[Dovecot] cache_key assertion error 1.0.rc15

Frank Cusack fcusack at fcusack.com
Mon Nov 20 23:54:24 UTC 2006


On November 20, 2006 1:53:59 PM -0800 Frank Cusack <fcusack at fcusack.com> 
wrote:
> Here is my first go at fixing it.  It almost works.
>
> - cache is initialized correctly
> - user password is cached correctly until ttl expires
>
> Once the ttl expires, dovecot attempts to use the cached password to
> authenticate.  This fails in my environment.  Then (after trying PAM
> with the cached password, even though ttl has expired) dovecot prompts
> the user for the password, however it never sends the request to PAM.
>
> Some combination of waiting and trying again gets it working again, I
> haven't quite figure that one out.  Might be waiting for the ttl expiry
> on the second (failed) request.
>
> I think the after-ttl-expiry problems are due to a broken cache
> implementation, not really a problem with my patch.  But maybe I need to
> do something to clear the cache?  I didn't see anything like that in
> passdb-passwd.c.

Nope, it was my fault.

a) I was saving the user's entered password in the cache, not the correct
   password as known to pam
b) I didn't need to save it explicitly, this is done already.  Saving
   it explicitly was refreshing the cache (with the wrong password),
   I think.

Here is a simpler patch which just initializes default_pass_scheme.
Also I removed the code which allows changing of the username ...
since that code runs in the child and does nothing AFAICT.
Maybe that part of my patch is broken though.

works for me ...

-frank
-------------- next part --------------
--- dovecot-1.0.beta15/src/auth/passdb-pam.c.orig	2006-11-20 15:40:06.495181000 -0800
+++ dovecot-1.0.beta15/src/auth/passdb-pam.c	2006-11-20 15:42:00.364356000 -0800
@@ -59,6 +59,8 @@ typedef linux_const void *pam_item_t;
 #  define USERPASS_USER_FIXED		3
 #endif
 
+#define PAM_PASS_SCHEME "PLAIN"
+
 struct pam_passdb_module {
 	struct passdb_module module;
 
@@ -219,14 +221,6 @@ static int pam_auth(struct auth_request 
 	        }
 	}
 
-	status = pam_get_item(pamh, PAM_USER, (linux_const void **)&item);
-	if (status != PAM_SUCCESS) {
-		*error = t_strdup_printf("pam_get_item() failed: %s",
-					 pam_strerror(pamh, status));
-		return status;
-	}
-        auth_request_set_field(request, "user", item, NULL);
-
 	return PAM_SUCCESS;
 }
 
@@ -474,10 +468,11 @@ pam_preinit(struct auth_passdb *auth_pas
 	return &module->module;
 }
 
-static void pam_init(struct passdb_module *_module __attr_unused__,
+static void pam_init(struct passdb_module *_module,
 		     const char *args __attr_unused__)
 {
 	lib_signals_set_handler(SIGCHLD, TRUE, sigchld_handler, NULL);
+	_module->default_pass_scheme = PAM_PASS_SCHEME;
 }
 
 static void pam_deinit(struct passdb_module *_module __attr_unused__)


More information about the dovecot mailing list