[Dovecot] login fails when username has apostrophe

Karl Latiss klatiss at nextdigital.com
Wed Jan 7 23:50:36 EET 2009


On Wed, 2009-01-07 at 16:31 -0500, Timo Sirainen wrote:
> On Thu, 2009-01-08 at 08:27 +1100, Karl Latiss wrote:
> > On Wed, 2009-01-07 at 11:09 -0800, Scott Silva wrote:
> > > on 1-7-2009 9:26 AM Timo Sirainen spake the following:
> > > > On Wed, 2009-01-07 at 12:12 -0500, Timo Sirainen wrote:
> > > >>>> The previous log output is with me telnetting in manually, however the
> > > >>>> webmail software (roundcube) produces the same results.
> > > >>> That's weird. I'll try to reproduce it tomorrow. I don't have a  
> > > >>> working LDAP server setup currently though. Ubuntu slapd config looks  
> > > >>> weird.
> > > >> Works fine here with the current v1.1 hg (but I don't remember having
> > > >> done any fixes related to LDAP for a long time):
> > > >>
> > > >> * OK Dovecot ready.
> > > >> x login "a'b" pass
> > > >> x OK Logged in.
> > > > 
> > > > Also I'm a bit surprised that I've managed to get escaping working with
> > > > all special LDAP characters without having it tested before:
> > > > 
> > > > imap-login: Login: user=<a\(*),.b>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
> > > > 
> > > I wonder if the OP has a character set or encoding issue?
> > > 
> > > 
> > My dovecot package has a dependency on libiconv-1.11_1. Could that have
> > something to do with it?
> 
> No. You have several extra \ characters in the logs and they just
> shouldn't be there unless the client sent them. Set
> auth_debug_passwords=yes and paste the full logs when logging in? (Use a
> password that isn't important.)

That doesn't look any different...

Jan  8 08:39:22 www-example1 dovecot: auth(default): client in: AUTH
1       PLAIN   service=imap    secured lip=127.0.0.1   rip=127.0.0.1
lport=143       rport=63870
resp=AGp1bGllLm8ncmVpbGx5QHFmY3Jldy5jb20ANTcyMjIz
Jan  8 08:39:22 www-example1 dovecot: auth(default): ldap(julie.o
\'reilly at example.com,127.0.0.1): pass search: base=dc=example, dc=com
scope=subtree filter=(&(objectClass=qmailUser)(uid=julie.o\\'reilly))
fields=mail,userPassword
Jan  8 08:39:22 www-example1 dovecot: auth(default): ldap(julie.o
\'reilly at example.com,127.0.0.1): unknown user
Jan  8 08:39:24 www-example1 dovecot: auth(default): client out: FAIL
1       user=julie.o\'reilly at example.com
Jan  8 08:39:28 www-example1 dovecot: imap-login: Aborted login (auth
failed, 1 attempts): user=<julie.o\'reilly at example.com>, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, secured

Karl.



More information about the dovecot mailing list