Hello everybody, I have a little and annoying problem that I hope you can help me to solve. I have a cyrus server with virtual domains. Everything works pretty well except that user authenticating without realm (people from the default domain) aren't authenticated as if they were from the defaultdomain but as if they were from the server FQDN. To fix idea, the default domain is lm7.fr and its FQDN (as returned by hostname --fqdn) is adagio.lm7.fr Its hostname is adagio (as returned by hostname without arguments) The user foo exists in /etc/sasldb2 as : - foo@xxxxxxxxxxxxx - foo@xxxxxx - foo@adagio Each of these entries as a difference passwords. The password that works is the one associated with adagio.lm7.fr I tried to look the code of libsasl a bit and found that sasldb_auxprop_lookup call _plug_parseuser which : - try to get the realm from the user - try to get the realm from another source given by sasldb_auxprop_lookup when the user don't specify any realm If none of these sources gives a realm, it uses the server FQDN. I expect the second source to be the defaultdomain but couldn't verify that as I was lost after many function pointers. What I found in the sasl code was more interesting. The default domain is put in config_defdomain variable which is then only used to ignore the domain in the userid sent if it is the defaultdomain. cyrus doesn't seem to give the default domain to the libsasl (it doesn't copy the value in config_defdomain anywhere) and delete the domain part when canonifying the userid if it is the default domain. Thus, I don't see how the libsasl, and a fortiori the auxprop plugin, could try to match the password against the password associated to foo@xxxxxx Did I miss something in my config and in the code or is it a bug (which may have been corrected since, as I'm using cyrus 2.2.13 found in Debian lenny). Thanks for your help. Best regards. Thomas Preud'homme
Attachment:
signature.asc
Description: This is a digitally signed message part.
---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
