auth_bind with "()" in username not working
Matthias Lay
matthias.lay at securepoint.de
Fri Jun 24 08:33:51 UTC 2016
Hi again,
did some more tseting on this.
I think the problem is the ldap userlookup, where "("s are evil and
have to be quoted, but these quotes should be removed for the bind
request.
I get my usernames from ldap with a filter like this
user_filter = (sAMAccountName=%Ln)
so I think in between this to steps is the problem.
For testing I hard coded the username for auth_bind and compared strace
output from the auth process
auth_bind_userdn = "spdev\\claasc (test)"
this works fine. strace output from imap login
write(26, "0+\2\1\2`&\2\1\3\4\23spdev\\claasc
(test)\200\fHubertHans99", 45)
compared to
auth_bind_userdn = "spdev\\%Ln"
which gives
write(26, "0-\2\1\2`(\2\1\3\4\25spdev\\claasc
\\(test\\)\200\fHubertHans99", 47)
and wrong credentials
nobody else encountering similar problems? maybe the "()" are the only
chars making problems at this point
Greetz Matze
More information about the dovecot
mailing list