[Dovecot] test67 ldap_connection

Andrew Hutchings info at a-wing.co.uk
Tue Apr 12 21:36:08 EEST 2005 

You might want to look back at my posts on the recent SQL auth problems,
sound very similar.

Regards
Andrew

On Tue, 2005-04-12 at 18:25 +0200, Thomas Hummel wrote:
> Hello,
> 
> I've been trying to figure out what's wrong with authentication
> against an ldap pass/user db with test67 as test62 was working fine.
> 
> 
> [ The problem is the same as previously described in this list :
> 
> - FreeBSD-5.3
> - dovecot-1.0-test67
> - openldap-2.1.27
> 
> --> "ldap(dovetest,127.0.0.1): No password in reply"
> --> "NO Temporary authentication failure."
> 
> or
> 
> --
> dovecot: Apr 12 18:22:41 Info: auth(default): client in: AUTH   1       PLAIN  service=IMAP     lip=157.99.64.42        rip=157.99.64.42
> dovecot: Apr 12 18:22:41 Info: auth(default): client out: CONT  1
> dovecot: Apr 12 18:22:41 Info: auth(default): client in: CONT   1       AGRvdmV0ZXN0AGZvbw==
> dovecot: Apr 12 18:22:41 Info: auth(default): ldap(dovetest,157.99.64.42): base=ou=personnes, dc=pasteur, dc=fr scope=subtree filter=(&(objectClass=posixAccount)(uid=dovetest)) fields=uid,homeDirectory,,,uidNumber,gidNumber
> dovecot: Apr 12 18:22:42 Info: auth(default): client in: AUTH   2       PLAIN  service=IMAP     lip=157.99.64.42        rip=157.99.64.42        resp=AGRvdmV0ZXN0AGZvbw==
> dovecot: Apr 12 18:22:42 Info: auth(default): ldap(dovetest,157.99.64.42): base=ou=personnes, dc=pasteur, dc=fr scope=subtree filter=(&(objectClass=posixAccount)(uid=dovetest)) fields=uid,homeDirectory,,,uidNumber,gidNumber
> 
> dovecot: Apr 12 18:22:42 Error: auth(default): ldap(dovetest,157.99.64.42): No password in reply
> dovecot: Apr 12 18:22:42 Error: auth(default): file passdb-ldap.c: line 122 (handle_request): assertion failed: (scheme != NULL)
> dovecot: Apr 12 18:22:42 Error: child 43147 (auth) killed with signal 6
> --
> 
> ]
> 
> I've noticed the following changes in the source code, and my
> understanding (which may be wrong) of my problem goes as follows :
> 
> - In test62, the 'attr_names' attribute array was defined outside the
>   'ldap_connection' struct, thus allowing 'passdb_ldap_conn' and
>   'userdb_ldap_conn' structs to have different array of such type.
> 
> - At the opposite, in test67, the 'attr_names' array is inside the
>   'ldap_connection'. As 'passdb_ldap_conn' and 'userdb_ldap_conn' are of
>   the 'ldap_connection' type and since the 'db_ldap_init' function
>   returns the existing ldap connection if it exists, the
>   'passdb_ldap_preinit' and 'usedb_ldap_preinit' will call the
>   'db_ldap_set_attrs' function on _the same_ 'ldap_connection' object.
> 
> - So when the 'db_ldap_search' function is called from the
>   'passdb-ldap.c:ldap_lookup_pass function, the 5th argument
>   (passdb_ldap_conn->attr_names) will point to the 'user_attrs'
>   instead of the 'pass_attrs', since userdb_preinit will have already
>   been called.
> 
> - I've also noticed the use of the 'attr_map' hash to store the
>   attribute/value pairs, but since it doesn't seems to be used when
>   calling 'ldap_lookup_pass', I guess the problem is somewhere else.
> 
> Can someone give me a clue ? Has someone successfully set up
> dovecot-1.0-test67 on a similar configuration ?
> 
> thanks
> 
> 
> 
--
Andrew Hutchings (A-Wing)
Linux Guru - Netserve Consultants Ltd. - www.domaincity.co.uk
Random BOFH excuse: T-1's congested due to porn traffic to the news
server.

More information about the dovecot mailing list