Re: Passwords containing backslash - problem.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Citando Dan White <dwhite@xxxxxxx>:

On 19/07/11 16:50 -0300, Lauro Costa G. Borges wrote:

 Hi,

 I am using

-----
libsasl2-2 v2.1.23.dfsg1-5ubuntu1
libsasl2-modules v2.1.23.dfsg1-5ubuntu1
libsasl2-modules-ldap v2.1.23.dfsg1-5ubuntu1
sasl2-bin v2.1.23.dfsg1-5ubuntu1
-----

 and I noticed that when users have a password containing a backslash
or a double backslash, it is not correctly handled by saslauthd (I think).

 My 1st scenario is: users connect to Webmail, which connects to
imapproxy, and then, imap server. This works ok, saslauthd is not used.

 My 2nd scenario is: users try to send mails using Roundcube, which
connects to smtp server (Postfix), and Postfix uses saslauthd. This
does not work.

 The same password works when connecting directly to imapproxy or
imap, or even to webmail (just to check mails, not to send them).

 Even testsaslauthd -u -p does not work. I tried:

  testsaslauthd -u username -p "somechars\morechars" (user has a pw
with 1 backslash)

   testsaslauthd -u username -p "somechars\\morechars" (user has a pw
with 1 backslash)

   testsaslauthd -u username -p somechars\\morechars (user has a pw
with 1 backslash)

   testsaslauthd -u username -p somechars\\morechars (user has a pw
with 2 backslashes)


 Does saslauthd handle backslashes ok for the rest of you? Cause it
doesn't seem to handle it with testsaslauthd or as a Postfix auth daemon.

I can't reproduce this problem while using the PAM backend. Which saslauthd
backend are you using? If relevant, what sasl configuration is your imap
server using?

Both of these work for me:

testsaslauthd -u username -p 'test\1234'
testsaslauthd -u username -p test\\1234

Where the password is:

test\1234

--
Dan White

  Hi,

Saslauthd at the smtp server uses RIMAP as the backend, and the remote imap server to which it connects (Dovecot) does not use saslauthd, it uses LDAP. As I said before, this imap server can understand backslashes in the password, since I successfully authenticated on it using telnet.

 Thanks



----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.





[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux