[Dovecot] Large LDAP changes - testing needed

Timo Sirainen tss at iki.fi
Sun Nov 5 22:09:43 UTC 2006


On 5.11.2006, at 23.50, J.M. Maurer wrote:

>>> I understand this change was to fix an existing bug, but it  
>>> sounds like
>>> the change was far more than a simple bug fix. Major code rewrites,
>>> especially without any testing, don't seem right at this stage in  
>>> the game.
>>
>> In general I agree, but there wasn't any simple fix for this bug,  
>> except
>> to just tell people that auth_bind sort of works but not really. And
>> since so many people have wanted auth binds for a long time, I think
>> it's better to fix it now than to hear complains about it for a long
>> time.
>
> Did I miss something here? I did read some
> "maybe-there-is-a-memleak-issue" reports, but other than that, I  
> saw no
> auth_bind related issues. We ourselves use it quite heavily in
> production environments with no problems whatsoever.

The problem was the after a user gave an invalid password, no-one was  
then logged into the LDAP server so all the queries afterwards  
failed. Now I'm not sure if it's possible to configure the LDAP  
server to allow the queries even if no-one is logged in, I'd guess it  
is and maybe that's why it worked with you? Or if you were using  
auth_bind_userdn that also worked because no queries were done until  
a valid binding was done.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20061106/3abb8d89/attachment.pgp 


More information about the dovecot mailing list