[Dovecot] login fails when username has apostrophe

Karl Latiss klatiss at nextdigital.com
Wed Jan 7 23:23:04 EET 2009


On Wed, 2009-01-07 at 12:12 -0500, Timo Sirainen wrote:
> On Wed, 2009-01-07 at 00:08 -0500, Timo Sirainen wrote:
> > On Jan 6, 2009, at 6:47 PM, Karl Latiss wrote:
> > 
> > > On Tue, 2009-01-06 at 18:33 -0500, Timo Sirainen wrote:
> > >> On Wed, 2009-01-07 at 10:19 +1100, Karl Latiss wrote:
> > >>> Jan  5 16:15:05 www-example1 dovecot: auth(default): ldap(julie.o
> > >>> \'reilly at example.com,10.3.96.60): pass search: base=dc=example,  
> > >>> dc=com
> > >>> scope=subtree filter=(&(objectClass=qmailUser)(uid=julie.o\ 
> > >>> \'reilly))
> > >>> field
> > >>> s=mail,userPassword
> > >>
> > >> I think it should be julie.o\\\'reilly in there. Have to check why.
> > >>
> > >>> Jan  5 16:15:07 www-example1 dovecot: auth(default): client out:  
> > >>> FAIL
> > >>> 1       user=julie.o\'reilly at example.com
> > >>> failed, 1 attempts): user=<julie.o\'reilly at example.com>,  
> > >>> method=PLAIN,
> > >>
> > >> But I think your client (PHP webmail with automatic slashing  
> > >> enabled?)
> > >> is sending the initial \ here. Try logging in manually with telnet to
> > >> make sure.
> > >
> > > The previous log output is with me telnetting in manually, however the
> > > webmail software (roundcube) produces the same results.
> > 
> > That's weird. I'll try to reproduce it tomorrow. I don't have a  
> > working LDAP server setup currently though. Ubuntu slapd config looks  
> > weird.
> 
> Works fine here with the current v1.1 hg (but I don't remember having
> done any fixes related to LDAP for a long time):
> 
> * OK Dovecot ready.
> x login "a'b" pass
> x OK Logged in.
> 
> dovecot: Jan 07 12:10:29 Info: auth(default): new auth connection: pid=12264
> dovecot: Jan 07 12:10:31 Info: auth(default): client in: AUTH	1	PLAIN	service=imap	secured	lip=127.0.0.1	rip=127.0.0.1	lport=143	rport=34122	resp=<hidden>
> dovecot: Jan 07 12:10:31 Info: auth(default): ldap(a'b,127.0.0.1): pass search: base=ou=dovecot, dc=domain, dc=org scope=subtree filter=(&(objectClass=posixAccount)(uid=a'b)) fields=uid,userPassword
> dovecot: Jan 07 12:10:31 Info: auth(default): ldap(a'b,127.0.0.1): result: uid(user)=a'b userPassword(password)=<hidden>
> dovecot: Jan 07 12:10:31 Info: auth(default): client out: OK	1	user=a'b
> dovecot: Jan 07 12:10:31 Info: auth(default): master in: REQUEST	3	12257	1
> dovecot: Jan 07 12:10:31 Info: auth(default): ldap(a'b,127.0.0.1): user search: base=ou=dovecot, dc=domain, dc=org scope=subtree filter=(&(objectClass=posixAccount)(uid=a'b)) fields=homeDirectory,uidNumber,gidNumber
> dovecot: Jan 07 12:10:31 Info: auth(default): ldap(a'b,127.0.0.1): result: uidNumber(uid)=1000 gidNumber(gid)=1000 homeDirectory(home)=/home/tss
> dovecot: Jan 07 12:10:31 Info: auth(default): master out: USER	3	a'b	uid=1000	gid=1000	home=/home/tss
> dovecot: Jan 07 12:10:31 Info: imap-login: Login: user=<a'b>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured

Where else can I look? This version was compiled on FreeBSD 7.0 64 bit
using the ports system with the following configure options:

--localstatedir=/var \
--with-statedir=/var/db/dovecot \
--without-shadow \
--with-ioloop=kqueue \
--without-gssapi \
--without-vpopmail \
--with-ldap \
--without-pgsql \
--without-mysql \
--without-sqlite

The openldap libraries used were openldap-client-2.4.11

Karl.




More information about the dovecot mailing list