[Dovecot] login fails when username has apostrophe
Karl Latiss
klatiss at nextdigital.com
Wed Jan 7 23:23:04 EET 2009
On Wed, 2009-01-07 at 12:12 -0500, Timo Sirainen wrote:
> On Wed, 2009-01-07 at 00:08 -0500, Timo Sirainen wrote:
> > On Jan 6, 2009, at 6:47 PM, Karl Latiss wrote:
> >
> > > On Tue, 2009-01-06 at 18:33 -0500, Timo Sirainen wrote:
> > >> On Wed, 2009-01-07 at 10:19 +1100, Karl Latiss wrote:
> > >>> Jan 5 16:15:05 www-example1 dovecot: auth(default): ldap(julie.o
> > >>> \'reilly at example.com,10.3.96.60): pass search: base=dc=example,
> > >>> dc=com
> > >>> scope=subtree filter=(&(objectClass=qmailUser)(uid=julie.o\
> > >>> \'reilly))
> > >>> field
> > >>> s=mail,userPassword
> > >>
> > >> I think it should be julie.o\\\'reilly in there. Have to check why.
> > >>
> > >>> Jan 5 16:15:07 www-example1 dovecot: auth(default): client out:
> > >>> FAIL
> > >>> 1 user=julie.o\'reilly at example.com
> > >>> failed, 1 attempts): user=<julie.o\'reilly at example.com>,
> > >>> method=PLAIN,
> > >>
> > >> But I think your client (PHP webmail with automatic slashing
> > >> enabled?)
> > >> is sending the initial \ here. Try logging in manually with telnet to
> > >> make sure.
> > >
> > > The previous log output is with me telnetting in manually, however the
> > > webmail software (roundcube) produces the same results.
> >
> > That's weird. I'll try to reproduce it tomorrow. I don't have a
> > working LDAP server setup currently though. Ubuntu slapd config looks
> > weird.
>
> Works fine here with the current v1.1 hg (but I don't remember having
> done any fixes related to LDAP for a long time):
>
> * OK Dovecot ready.
> x login "a'b" pass
> x OK Logged in.
>
> dovecot: Jan 07 12:10:29 Info: auth(default): new auth connection: pid=12264
> dovecot: Jan 07 12:10:31 Info: auth(default): client in: AUTH 1 PLAIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=143 rport=34122 resp=<hidden>
> dovecot: Jan 07 12:10:31 Info: auth(default): ldap(a'b,127.0.0.1): pass search: base=ou=dovecot, dc=domain, dc=org scope=subtree filter=(&(objectClass=posixAccount)(uid=a'b)) fields=uid,userPassword
> dovecot: Jan 07 12:10:31 Info: auth(default): ldap(a'b,127.0.0.1): result: uid(user)=a'b userPassword(password)=<hidden>
> dovecot: Jan 07 12:10:31 Info: auth(default): client out: OK 1 user=a'b
> dovecot: Jan 07 12:10:31 Info: auth(default): master in: REQUEST 3 12257 1
> dovecot: Jan 07 12:10:31 Info: auth(default): ldap(a'b,127.0.0.1): user search: base=ou=dovecot, dc=domain, dc=org scope=subtree filter=(&(objectClass=posixAccount)(uid=a'b)) fields=homeDirectory,uidNumber,gidNumber
> dovecot: Jan 07 12:10:31 Info: auth(default): ldap(a'b,127.0.0.1): result: uidNumber(uid)=1000 gidNumber(gid)=1000 homeDirectory(home)=/home/tss
> dovecot: Jan 07 12:10:31 Info: auth(default): master out: USER 3 a'b uid=1000 gid=1000 home=/home/tss
> dovecot: Jan 07 12:10:31 Info: imap-login: Login: user=<a'b>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Where else can I look? This version was compiled on FreeBSD 7.0 64 bit
using the ports system with the following configure options:
--localstatedir=/var \
--with-statedir=/var/db/dovecot \
--without-shadow \
--with-ioloop=kqueue \
--without-gssapi \
--without-vpopmail \
--with-ldap \
--without-pgsql \
--without-mysql \
--without-sqlite
The openldap libraries used were openldap-client-2.4.11
Karl.
More information about the dovecot
mailing list