but imapd does not 
use my trust chain.  I did properly link /usr/ssl/certs/uw-imapd.pem to 
the file /usr/ssl/certs/chain.pem, which contains my private key, 
public key, and intermediate trust key, all in that order.  I know this 
is no longer the version supported by Cygwin, but I thought I'd mention 
it anyway for others out there.

3) When I install the latest Cygwin package, 2002d-1, I get a server 
which will launch fine, traverses my certificate chain fine (the 
intermediate authority I appended to the PEM file is found and used), 
but will not authenticate anyone!  I tried all different types of 
authentication (unencrypted plain, encrypted plain, and CRAM-MD5), but 
the service just doesn't accept my password.  I know that my 
/etc/cram-md5.pwd file is OK, since it worked with the 2000a version, 
unless the code base for using that file has changed since then.  I 
have tried all the obvious stuff -- making sure the file is mode 400 
and owned by SYSTEM:None, making sure it has UNIX newlines, making sure 
the users are mirrored in /etc/passwd -- but nothing will get imapd to 
accept the password.

I am running the daemon in both cases with inetd, which is running as a 
service on Windows 2000.  If anyone has any ideas on what could be 
causing the logins to fail on the latest version, I would be forever 
grateful.  It's the only thing left not working after days of trying.

Thanks!
Kevin

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/