[Dovecot] login fails when username has apostrophe

Karl Latiss klatiss at nextdigital.com
Wed Jan 7 05:38:57 EET 2009


On Tue, 2009-01-06 at 16:47 -0800, Seth Mattinen wrote:
> Karl Latiss wrote:
> > On Tue, 2009-01-06 at 16:04 -0800, Seth Mattinen wrote:
> >> Karl Latiss wrote:
> >>> On Tue, 2009-01-06 at 18:33 -0500, Timo Sirainen wrote:
> >>>> On Wed, 2009-01-07 at 10:19 +1100, Karl Latiss wrote:
> >>>>> Jan  5 16:15:05 www-example1 dovecot: auth(default): ldap(julie.o
> >>>>> \'reilly at example.com,10.3.96.60): pass search: base=dc=example, dc=com
> >>>>> scope=subtree filter=(&(objectClass=qmailUser)(uid=julie.o\\'reilly))
> >>>>> field
> >>>>> s=mail,userPassword
> >>>> I think it should be julie.o\\\'reilly in there. Have to check why.
> >>>>
> >>>>> Jan  5 16:15:07 www-example1 dovecot: auth(default): client out: FAIL
> >>>>> 1       user=julie.o\'reilly at example.com
> >>>>> failed, 1 attempts): user=<julie.o\'reilly at example.com>, method=PLAIN,
> >>>> But I think your client (PHP webmail with automatic slashing enabled?)
> >>>> is sending the initial \ here. Try logging in manually with telnet to
> >>>> make sure.
> >>> The previous log output is with me telnetting in manually, however the
> >>> webmail software (roundcube) produces the same results.
> >>>
> >>
> >> It's not an apostrophe - it's an unmatched quote. You'll probably get 
> >> faster results by changing to logins that don't anger input string 
> >> sanity checks. Otherwise, be prepared to wait a while for a solution. 
> >> Probably not what you want to hear, but if you have people knocking down 
> >> the door over this problem, you're going to have to use what will work.
> >>
> >> ~Seth
> > 
> > I understand how it could be interpreted as an unmatched quote but
> > according to Timo
> > (http://www.mail-archive.com/dovecot@dovecot.org/msg09489.html) this
> > should work.
> > 
> > At any rate since the user database is provided by the client from their
> > (various) systems it's unlikely I will be able to change user names.
> > 
> 
> 
> Try a different auth method.
> 

Do you mean try MySQL or PAM  etc? I may be able to do that on another
install however this project requires user accounts to be stored in LDAP
so will need LDAP auth working one way or another.

Karl.


More information about the dovecot mailing list