plain authentication fails if userid and authid differ

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello list,

I recently tried to upgrade the first of my mail systems from debian squeeze to wheezy and discovered that something within sasl was broken. I tracked down the problem to bug-id 3590 patched the sasl libs (2.1.25 in wheezy) and it seemed to work. But before I'm going to continue: Meanwhile I spent some time to rebuilt the current sasl release 2.1.26 an all it's dependencies but my problem remains.

When doing a "plain" authentication in a setup using saslauthd without configured auxprop modules (as described in https://bugzilla.cyrusimap.org/show_bug.cgi?id=3590) everything if fine as long as userid and authid are the same:

imtest -u test -a test -w Password -v -m plain 127.0.0.1
works just fine.

But if userid and authid differ, sasl will behave similar as before the the patch. All this worked fine with sasl 2.1.23 (which was in squeeze). Did something changed in the configuration or is there still a bug somewhere?

The base64 encoded sting is:
"test\0cyrus\0Password"

telnet localhost 4190
Trying ::1...
Connected to localhost.
Escape character is '^]'.
"IMPLEMENTATION" "Cyrus timsieved v2.4.16-Debian-2.4.16-4+deb7u1"
"SASL" "PLAIN LOGIN"
"SIEVE" "comparator-i;ascii-numeric fileinto reject vacation imapflags notify envelope relational regex subaddress copy"
"STARTTLS"
"UNAUTHENTICATE"
OK
AUTHENTICATE "PLAIN" {28+}
dGVzdABjeXJ1cwBQYXNzd29yZA=='
NO "Authentication Error"

syslog:
Dec 21 22:32:40 ourea cyrus/master[17707]: about to exec /usr/lib/cyrus/bin/timsieved
Dec 21 22:32:40 ourea cyrus/sieve[17707]: executed
Dec 21 22:32:40 ourea cyrus/sieve[17707]: accepted connection
Dec 21 22:32:40 ourea cyrus/sieve[17707]: badlogin: localhost[127.0.0.1] PLAIN no mechanism available

doing the same with:
"test\0test\0Password"
-->
AUTHENTICATE "PLAIN" {24+}
dGVzdAB0ZXN0AFBhc3N3b3Jk
will work

I hope you can help, since the whole ubuntu comunity uses as a workaround to revert to 2.1.23 and thats an ugly hack and not applicable to debian wheezy unless one spends a lot of time figuring out why it doesn't build.

Best regards,
Christian




[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux