[Dovecot] login fails when username has apostrophe
Hi
I've added the apostrophe character to auth_username_chars however authentication still fails. I'm using LDAP with the following details:
dovecot version 1.1.7 openldap client library 2.4.11
With auth_verbose = yes and auth_debug = yes set I see the following in the logs. Note the initial escaped apostrophe and the subsequent escaped escape in the filter!
----- start log ----- Jan 5 16:15:05 www-example1 dovecot: auth(default): client in: AUTH 1 PLAIN service=imap lip=10.1.1.180 rip=10.3.96.60 lport=143 rport=48733 resp=<hidden>
Jan 5 16:15:05 www-example1 dovecot: auth(default): ldap(julie.o \'reilly@example.com,10.3.96.60): pass search: base=dc=example, dc=com scope=subtree filter=(&(objectClass=qmailUser)(uid=julie.o\\'reilly)) field s=mail,userPassword
Jan 5 16:15:05 www-example1 dovecot: auth(default): ldap(julie.o \'reilly@example.com,10.3.96.60): unknown user
Jan 5 16:15:07 www-example1 dovecot: auth(default): client out: FAIL 1 user=julie.o\'reilly@example.com failed, 1 attempts): user=<julie.o\'reilly@example.com>, method=PLAIN, rip=10.3.96.60, lip=10.1.1.180 ----- end log -----
Users without apostrophes can authenticate successfully. If I've missed anything please let me know.
# dovecot -n # 1.1.7: /usr/local/etc/dovecot.conf # OS: FreeBSD 7.0-RELEASE amd64 ufs protocols: imap listen: 10.1.1.180 ssl_disable: yes disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable: /usr/local/libexec/dovecot/imap-login login_greeting_capability: yes verbose_proctitle: yes first_valid_uid: 999 first_valid_gid: 999 mail_privileged_group: mail mail_uid: 999 mail_gid: 999 mail_location: maildir:/usr/home/vmail/%Ld/%Ln imap_client_workarounds: delay-newmail netscape-eoh tb-extra-mailbox-sep auth default: mechanisms: plain login username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@' username_format: %Lu passdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf userdb: driver: ldap args: /usr/local/etc/dovecot-ldap.conf socket: type: listen client: path: /var/run/dovecot/auth-client mode: 432 master: path: /var/run/dovecot/auth-master mode: 384 user: vmail
# grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf uris = ldap://www-example1:389 dn = uid=xxxx,dc=example,dc=com dnpass = xxxx sasl_bind = no tls = no auth_bind = no ldap_version = 3 base = dc=example, dc=com user_attrs = homeDirectory=home=/usr/home/vmail/%L $,mailMessageStore=mail=maildir:/usr/home/vmail/%L$,=uid=999,=gid=999 user_filter = (&(objectClass=qmailUser)(uid=%n)) pass_attrs = mail=user,userPassword=password pass_filter = (&(objectClass=qmailUser)(uid=%n)) default_pass_scheme = PLAIN
-- Karl Latiss <klatiss@nextdigital.com> Next Digital
participants (1)
-
Karl Latiss