[Dovecot] login fails when username has apostrophe
Seth Mattinen
sethm at rollernet.us
Wed Jan 7 02:47:40 EET 2009
Karl Latiss wrote:
> On Tue, 2009-01-06 at 16:04 -0800, Seth Mattinen wrote:
>> Karl Latiss wrote:
>>> On Tue, 2009-01-06 at 18:33 -0500, Timo Sirainen wrote:
>>>> On Wed, 2009-01-07 at 10:19 +1100, Karl Latiss wrote:
>>>>> Jan 5 16:15:05 www-example1 dovecot: auth(default): ldap(julie.o
>>>>> \'reilly at example.com,10.3.96.60): pass search: base=dc=example, dc=com
>>>>> scope=subtree filter=(&(objectClass=qmailUser)(uid=julie.o\\'reilly))
>>>>> field
>>>>> s=mail,userPassword
>>>> I think it should be julie.o\\\'reilly in there. Have to check why.
>>>>
>>>>> Jan 5 16:15:07 www-example1 dovecot: auth(default): client out: FAIL
>>>>> 1 user=julie.o\'reilly at example.com
>>>>> failed, 1 attempts): user=<julie.o\'reilly at example.com>, method=PLAIN,
>>>> But I think your client (PHP webmail with automatic slashing enabled?)
>>>> is sending the initial \ here. Try logging in manually with telnet to
>>>> make sure.
>>> The previous log output is with me telnetting in manually, however the
>>> webmail software (roundcube) produces the same results.
>>>
>>
>> It's not an apostrophe - it's an unmatched quote. You'll probably get
>> faster results by changing to logins that don't anger input string
>> sanity checks. Otherwise, be prepared to wait a while for a solution.
>> Probably not what you want to hear, but if you have people knocking down
>> the door over this problem, you're going to have to use what will work.
>>
>> ~Seth
>
> I understand how it could be interpreted as an unmatched quote but
> according to Timo
> (http://www.mail-archive.com/dovecot@dovecot.org/msg09489.html) this
> should work.
>
> At any rate since the user database is provided by the client from their
> (various) systems it's unlikely I will be able to change user names.
>
Try a different auth method.
~Seth
More information about the dovecot
mailing list