| Summary: | Cannot connect to Gmail server | ||
|---|---|---|---|
| Product: | [Frameworks and Libraries] kimap | Reporter: | Luis Silva <lacsilva> |
| Component: | general | Assignee: | kdepim bugs <kdepim-bugs> |
| Status: | RESOLVED DOWNSTREAM | ||
| Severity: | critical | CC: | arojas, dvratil, scarpino |
| Priority: | NOR | ||
| Version: | git | ||
| Target Milestone: | --- | ||
| Platform: | Neon | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed In: | ||
| Sentry Crash Report: | |||
|
Description
Luis Silva
2017-04-17 14:16:12 UTC
Please provide output of "pluginviewer -c" > saslpluginviewer -c
Installed and properly configured SASL (client side) mechanisms are:
GSS-SPNEGO GSSAPI DIGEST-MD5 EXTERNAL NTLM CRAM-MD5 LOGIN PLAIN ANONYMOUS
Available SASL (client side) mechanisms matching your criteria are:
GSS-SPNEGO GSSAPI DIGEST-MD5 EXTERNAL NTLM CRAM-MD5 LOGIN PLAIN ANONYMOUS
List of client plugins follows
Plugin "gssapiv2" [loaded], API version: 4
SASL mechanism: GSS-SPNEGO, best SSF: 56
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN|SUPPORTS_HTTP
Plugin "gssapiv2" [loaded], API version: 4
SASL mechanism: GSSAPI, best SSF: 56
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN
Plugin "digestmd5" [loaded], API version: 4
SASL mechanism: DIGEST-MD5, best SSF: 128
security flags: NO_ANONYMOUS|NO_PLAINTEXT|MUTUAL_AUTH
features: PROXY_AUTHENTICATION|NEED_SERVER_FQDN|SUPPORTS_HTTP
Plugin "EXTERNAL" [loaded], API version: 4
SASL mechanism: EXTERNAL, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_DICTIONARY
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "ntlm" [loaded], API version: 4
SASL mechanism: NTLM, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT
features: WANT_CLIENT_FIRST|SUPPORTS_HTTP
Plugin "crammd5" [loaded], API version: 4
SASL mechanism: CRAM-MD5, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT
features: SERVER_FIRST
Plugin "login" [loaded], API version: 4
SASL mechanism: LOGIN, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: SERVER_FIRST
Plugin "plain" [loaded], API version: 4
SASL mechanism: PLAIN, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "anonymous" [loaded], API version: 4
SASL mechanism: ANONYMOUS, best SSF: 0
security flags: NO_PLAINTEXT
features: WANT_CLIENT_FIRST
Thanks for the update; changing status. Confirmed on Arch Linux too after the update to 17.04 from 16.12 Installed and properly configured SASL (client side) mechanisms are: [0/81]
SCRAM-SHA-1 DIGEST-MD5 EXTERNAL NTLM CRAM-MD5 LOGIN XOAUTH2 PLAIN ANONYMOUS
Available SASL (client side) mechanisms matching your criteria are:
SCRAM-SHA-1 DIGEST-MD5 EXTERNAL NTLM CRAM-MD5 LOGIN XOAUTH2 PLAIN ANONYMOUS
List of client plugins follows
Plugin "scram" [loaded], API version: 4
SASL mechanism: SCRAM-SHA-1, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|MUTUAL_AUTH
features: PROXY_AUTHENTICATION|CHANNEL_BINDING
Plugin "digestmd5" [loaded], API version: 4
SASL mechanism: DIGEST-MD5, best SSF: 128
security flags: NO_ANONYMOUS|NO_PLAINTEXT|MUTUAL_AUTH
features: PROXY_AUTHENTICATION|NEED_SERVER_FQDN|SUPPORTS_HTTP
Plugin "EXTERNAL" [loaded], API version: 4
SASL mechanism: EXTERNAL, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_DICTIONARY
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "ntlm" [loaded], API version: 4
SASL mechanism: NTLM, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT
features: WANT_CLIENT_FIRST|SUPPORTS_HTTP
Plugin "crammd5" [loaded], API version: 4
SASL mechanism: CRAM-MD5, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT
features: SERVER_FIRST
Plugin "login" [loaded], API version: 4
SASL mechanism: LOGIN, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: SERVER_FIRST
Plugin "kdexoauth2" [loaded], API version: 4
SASL mechanism: XOAUTH2, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "plain" [loaded], API version: 4
SASL mechanism: PLAIN, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "anonymous" [loaded], API version: 4
SASL mechanism: ANONYMOUS, best SSF: 0
security flags: NO_PLAINTEXT
features: WANT_CLIENT_FIRST
I'm also seeing that with master & openSUSE (using cyrus-sasl 2.1.26)
22:42:38 - akonadi_imap_resource_7(24511) - org.kde.pim.kimap: : Connection to server lost 0
22:42:38 - akonadi_imap_resource_7(24511) - org.kde.pim.imapresource: : Session login cancelled
22:42:38 - akonadi_imap_resource_7(24511) - KWallet::Wallet::openWallet: Pass a valid window to KWallet::Wallet::openWallet().
