[Dovecot] login fails when username has apostrophe
Karl Latiss
klatiss at nextdigital.com
Wed Jan 7 01:19:04 EET 2009
Sorry to bump so quickly but I have a handful of users who can't log in
at the moment and would like to get this fixed.
Am I missing a config option or is this a bug? The only reference I can
find in the mailing list archives is that this configuration should be
supported.
Karl.
--------------------------------------------------------------
Hi
I've added the apostrophe character to auth_username_chars however
authentication still fails. I'm using LDAP with the following details:
dovecot version 1.1.7
openldap client library 2.4.11
With auth_verbose = yes and auth_debug = yes set I see the following in
the logs. Note the initial escaped apostrophe and the subsequent escaped
escape in the filter!
----- start log -----
Jan 5 16:15:05 www-example1 dovecot: auth(default): client in: AUTH
1 PLAIN service=imap lip=10.1.1.180 rip=10.3.96.60
lport=143 rport=48733 resp=<hidden>
Jan 5 16:15:05 www-example1 dovecot: auth(default): ldap(julie.o
\'reilly at example.com,10.3.96.60): pass search: base=dc=example, dc=com
scope=subtree filter=(&(objectClass=qmailUser)(uid=julie.o\\'reilly))
field
s=mail,userPassword
Jan 5 16:15:05 www-example1 dovecot: auth(default): ldap(julie.o
\'reilly at example.com,10.3.96.60): unknown user
Jan 5 16:15:07 www-example1 dovecot: auth(default): client out: FAIL
1 user=julie.o\'reilly at example.com
failed, 1 attempts): user=<julie.o\'reilly at example.com>, method=PLAIN,
rip=10.3.96.60, lip=10.1.1.180
----- end log -----
Users without apostrophes can authenticate successfully. If I've missed
anything please let me know.
# dovecot -n
# 1.1.7: /usr/local/etc/dovecot.conf
# OS: FreeBSD 7.0-RELEASE amd64 ufs
protocols: imap
listen: 10.1.1.180
ssl_disable: yes
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable: /usr/local/libexec/dovecot/imap-login
login_greeting_capability: yes
verbose_proctitle: yes
first_valid_uid: 999
first_valid_gid: 999
mail_privileged_group: mail
mail_uid: 999
mail_gid: 999
mail_location: maildir:/usr/home/vmail/%Ld/%Ln
imap_client_workarounds: delay-newmail netscape-eoh tb-extra-mailbox-sep
auth default:
mechanisms: plain login
username_chars:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@'
username_format: %Lu
passdb:
driver: ldap
args: /usr/local/etc/dovecot-ldap.conf
userdb:
driver: ldap
args: /usr/local/etc/dovecot-ldap.conf
socket:
type: listen
client:
path: /var/run/dovecot/auth-client
mode: 432
master:
path: /var/run/dovecot/auth-master
mode: 384
user: vmail
# grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf
uris = ldap://www-example1:389
dn = uid=xxxx,dc=example,dc=com
dnpass = xxxx
sasl_bind = no
tls = no
auth_bind = no
ldap_version = 3
base = dc=example, dc=com
user_attrs = homeDirectory=home=/usr/home/vmail/%L
$,mailMessageStore=mail=maildir:/usr/home/vmail/%L$,=uid=999,=gid=999
user_filter = (&(objectClass=qmailUser)(uid=%n))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=qmailUser)(uid=%n))
default_pass_scheme = PLAIN
--
Karl Latiss <klatiss at nextdigital.com>
Next Digital
More information about the dovecot
mailing list