[Dovecot] [PATCH] auth: Fixed mech_winbind_ntlm by using mech_winbind_auth_initial()
Christian Wiese
chris at opensde.net
Wed Jan 12 20:23:19 EET 2011
Hi folks,
attached is a trivial patch which is fixing Winbind/NTLM authentication in
dovecot 2.0
series.
The patch was made against 2.0.8 sources, but there should be no problem
applying it
onto HEAD, because 'src/auth/mech-winbind.c' wasn't touched for quite some
time now ;)
I tested the patch with a dovecot 2.0.8 running on linux, authenticating
against a
WindowsServer 2008R2 Enterprise using ntlm_auth/winbind (from current
stable samba 3.5.6).
I successfully tested NTLM authentication for IMAP and POP3 (with and
without STARTTLS)
using following MUAs for the test:
- Thunderbird 3.1.7 (Linux X86-64)
- Outlook Express 6.00 (Windows XP Pro Qemu-KVM)
Cheers,
Chris
Patch Description:
In changeset 9002 a new function named mech_winbind_auth_initial() was
introduced, but only the mech_winbind_spnego module part was changed to
finally
use this function.
The mech_winbind_ntlm module part was not properly adapted which leads to
a non
functioning NTLM authentication mechanism while using winbind, because it
will
never call the `ntlm_auth` helper.
The simple fix is to replace mech_generic_auth_initial() with
mech_winbind_auth_initial() as auth_initial "hook" when setting up the
mech_winbind_ntlm module, like it is done in the mech_winbind_spnego
module.
References:
- Changeset 9002:
http://hg.dovecot.org/dovecot-2.0/diff/9d0037a997f4/src/auth/mech-winbind.c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-auth-mech_winbind_ntlm-use-mech_winbind_auth_initial.patch
Type: text/x-patch
Size: 1362 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20110112/6858cb50/attachment.bin
More information about the dovecot
mailing list