Dict protocol changes string

Nagy, Attila bra at fsn.hu
Mon Mar 13 13:28:34 UTC 2017 

Hi,

On 03/13/2017 09:25 AM, Aki Tuomi wrote:
>
> On 28.02.2017 17:59, Nagy, Attila wrote:
>> On 09/23/2016 08:05 AM, Aki Tuomi wrote:
>>> On 29.07.2016 15:35, Nagy, Attila wrote:
>>>> I use pass and userdb with dict protocol in a similar way:
>>>>
>>>> key passdb {
>>>>     key = passdb^MAuth-User: %u^MAuth-Pass: %w^MAuth-Protocol:
>>>> %s^MClient-IP: %r
>>>>     format = json
>>>> }
>>>>
>>>> (^M is an \r character, inserted with vi CTRL-v + enter)
>>>>
>>>> Until 2.2.24 this has worked, but 2.2.25 seems to convert that ASCII
>>>> 13 into an ASCII 1 and an "r".
>>>>
>>>> Python printout from what I get with 2.2.25:
>>>>
>>>> 'Lshared/passdb\x01rAuth-User: user\x01rAuth-Pass:
>>>> pass\x01rAuth-Protocol: pop3\x01rClient-IP: 1.2.3.4'
>>>>
>>>> Is this change intentional? Why?
>>> Hi!
>>>
>>> Dict protocol escapes you newlines. You are expected to de-escape them
>>> yourself.
>>>
>>> Following escapes are done, you can de-escape them with your client.
>>>
>>> \x00 => \x10
>>> \x01 => \x11
>>> \t => \x1t
>>> \r => \x1r
>>> \n => \x1n
>>>
>>>
>> Following up on this: dovecot 2.2.27 and 2.2.28 goes even further
>> (2.2.25 was OK).
>> If a user specifies a password with a % in it, dovecot silently
>> truncates it.
>> So for example if I specify (just to check this simple example is also
>> bad):
>> key passdb {
>>    key = %w
>>    format = json
>> }
>>
>> and a user tries to log in with the password 'Lofasznehogyma%',
>> dovecot sends the following into the dict socket:
>> 'Lshared/Lofasznehogyma'
>>
>> According to user reports, other characters may also be affected.
>>
>> Could you please fix this?
> Hi!
>
> Can you try this?
>
> https://github.com/dovecot/core/commit/000030feb7a30f193197f1aab8a7b04a26b42735.patch
>
> Aki
I use 2.2.28, so I've actually tried this:
--- work/dovecot-2.2.28/src/auth/db-dict.c    2017-03-13 
13:47:09.406931000 +0100
+++ work/dovecot-2.2.28/src/auth/db-dict.c.orig    2017-03-13 
13:45:47.903461000 +0100
@@ -408,7 +408,7 @@
              continue;

          str_truncate(path, strlen(DICT_PATH_SHARED));
-        str_append(path, key->key->key);
+        var_expand(path, key->key->key, iter->var_expand_table);
          ret = dict_lookup(iter->conn->dict, iter->pool,
                    str_c(path), &key->value);
          if (ret > 0) {

So far it looks ok.

Thanks,

More information about the dovecot mailing list