22:42:39 - akonadi_imap_resource_7(24511) - org.kde.pim.kimap: : sasl_client_start failed with: -4 "SASL(-4): no mechanism available: No worthy mechs found"
Installed and properly configured SASL (client side) mechanisms are:
SCRAM-SHA-1 GS2-IAKERB GS2-KRB5 GSSAPI GSS-SPNEGO DIGEST-MD5 EXTERNAL OTP CRAM-MD5 NTLM LOGIN PLAIN ANONYMOUS
Available SASL (client side) mechanisms matching your criteria are:
SCRAM-SHA-1 GS2-IAKERB GS2-KRB5 GSSAPI GSS-SPNEGO DIGEST-MD5 EXTERNAL OTP CRAM-MD5 NTLM LOGIN PLAIN ANONYMOUS
List of client plugins follows
Plugin "scram" [loaded], API version: 4
SASL mechanism: SCRAM-SHA-1, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|MUTUAL_AUTH
features: PROXY_AUTHENTICATION|CHANNEL_BINDING
Plugin "gs2" [loaded], API version: 4
SASL mechanism: GS2-IAKERB, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features: WANT_CLIENT_FIRST|NEED_SERVER_FQDN|GSS_FRAMING|CHANNEL_BINDING
Plugin "gs2" [loaded], API version: 4
SASL mechanism: GS2-KRB5, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features: WANT_CLIENT_FIRST|NEED_SERVER_FQDN|GSS_FRAMING|CHANNEL_BINDING
Plugin "gssapiv2" [loaded], API version: 4
SASL mechanism: GSSAPI, best SSF: 56
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN
Plugin "gssapiv2" [loaded], API version: 4
SASL mechanism: GSS-SPNEGO, best SSF: 56
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_ACTIVE|PASS_CREDENTIALS|MUTUAL_AUTH
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION|NEED_SERVER_FQDN|SUPPORTS_HTTP
Plugin "digestmd5" [loaded], API version: 4
SASL mechanism: DIGEST-MD5, best SSF: 128
security flags: NO_ANONYMOUS|NO_PLAINTEXT|MUTUAL_AUTH
features: PROXY_AUTHENTICATION|NEED_SERVER_FQDN|SUPPORTS_HTTP
Plugin "EXTERNAL" [loaded], API version: 4
SASL mechanism: EXTERNAL, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT|NO_DICTIONARY
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "otp" [loaded], API version: 4
SASL mechanism: OTP, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT|FORWARD_SECRECY
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "crammd5" [loaded], API version: 4
SASL mechanism: CRAM-MD5, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT
features: SERVER_FIRST
Plugin "ntlm" [loaded], API version: 4
SASL mechanism: NTLM, best SSF: 0
security flags: NO_ANONYMOUS|NO_PLAINTEXT
features: WANT_CLIENT_FIRST|SUPPORTS_HTTP
Plugin "login" [loaded], API version: 4
SASL mechanism: LOGIN, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: SERVER_FIRST
Plugin "plain" [loaded], API version: 4
SASL mechanism: PLAIN, best SSF: 0
security flags: NO_ANONYMOUS|PASS_CREDENTIALS
features: WANT_CLIENT_FIRST|PROXY_AUTHENTICATION
Plugin "anonymous" [loaded], API version: 4
SASL mechanism: ANONYMOUS, best SSF: 0
security flags: NO_PLAINTEXT
features: WANT_CLIENT_FIRST
(In reply to Christophe Giboudeaux from comment #6) > I'm also seeing that with master & openSUSE (using cyrus-sasl 2.1.26) > case solved here after exporting SASL_PATH to load the kdexoauth2 plugin from my local installation. Luis, your KDE installation is not finding the kdexoauth2 SASL plugin. The plugin must be installed in /usr/lib(64)/sasl2, or you have to point SASL_PATH environment variable to the location where the plugin is installed (if you compile into non-standard prefix for instance). Andrea had a different problem where due to migration issue the IMAP resource wasn't using the correct authentication mechanism, we sorted that our on IRC. Git commit c9ae16363e68d6958db0cd835cb0180b340594b5 by Daniel Vrátil. Committed on 22/04/2017 at 11:31. Pushed by dvratil into branch 'Applications/17.04'. [IMAP] Fix migration to new Gmail authentication Currently the settings would be migrated only if user opened the Settings dialog. The GmailPasswordRequester expects that the server settings is migrated correctly and always tries to authenticate via XOAUTH2, even if the configuration says "PLAIN" or other mechanism. This breaks login as we try to send XOAUTH2 tokens as PLAIN credentials. This change ensures that the encryption and auth mechanism settings is correctly migrated on resource startup. Related: bug 378857 M +12 -0 resources/imap/settings.cpp https://commits.kde.org/kdepim-runtime/c9ae16363e68d6958db0cd835cb0180b340594b5 There's a bug in Kubuntu/Neon packaging: https://bugs.kde.org/show_bug.cgi?id=379089 Closing as a downstream issue. |